Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:gem/simple_form@1.1.2

Type gem

Namespace

Name simple_form

Version 1.1.2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 5.0.0

Latest_non_vulnerable_version 5.0.0

Affected_by_vulnerabilities

url VCID-43bp-ubny-n7fj

vulnerability_id VCID-43bp-ubny-n7fj

summary Improper Input Validation in simple_form

references

reference_url

http://blog.plataformatec.com.br/2019/09/incorrect-access-control-in-simple-form-cve-2019-16676

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://blog.plataformatec.com.br/2019/09/incorrect-access-control-in-simple-form-cve-2019-16676

reference_url	http://blog.plataformatec.com.br/2019/09/incorrect-access-control-in-simple-form-cve-2019-16676/
reference_id
reference_type
scores
url	http://blog.plataformatec.com.br/2019/09/incorrect-access-control-in-simple-form-cve-2019-16676/

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16676

reference_id

reference_type

scores

value	0.0083
scoring_system	epss
scoring_elements	0.75054
published_at	2026-06-12T12:55:00Z

value	0.0083
scoring_system	epss
scoring_elements	0.75067
published_at	2026-06-13T12:55:00Z

value	0.0083
scoring_system	epss
scoring_elements	0.74984
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16676

reference_url

https://github.com/heartcombo/simple_form

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/heartcombo/simple_form

reference_url

https://github.com/heartcombo/simple_form/commit/8c91bd76a5052ddf3e3ab9fd8333f9aa7b2e2dd6

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/heartcombo/simple_form/commit/8c91bd76a5052ddf3e3ab9fd8333f9aa7b2e2dd6

reference_url

https://github.com/plataformatec/simple_form/commits/master

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/plataformatec/simple_form/commits/master

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-16676

reference_id

CVE-2019-16676

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-16676

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/simple_form/CVE-2019-16676.yml

reference_id

CVE-2019-16676.YML

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/simple_form/CVE-2019-16676.yml

reference_url

https://github.com/advisories/GHSA-r74q-gxcg-73hx

reference_id

GHSA-r74q-gxcg-73hx

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-r74q-gxcg-73hx

reference_url

https://github.com/plataformatec/simple_form/security/advisories/GHSA-r74q-gxcg-73hx

reference_id

GHSA-r74q-gxcg-73hx

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/plataformatec/simple_form/security/advisories/GHSA-r74q-gxcg-73hx

fixed_packages

url	pkg:gem/simple_form@5.0.0
purl	pkg:gem/simple_form@5.0.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:gem/simple_form@5.0.0

aliases CVE-2019-16676, GHSA-r74q-gxcg-73hx

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-43bp-ubny-n7fj

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:gem/simple_form@1.1.2

Package Instance