Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-v97v-t17q-4ba9
SummaryDrupal Improper Access Control
Aliases
0
alias CVE-2019-6342
1
alias GHSA-xq62-62c9-22mg
Fixed_packages
0
url pkg:composer/drupal/core@8.7.5
purl pkg:composer/drupal/core@8.7.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16ns-uqh5-d3gh
1
vulnerability VCID-5618-53yg-8qh4
2
vulnerability VCID-5kh7-v1uc-wfha
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-6m8x-cfzp-tkf4
5
vulnerability VCID-77zc-1gc8-r7b7
6
vulnerability VCID-7fs3-gwc7-nkes
7
vulnerability VCID-9ss3-mvt3-8bem
8
vulnerability VCID-bbzr-hbhv-yyee
9
vulnerability VCID-bkxp-gn34-67av
10
vulnerability VCID-cvxp-ctj9-guej
11
vulnerability VCID-dgjq-y5zj-cud1
12
vulnerability VCID-ed6y-c9tz-mbds
13
vulnerability VCID-fwbj-ctxz-2bc6
14
vulnerability VCID-g33x-1paw-7udm
15
vulnerability VCID-hgb1-xrne-e7c8
16
vulnerability VCID-hwnd-nuv7-jqbh
17
vulnerability VCID-j21d-w3g7-cbcg
18
vulnerability VCID-jctf-yffu-hbag
19
vulnerability VCID-jrb8-jnz4-83c8
20
vulnerability VCID-k1gx-nznx-7qd6
21
vulnerability VCID-kam1-84p4-qych
22
vulnerability VCID-mapb-hsvc-2khc
23
vulnerability VCID-n119-gta2-kfg1
24
vulnerability VCID-n7un-zgqv-jfef
25
vulnerability VCID-nj3a-eb59-jygs
26
vulnerability VCID-qvbt-7e55-4bg4
27
vulnerability VCID-st6v-ch5g-r7h2
28
vulnerability VCID-syrg-ckq7-cbd6
29
vulnerability VCID-u4w3-usvb-jyf6
30
vulnerability VCID-ummk-h11z-bkaj
31
vulnerability VCID-uqcw-p8g2-cfd2
32
vulnerability VCID-v9v6-ae3e-g3hk
33
vulnerability VCID-vevm-4sfk-f7gq
34
vulnerability VCID-vrdx-165p-efda
35
vulnerability VCID-w6cz-mg4v-3udj
36
vulnerability VCID-wbuz-qcp3-43aq
37
vulnerability VCID-ww44-hb2y-mfd5
38
vulnerability VCID-wzgs-fr3u-cbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.7.5
1
url pkg:composer/drupal/drupal@8.7.5
purl pkg:composer/drupal/drupal@8.7.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5618-53yg-8qh4
1
vulnerability VCID-6ck5-9e5b-w3ay
2
vulnerability VCID-6m8x-cfzp-tkf4
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-cvxp-ctj9-guej
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-jfq8-xxwa-mkd1
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kh51-g4cv-tqaw
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n119-gta2-kfg1
11
vulnerability VCID-n7un-zgqv-jfef
12
vulnerability VCID-nj3a-eb59-jygs
13
vulnerability VCID-pk74-yy1n-8qck
14
vulnerability VCID-r8pv-9upr-y7gd
15
vulnerability VCID-ty3y-k9t2-qyba
16
vulnerability VCID-u4w3-usvb-jyf6
17
vulnerability VCID-uqcw-p8g2-cfd2
18
vulnerability VCID-vevm-4sfk-f7gq
19
vulnerability VCID-w3q4-838v-97ck
20
vulnerability VCID-wbuz-qcp3-43aq
21
vulnerability VCID-wbvy-zrtk-audw
22
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.5
Affected_packages
0
url pkg:composer/drupal/core@8.7.4
purl pkg:composer/drupal/core@8.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-16ns-uqh5-d3gh
1
vulnerability VCID-5618-53yg-8qh4
2
vulnerability VCID-5kh7-v1uc-wfha
3
vulnerability VCID-6ck5-9e5b-w3ay
4
vulnerability VCID-6m8x-cfzp-tkf4
5
vulnerability VCID-77zc-1gc8-r7b7
6
vulnerability VCID-7fs3-gwc7-nkes
7
vulnerability VCID-9ss3-mvt3-8bem
8
vulnerability VCID-bbzr-hbhv-yyee
9
vulnerability VCID-bkxp-gn34-67av
10
vulnerability VCID-cvxp-ctj9-guej
11
vulnerability VCID-dgjq-y5zj-cud1
12
vulnerability VCID-ed6y-c9tz-mbds
13
vulnerability VCID-fwbj-ctxz-2bc6
14
vulnerability VCID-g33x-1paw-7udm
15
vulnerability VCID-hgb1-xrne-e7c8
16
vulnerability VCID-hwnd-nuv7-jqbh
17
vulnerability VCID-j21d-w3g7-cbcg
18
vulnerability VCID-jctf-yffu-hbag
19
vulnerability VCID-jrb8-jnz4-83c8
20
vulnerability VCID-k1gx-nznx-7qd6
21
vulnerability VCID-kam1-84p4-qych
22
vulnerability VCID-mapb-hsvc-2khc
23
vulnerability VCID-n119-gta2-kfg1
24
vulnerability VCID-n7un-zgqv-jfef
25
vulnerability VCID-nj3a-eb59-jygs
26
vulnerability VCID-qvbt-7e55-4bg4
27
vulnerability VCID-st6v-ch5g-r7h2
