Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/566219?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/566219?format=api", "purl": "pkg:npm/directus@9.0.0-alpha.33", "type": "npm", "namespace": "", "name": "directus", "version": "9.0.0-alpha.33", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "11.17.0", "latest_non_vulnerable_version": "11.17.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89932?format=api", "vulnerability_id": "VCID-223k-jar9-ckg1", "summary": "Directus: GraphQL Alias Amplification Denial of Service Due to Missing Query Cost/Complexity Limits\n### Summary\n\nDirectus' GraphQL endpoints (`/graphql` and `/graphql/system`) did not deduplicate resolver invocations within a single request. An authenticated user could exploit GraphQL aliasing to repeat an expensive relational query many times in a single request, forcing the server to execute a large number of independent complex database queries concurrently, multiplying database load linearly with the number of aliases. The existing token limit on GraphQL queries still permitted enough aliases for significant resource exhaustion, while the relational depth limit applied per alias without reducing the total number executed. Rate limiting is disabled by default, meaning no built-in throttle prevented this from causing CPU, memory, and I/O exhaustion that could degrade or crash the service. Any authenticated user, including those with minimal read-only permissions, could trigger this condition.\n\n### Fix\n\nA request-scoped resolver deduplication mechanism was introduced and applied broadly across all GraphQL read resolvers, both system and items endpoints. When multiple aliases in a single request invoke the same resolver with identical arguments, only the first call executes; all subsequent aliases share its result. This eliminates the amplification factor regardless of how many aliases a query contains.\n\n### Impact\n\n- **Service degradation or outage:** Concurrent complex database queries exhaust the connection pool and server resources, affecting all users\n- **Low privilege required:** Any authenticated user, including those with read-only access to a single collection, can trigger this condition\n- **Linear scaling:** Impact scales with the number of aliases and depth of relational queries\n- **Compounded by concurrency:** Multiple simultaneous requests multiply the effect further", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03055", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02993", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03011", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03063", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35441" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-ph52-67fq-75wj", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T14:47:06Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-ph52-67fq-75wj" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35441", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35441" }, { "reference_url": "https://github.com/advisories/GHSA-ph52-67fq-75wj", "reference_id": "GHSA-ph52-67fq-75wj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-ph52-67fq-75wj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/110629?format=api", "purl": "pkg:npm/directus@11.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.17.0" } ], "aliases": [ "CVE-2026-35441", "GHSA-ph52-67fq-75wj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-223k-jar9-ckg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55704?format=api", "vulnerability_id": "VCID-22vf-zyed-nyf8", "summary": "Duplicate Advisory: Improper access control in Directus\n## Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-3fff-gqw3-vj86. This link is maintained to preserve external references.\n\n## Original Description\nDirectus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the 'POST /presets' request but not in the PATCH request. When chained with CVE-2024-6533, it could result in account takeover.", "references": [ { "reference_url": "https://directus.io", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://directus.io" }, { "reference_url": "https://fluidattacks.com/advisories/capaldi", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://fluidattacks.com/advisories/capaldi" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6534", "reference_id": "CVE-2024-6534", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6534" }, { "reference_url": "https://github.com/advisories/GHSA-q83v-hq3j-4pq3", "reference_id": "GHSA-q83v-hq3j-4pq3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q83v-hq3j-4pq3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/513607?format=api", "purl": "pkg:npm/directus@10.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b5vw-9vy2-xbev" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-n6nd-tbf1-k7aj" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.13.1" } ], "aliases": [ "GHSA-q83v-hq3j-4pq3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-22vf-zyed-nyf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57656?format=api", "vulnerability_id": "VCID-2bhb-q64y-mqhq", "summary": "Directus' exact version number is exposed by the OpenAPI Spec\nThe exact Directus version number is incorrectly being used as OpenAPI Spec version this means that it is being exposed by the `/server/specs/oas` endpoint without authentication.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53887", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55015", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54996", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55014", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.55024", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53887" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/e74f3e4e92edc33b5f83eefb001a3d2a85af17a3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:45:18Z/" } ], "url": "https://github.com/directus/directus/commit/e74f3e4e92edc33b5f83eefb001a3d2a85af17a3" }, { "reference_url": "https://github.com/directus/directus/pull/25353", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:45:18Z/" } ], "url": "https://github.com/directus/directus/pull/25353" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.9.