Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-crxa-z2f7-5kce
SummaryImproper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack.
Aliases
0
alias CVE-2025-25013
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-25013
reference_id
reference_type
scores
0
value 0.0044
scoring_system epss
scoring_elements 0.63625
published_at 2026-06-11T12:55:00Z
1
value 0.0044
scoring_system epss
scoring_elements 0.63727
published_at 2026-06-12T12:55:00Z
2
value 0.0044
scoring_system epss
scoring_elements 0.6374
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-25013
1
reference_url https://discuss.elastic.co/t/elastic-defend-8-17-3-security-update-esa-2025-05/376921
reference_id 376921
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T19:28:00Z/
url https://discuss.elastic.co/t/elastic-defend-8-17-3-security-update-esa-2025-05/376921
Weaknesses
0
cwe_id 532
name Insertion of Sensitive Information into Log File
description Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
Exploits
Severity_range_score6.5 - 6.5
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-crxa-z2f7-5kce