28
vulnerability VCID-syrg-ckq7-cbd6
29
vulnerability VCID-u4w3-usvb-jyf6
30
vulnerability VCID-ummk-h11z-bkaj
31
vulnerability VCID-uqcw-p8g2-cfd2
32
vulnerability VCID-v97v-t17q-4ba9
33
vulnerability VCID-v9v6-ae3e-g3hk
34
vulnerability VCID-vevm-4sfk-f7gq
35
vulnerability VCID-vrdx-165p-efda
36
vulnerability VCID-w6cz-mg4v-3udj
37
vulnerability VCID-wbuz-qcp3-43aq
38
vulnerability VCID-ww44-hb2y-mfd5
39
vulnerability VCID-wzgs-fr3u-cbdn
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/core@8.7.4
1
url pkg:composer/drupal/drupal@8.7.4
purl pkg:composer/drupal/drupal@8.7.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5618-53yg-8qh4
1
vulnerability VCID-6ck5-9e5b-w3ay
2
vulnerability VCID-6m8x-cfzp-tkf4
3
vulnerability VCID-bbzr-hbhv-yyee
4
vulnerability VCID-cvxp-ctj9-guej
5
vulnerability VCID-dgjq-y5zj-cud1
6
vulnerability VCID-jfq8-xxwa-mkd1
7
vulnerability VCID-k1gx-nznx-7qd6
8
vulnerability VCID-kh51-g4cv-tqaw
9
vulnerability VCID-mapb-hsvc-2khc
10
vulnerability VCID-n119-gta2-kfg1
11
vulnerability VCID-n7un-zgqv-jfef
12
vulnerability VCID-nj3a-eb59-jygs
13
vulnerability VCID-pk74-yy1n-8qck
14
vulnerability VCID-r8pv-9upr-y7gd
15
vulnerability VCID-ty3y-k9t2-qyba
16
vulnerability VCID-u4w3-usvb-jyf6
17
vulnerability VCID-uqcw-p8g2-cfd2
18
vulnerability VCID-v97v-t17q-4ba9
19
vulnerability VCID-vevm-4sfk-f7gq
20
vulnerability VCID-w3q4-838v-97ck
21
vulnerability VCID-wbuz-qcp3-43aq
22
vulnerability VCID-wbvy-zrtk-audw
23
vulnerability VCID-ww44-hb2y-mfd5
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.4
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6342
reference_id
reference_type
scores
0
value 0.002
scoring_system epss
scoring_elements 0.42174
published_at 2026-04-16T12:55:00Z
1
value 0.002
scoring_system epss
scoring_elements 0.42077
published_at 2026-04-01T12:55:00Z
2
value 0.002
scoring_system epss
scoring_elements 0.42136
published_at 2026-04-02T12:55:00Z
3
value 0.002
scoring_system epss
scoring_elements 0.42164
published_at 2026-04-09T12:55:00Z
4
value 0.002
scoring_system epss
scoring_elements 0.42102
published_at 2026-04-07T12:55:00Z
5
value 0.002
scoring_system epss
scoring_elements 0.42153
published_at 2026-04-08T12:55:00Z
6
value 0.002
scoring_system epss
scoring_elements 0.42186
published_at 2026-04-11T12:55:00Z
7
value 0.002
scoring_system epss
scoring_elements 0.42149
published_at 2026-04-12T12:55:00Z
8
value 0.002
scoring_system epss
scoring_elements 0.42123
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6342
1
reference_url https://github.com/drupal/core/commit/bac9bde22bb545ff72570d8a46055c6c6e70e7c5
reference_id
reference_type
scores
url https://github.com/drupal/core/commit/bac9bde22bb545ff72570d8a46055c6c6e70e7c5
2
reference_url https://www.drupal.org/sa-core-2019-008
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2019-008
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-6342
reference_id CVE-2019-6342
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-6342
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-6342.yaml
reference_id CVE-2019-6342.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2019-6342.yaml
5
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6342.yaml
reference_id CVE-2019-6342.YAML
reference_type
scores
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2019-6342.yaml
6
reference_url https://github.com/advisories/GHSA-xq62-62c9-22mg
reference_id GHSA-xq62-62c9-22mg
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xq62-62c9-22mg
Weaknesses
0
cwe_id 284
name Improper Access Control
description The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
2
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
3
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score9.0 - 10.0
Exploitability0.5
Weighted_severity9.0
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-v97v-t17q-4ba9