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:45:18Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.9.0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53887", "reference_id": "CVE-2025-53887", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53887" }, { "reference_url": "https://github.com/advisories/GHSA-rmjh-cf9q-pv7q", "reference_id": "GHSA-rmjh-cf9q-pv7q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rmjh-cf9q-pv7q" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-rmjh-cf9q-pv7q", "reference_id": "GHSA-rmjh-cf9q-pv7q", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:45:18Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-rmjh-cf9q-pv7q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85746?format=api", "purl": "pkg:npm/directus@11.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.9.0" } ], "aliases": [ "CVE-2025-53887", "GHSA-rmjh-cf9q-pv7q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2bhb-q64y-mqhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47244?format=api", "vulnerability_id": "VCID-3trx-stq1-fkbf", "summary": "URL Redirection to Untrusted Site in OAuth2/OpenID in directus\n### Summary\nThe authentication API has a `redirect` parameter that can be exploited as an open redirect vulnerability as the user tries to log in via the API URL https://docs.directus.io/reference/authentication.html#login-using-sso-providers /auth/login/google?redirect for example.\n\n### Details\nThere's a redirect that is done after successful login via the Auth API GET request to `directus/auth/login/google?redirect=http://malicious-fishing-site.com`, which I think is here: https://github.com/directus/directus/blob/main/api/src/auth/drivers/oauth2.ts#L394. While credentials don't seem to be passed to the attacker site, the user can be phished into clicking a legitimate directus site and be taken to a malicious site made to look like a an error message \"Your password needs to be updated\" to phish out the current password.\n\n### PoC\nTurn on any auth provider in Directus instance. Form a link to `directus-instance/auth/login/:provider_id?redirect=http://malicious-fishing-site.com`, login and get taken to malicious-site. Tested on the `ory` OAuth2 integration.\n\n### Impact\nUsers who login via OAuth2 into Directus.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28239", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45849", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45836", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45823", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45869", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45866", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28239" }, { "reference_url": "https://docs.directus.io/reference/authentication.html#login-using-sso-providers", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-13T16:10:42Z/" } ], "url": "https://docs.directus.io/reference/authentication.html#login-using-sso-providers" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/5477d7d61babd7ffc2f835d399bf79611b15b203", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-13T16:10:42Z/" } ], "url": "https://github.com/directus/directus/commit/5477d7d61babd7ffc2f835d399bf79611b15b203" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28239", "reference_id": "CVE-2024-28239", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28239" }, { "reference_url": "https://github.com/advisories/GHSA-fr3w-2p22-6w7p", "reference_id": "GHSA-fr3w-2p22-6w7p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fr3w-2p22-6w7p" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-fr3w-2p22-6w7p", "reference_id": "GHSA-fr3w-2p22-6w7p", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-13T16:10:42Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-fr3w-2p22-6w7p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/69356?format=api", "purl": "pkg:npm/directus@10.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b5vw-9vy2-xbev" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-dkgn-bvf4-jka4" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-hvd7-28p5-q7fs" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-n6nd-tbf1-k7aj" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-ut99-st7g-yqh6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.10.0" } ], "aliases": [ "CVE-2024-28239", "GHSA-fr3w-2p22-6w7p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3trx-stq1-fkbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56526?format=api", "vulnerability_id": "VCID-4822-z5gh-zqbw", "summary": "Directus has a DOM-Based cross-site scripting (XSS) via layout_options\nDirectus allows an authenticated attacker to save cross site scripting code to the database. This is possible because the application injects an attacker-controlled parameter that will be stored in the server and used by the client into an unsanitized DOM element. When chained with [CVE-2024-6534](https://github.com/directus/directus/security/advisories/GHSA-3fff-gqw3-vj86), it could result in account takeover.", "references": [ { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/advisories/GHSA-9qrm-48qf-r2rw", "reference_id": "GHSA-9qrm-48qf-r2rw", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9qrm-48qf-r2rw" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-9qrm-48qf-r2rw", "reference_id": "GHSA-9qrm-48qf-r2rw", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-9qrm-48qf-r2rw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83905?format=api", "purl": "pkg:npm/directus@11.