Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-89jv-kym3-gqdh
Summaryopenstack-mistral: information disclosure in mistral log
Aliases
0
alias CVE-2019-3866
Fixed_packages
0
url pkg:deb/debian/mistral@5.1.0-2?distro=trixie
purl pkg:deb/debian/mistral@5.1.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@5.1.0-2%3Fdistro=trixie
1
url pkg:deb/debian/mistral@7.0.0-2
purl pkg:deb/debian/mistral@7.0.0-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-am12-sa1d-27ef
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@7.0.0-2
2
url pkg:deb/debian/mistral@11.0.0-2?distro=trixie
purl pkg:deb/debian/mistral@11.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@11.0.0-2%3Fdistro=trixie
3
url pkg:deb/debian/mistral@15.0.0-1?distro=trixie
purl pkg:deb/debian/mistral@15.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@15.0.0-1%3Fdistro=trixie
4
url pkg:deb/debian/mistral@20.0.0-2?distro=trixie
purl pkg:deb/debian/mistral@20.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@20.0.0-2%3Fdistro=trixie
5
url pkg:deb/debian/mistral@22.0.0~rc1-3?distro=trixie
purl pkg:deb/debian/mistral@22.0.0~rc1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@22.0.0~rc1-3%3Fdistro=trixie
6
url pkg:deb/debian/mistral@22.0.0-1?distro=trixie
purl pkg:deb/debian/mistral@22.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@22.0.0-1%3Fdistro=trixie
7
url pkg:deb/debian/python-mistral-lib@1.2.0-3?distro=trixie
purl pkg:deb/debian/python-mistral-lib@1.2.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-mistral-lib@1.2.0-3%3Fdistro=trixie
8
url pkg:deb/debian/python-mistral-lib@2.3.0-2
purl pkg:deb/debian/python-mistral-lib@2.3.0-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-mistral-lib@2.3.0-2
9
url pkg:deb/debian/python-mistral-lib@2.3.0-2?distro=trixie
purl pkg:deb/debian/python-mistral-lib@2.3.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-mistral-lib@2.3.0-2%3Fdistro=trixie
10
url pkg:deb/debian/python-mistral-lib@2.7.0-2?distro=trixie
purl pkg:deb/debian/python-mistral-lib@2.7.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-mistral-lib@2.7.0-2%3Fdistro=trixie
11
url pkg:deb/debian/python-mistral-lib@3.3.1-2?distro=trixie
purl pkg:deb/debian/python-mistral-lib@3.3.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-mistral-lib@3.3.1-2%3Fdistro=trixie
12
url pkg:deb/debian/python-mistral-lib@3.5.1-3?distro=trixie
purl pkg:deb/debian/python-mistral-lib@3.5.1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-mistral-lib@3.5.1-3%3Fdistro=trixie
13
url pkg:deb/debian/python-oslo.utils@3.41.3-1?distro=trixie
purl pkg:deb/debian/python-oslo.utils@3.41.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-oslo.utils@3.41.3-1%3Fdistro=trixie
14
url pkg:deb/debian/python-oslo.utils@4.6.0-2
purl pkg:deb/debian/python-oslo.utils@4.6.0-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ed1c-yhw8-hfh8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-oslo.utils@4.6.0-2
15
url pkg:deb/debian/python-oslo.utils@4.6.0-2?distro=trixie
purl pkg:deb/debian/python-oslo.utils@4.6.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-oslo.utils@4.6.0-2%3Fdistro=trixie
16
url pkg:deb/debian/python-oslo.utils@6.0.1-2?distro=trixie
purl pkg:deb/debian/python-oslo.utils@6.0.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-oslo.utils@6.0.1-2%3Fdistro=trixie
17
url pkg:deb/debian/python-oslo.utils@8.2.0-4?distro=trixie
purl pkg:deb/debian/python-oslo.utils@8.2.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-oslo.utils@8.2.0-4%3Fdistro=trixie
18
url pkg:deb/debian/python-oslo.utils@9.1.0-5?distro=trixie
purl pkg:deb/debian/python-oslo.utils@9.1.0-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-oslo.utils@9.1.0-5%3Fdistro=trixie
19
url pkg:deb/debian/python-oslo.utils@10.0.0-3?distro=trixie
purl pkg:deb/debian/python-oslo.utils@10.0.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-oslo.utils@10.0.0-3%3Fdistro=trixie
20
url pkg:deb/debian/python-oslo.utils@10.0.1-1?distro=trixie
purl pkg:deb/debian/python-oslo.utils@10.0.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-oslo.utils@10.0.1-1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/mistral@2.0.0-2~bpo8%2B1
purl pkg:deb/debian/mistral@2.0.0-2~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-89jv-kym3-gqdh
1
vulnerability VCID-am12-sa1d-27ef
2
vulnerability VCID-vyg9-hnp3-wye9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@2.0.0-2~bpo8%252B1
1
url pkg:deb/debian/mistral@3.0.0-4%2Bdeb9u1
purl pkg:deb/debian/mistral@3.0.0-4%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-89jv-kym3-gqdh
1
vulnerability VCID-am12-sa1d-27ef
2
vulnerability VCID-vyg9-hnp3-wye9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@3.0.0-4%252Bdeb9u1
2
url pkg:deb/debian/python-mistral-lib@1.0.0-1