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b5vw-9vy2-xbev" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.3.3" } ], "aliases": [ "GHSA-9qrm-48qf-r2rw" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4822-z5gh-zqbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89641?format=api", "vulnerability_id": "VCID-4jcf-fjd5-pydt", "summary": "Directus: Path Traversal and Broken Access Control in File Management API\n## Summary\n\nA broken access control vulnerability was identified in the Directus file management API that allows authenticated users to overwrite files belonging to other users by manipulating the `filename_disk` parameter.\n\n## Details\n\nThe `PATCH /files/{id}` endpoint accepts a user-controlled `filename_disk` parameter. By setting this value to match the storage path of another user's file, an attacker can overwrite that file's content while manipulating metadata fields such as `uploaded_by` to obscure the tampering.\n\n## Impact\n\n- **Unauthorized File Overwrite**: Attackers can replace legitimate files with malicious content, creating significant risk of malware propagation and data corruption.\n- **Remote Code Execution**: If the storage backend is shared with the extensions location, attackers can deploy malicious extensions that execute arbitrary code when loaded.\n- **Data Integrity Compromise**: Files can be tampered with or replaced without visible indication in the application interface.\n\n## Mitigation\n\nThe `filename_disk` parameter should be treated as a server-controlled value. Uniqueness of storage paths must be enforced server-side, and `filename_disk` should be excluded from the fields users are permitted to update directly.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39942", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12296", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12178", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12259", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12295", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39942" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.17.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T17:47:33Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.17.0" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-393c-p46r-7c95", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T17:47:33Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-393c-p46r-7c95" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39942", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39942" }, { "reference_url": "https://github.com/advisories/GHSA-393c-p46r-7c95", "reference_id": "GHSA-393c-p46r-7c95", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-393c-p46r-7c95" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/110629?format=api", "purl": "pkg:npm/directus@11.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.17.0" } ], "aliases": [ "CVE-2026-39942", "GHSA-393c-p46r-7c95" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4jcf-fjd5-pydt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42842?format=api", "vulnerability_id": "VCID-8wt9-cu32-qugd", "summary": "Duplicate\nThis advisory duplicates another.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76188", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76221", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76197", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76208", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76215", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.76213", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26969" }, { "reference_url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-14T14:53:09Z/" } ], "url": "https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/blob/8daed9c41baeaf1d08c1e292bf9f0dcef65e48fb/docs/configuration/config-options.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-14T14:53:09Z/" } ], "url": "https://github.com/directus/directus/blob/8daed9c41baeaf1d08c1e292bf9f0dcef65e48fb/docs/configuration/config-options.md" }, { "reference_url": "https://github.com/directus/directus/pull/12022", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-14T14:53:09Z/" } ], "url": "https://github.com/directus/directus/pull/12022" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v9.7.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-14T14:53:09Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v9.7.0" }, { "reference_url": "https://security.snyk.io/vuln/SNYK-JS-DIRECTUS-2441822", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-14T14:53:09Z/" } ], "url": "https://security.snyk.io/vuln/SNYK-JS-DIRECTUS-2441822" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26969", "reference_id": "CVE-2022-26969", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26969" }, { "reference_url": "https://github.com/advisories/GHSA-g27j-74fp-xfpr", "reference_id": "GHSA-g27j-74fp-xfpr", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g27j-74fp-xfpr" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-g27j-74fp-xfpr", "reference_id": "GHSA-g27j-74fp-xfpr", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-g27j-74fp-xfpr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61266?format=api", "purl": "pkg:npm/directus@9.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-3trx-stq1-fkbf" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ap5v-6yzk-rud6" }, { "vulnerability": "VCID-azpj-92x3-jyet" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e1s2-fxgd-3ud8" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-fj84-xm4j-5bfw" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p425-cguh-83c8" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-pdb5-hm2r-xfga" }, { "vulnerability": "VCID-qb7x-z5hp-qqcx" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-t16j-g2em-wqem" }, { "vulnerability": "VCID-tz3z-smv5-3ydd" }, { "vulnerability": "VCID-ut99-st7g-yqh6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.7.0" } ], "aliases": [ "CVE-2022-26969", "GHSA-g27j-74fp-xfpr", "GMS-2022-677" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8wt9-cu32-qugd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89202?format=api", "vulnerability_id": "VCID-8zhr-k6sm-7yf6", "summary": "Directus: SSRF Protection Bypass via IPv4-Mapped IPv6 Addresses in File Import\n### Summary\nA Server-Side Request Forgery (SSRF) protection bypass has been identified and fixed in Directus. The IP address validation mechanism used to block requests to local and private networks could be circumvented using IPv4-Mapped IPv6 address notation.\n\n### Details\nDirectus implements an IP deny-list to prevent server-side requests to internal/private network ranges. The validation logic failed to normalize IPv4-Mapped IPv6 addresses (e.g., the IPv6 representation of `127.0.0.1`) before checking them against the deny-list. Because the deny-list check did not recognize these mapped addresses as equivalent to their IPv4 counterparts, an attacker could bypass the restriction while the underlying HTTP client and operating system still resolved and connected to the intended private target.\n\nThis has been fixed by adding a normalization step that converts IPv4-Mapped IPv6 addresses to their canonical IPv4 form prior to validation.\n\n### Impact\nAn authenticated user (or an unauthenticated user if public file-import permissions are enabled) could exploit this bypass to perform SSRF attacks against internal services on the same host (databases, caches, internal APIs) or cloud instance metadata endpoints (e.g., AWS/GCP/Azure IMDS).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.0278", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02716", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02733", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02786", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35409" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-wv3h-5fx7-966h", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:04:19Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-wv3h-5fx7-966h" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35409", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35409" }, { "reference_url": "https://github.com/advisories/GHSA-wv3h-5fx7-966h", "reference_id": "GHSA-wv3h-5fx7-966h", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wv3h-5fx7-966h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/110250?format=api", "purl": "pkg:npm/directus@11.16.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.16.0" } ], "aliases": [ "CVE-2026-35409", "GHSA-wv3h-5fx7-966h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8zhr-k6sm-7yf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55794?format=api", "vulnerability_id": "VCID-9pfu-bhz9-13ea", "summary": "Session is cached for OpenID and OAuth2 if `redirect` is not used\nUnauthenticated user can access credentials of last authenticated user via OpenID or OAuth2 where the authentication URL did not include `redirect` query string.\n\nFor example:\n- Project is configured with OpenID or OAuth2\n- Project is configured with cache enabled\n- User tries to login via SSO link, but without `redirect` query string\n- After successful login, credentials are cached\n- If an unauthenticated user tries to login via SSO link, it will return the credentials of the other last user\n\nThe SSO link is something like `https://directus.example.com/auth/login/openid/callback`, where `openid` is the name of the OpenID provider configured in Directus", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45596", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.736", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73575", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73589", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73602", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73598", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45596" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/blob/main/api/src/auth/drivers/oauth2.ts#L422-L428", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/blob/main/api/src/auth/drivers/oauth2.ts#L422-L428" }, { "reference_url": "https://github.com/directus/directus/blob/main/api/src/auth/drivers/openid.ts#L453-L459", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/blob/main/api/src/auth/drivers/openid.ts#L453-L459" }, { "reference_url": "https://github.com/directus/directus/commit/4aace0bbe57232e38cd6a287ee475293e46dc91b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T19:20:20Z/" } ], "url": "https://github.com/directus/directus/commit/4aace0bbe57232e38cd6a287ee475293e46dc91b" }, { "reference_url": "https://github.com/directus/directus/commit/769fa22797bff5a9231599883b391e013f122e52", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T19:20:20Z/" } ], "url": "https://github.com/directus/directus/commit/769fa22797bff5a9231599883b391e013f122e52" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45596", "reference_id": "CVE-2024-45596", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45596" }, { "reference_url": "https://github.com/advisories/GHSA-cff8-x7jv-4fm8", "reference_id": "GHSA-cff8-x7jv-4fm8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cff8-x7jv-4fm8" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-cff8-x7jv-4fm8", "reference_id": "GHSA-cff8-x7jv-4fm8", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T19:20:20Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-cff8-x7jv-4fm8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/82593?format=api", "purl": "pkg:npm/directus@10.13.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.13.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/82594?format=api", "purl": "pkg:npm/directus@11.