purl pkg:deb/debian/python-mistral-lib@1.0.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-89jv-kym3-gqdh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-mistral-lib@1.0.0-1
3
url pkg:deb/debian/python-oslo.utils@0.2.0-1
purl pkg:deb/debian/python-oslo.utils@0.2.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-89jv-kym3-gqdh
1
vulnerability VCID-ed1c-yhw8-hfh8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-oslo.utils@0.2.0-1
4
url pkg:deb/debian/python-oslo.utils@3.8.0-2~bpo8%2B1
purl pkg:deb/debian/python-oslo.utils@3.8.0-2~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-89jv-kym3-gqdh
1
vulnerability VCID-ed1c-yhw8-hfh8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-oslo.utils@3.8.0-2~bpo8%252B1
5
url pkg:deb/debian/python-oslo.utils@3.16.0-2
purl pkg:deb/debian/python-oslo.utils@3.16.0-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-89jv-kym3-gqdh
1
vulnerability VCID-ed1c-yhw8-hfh8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-oslo.utils@3.16.0-2
6
url pkg:deb/debian/python-oslo.utils@3.36.5-0%2Bdeb10u1
purl pkg:deb/debian/python-oslo.utils@3.36.5-0%2Bdeb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-89jv-kym3-gqdh
1
vulnerability VCID-ed1c-yhw8-hfh8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-oslo.utils@3.36.5-0%252Bdeb10u1
7
url pkg:rpm/redhat/openstack-mistral@9.0.2-0.20191125120837.6651519?arch=el8ost
purl pkg:rpm/redhat/openstack-mistral@9.0.2-0.20191125120837.6651519?arch=el8ost
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-89jv-kym3-gqdh
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-mistral@9.0.2-0.20191125120837.6651519%3Farch=el8ost
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3866.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3866.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3866
reference_id
reference_type
scores
0
value 0.0006
scoring_system epss
scoring_elements 0.18924
published_at 2026-04-01T12:55:00Z
1
value 0.0006
scoring_system epss
scoring_elements 0.18743
published_at 2026-04-24T12:55:00Z
2
value 0.0006
scoring_system epss
scoring_elements 0.18827
published_at 2026-04-16T12:55:00Z
3
value 0.0006
scoring_system epss
scoring_elements 0.18839
published_at 2026-04-18T12:55:00Z
4
value 0.0006
scoring_system epss
scoring_elements 0.18854
published_at 2026-04-21T12:55:00Z
5
value 0.0006
scoring_system epss
scoring_elements 0.19059
published_at 2026-04-02T12:55:00Z
6
value 0.0006
scoring_system epss
scoring_elements 0.19111
published_at 2026-04-04T12:55:00Z
7
value 0.0006
scoring_system epss
scoring_elements 0.18833
published_at 2026-04-07T12:55:00Z
8
value 0.0006
scoring_system epss
scoring_elements 0.18912
published_at 2026-04-08T12:55:00Z
9
value 0.0006
scoring_system epss
scoring_elements 0.18966
published_at 2026-04-09T12:55:00Z
10
value 0.0006
scoring_system epss
scoring_elements 0.18972
published_at 2026-04-11T12:55:00Z
11
value 0.0006
scoring_system epss
scoring_elements 0.18925
published_at 2026-04-12T12:55:00Z
12
value 0.0006
scoring_system epss
scoring_elements 0.18874
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3866
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3866
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3866
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3866
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3866
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1768731
reference_id 1768731
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1768731
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946060
reference_id 946060
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946060
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:15:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:15:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:15:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack-mistral:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack-mistral:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack-mistral:-:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3866
reference_id CVE-2019-3866
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:N/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-3866
12
reference_url https://access.redhat.com/errata/RHSA-2021:0420
reference_id RHSA-2021:0420
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0420
13
reference_url https://usn.ubuntu.com/7465-1/
reference_id USN-7465-1
reference_type
scores
url https://usn.ubuntu.com/7465-1/
Weaknesses
0
cwe_id 732
name Incorrect Permission Assignment for Critical Resource
description The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Exploits
Severity_range_score2.1 - 5.9
Exploitability0.5
Weighted_severity5.3
Risk_score2.6
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-89jv-kym3-gqdh