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b5vw-9vy2-xbev" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-fzg2-jhe9-8udy" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-n6nd-tbf1-k7aj" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-xk1e-dcny-akgb" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.1.0" } ], "aliases": [ "CVE-2024-45596", "GHSA-cff8-x7jv-4fm8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9pfu-bhz9-13ea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89797?format=api", "vulnerability_id": "VCID-9qru-zceb-8kb2", "summary": "Directus: GraphQL Schema SDL Disclosure Setting\n## Summary\n\nWhen `GRAPHQL_INTROSPECTION=false` is configured, Directus correctly blocks standard GraphQL introspection queries (`__schema`, `__type`). However, the `server_specs_graphql` resolver on the `/graphql/system` endpoint returns an equivalent SDL representation of the schema and was not subject to the same restriction. This allowed the introspection control to be bypassed, exposing schema structure (collection names, field names, types, and relationships) to unauthenticated users at the public permission level, and to authenticated users at their permitted permission level.\n\n## Impact\n\nAdministrators who set `GRAPHQL_INTROSPECTION=false` to hide schema structure from clients would have had a false sense of security, as equivalent schema information remained accessible via the SDL endpoint without authentication.\n\n## Credit\n\nThis vulnerability was discovered and reported by [bugbunny.ai](https://bugbunny.ai).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35413", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0489", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04831", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04869", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04877", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35413" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-wxwm-3fxv-mrvx", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-08T14:05:28Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-wxwm-3fxv-mrvx" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35413", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35413" }, { "reference_url": "https://github.com/advisories/GHSA-wxwm-3fxv-mrvx", "reference_id": "GHSA-wxwm-3fxv-mrvx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wxwm-3fxv-mrvx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/110102?format=api", "purl": "pkg:npm/directus@11.16.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.16.1" } ], "aliases": [ "CVE-2026-35413", "GHSA-wxwm-3fxv-mrvx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9qru-zceb-8kb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55740?format=api", "vulnerability_id": "VCID-9uhu-w6qs-63ez", "summary": "Directus has an insecure object reference via PATH presets\nDirectus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the `POST /presets` request but not in the PATCH request. When chained with [CVE-2024-6533](https://github.com/directus/directus/security/advisories/GHSA-9qrm-48qf-r2rw), it could result in account takeover.\n\nThis vulnerability occurs because the application only validates the user parameter in the `POST /presets` request but not in the PATCH request.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6534", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18363", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18273", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18254", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18329", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18366", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6534" }, { "reference_url": "https://directus.io", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://directus.io" }, { "reference_url": "https://fluidattacks.com/advisories/capaldi", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-15T14:09:09Z/" } ], "url": "https://fluidattacks.com/advisories/capaldi" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6534", "reference_id": "CVE-2024-6534", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6534" }, { "reference_url": "https://directus.io/", "reference_id": "directus.io", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-15T14:09:09Z/" } ], "url": "https://directus.io/" }, { "reference_url": "https://github.com/advisories/GHSA-3fff-gqw3-vj86", "reference_id": "GHSA-3fff-gqw3-vj86", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3fff-gqw3-vj86" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-3fff-gqw3-vj86", "reference_id": "GHSA-3fff-gqw3-vj86", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-3fff-gqw3-vj86" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/82479?format=api", "purl": "pkg:npm/directus@10.13.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b5vw-9vy2-xbev" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-n6nd-tbf1-k7aj" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.13.2" } ], "aliases": [ "CVE-2024-6534", "GHSA-3fff-gqw3-vj86" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9uhu-w6qs-63ez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89079?format=api", "vulnerability_id": "VCID-9y4r-6qtg-83cs", "summary": "Directus: Open Redirect via Parser Bypass in OAuth2/SAML Authentication Flow\n### Summary\n\nAn open redirect vulnerability exists in the login redirection logic. The `isLoginRedirectAllowed` function fails to correctly identify certain malformed URLs as external, allowing attackers to bypass redirect allow-list validation and redirect users to arbitrary external domains upon successful authentication.\n\n### Details\n\nA parser differential exists between the server-side URL validation logic and how modern browsers interpret URL path segments containing backslashes. Specifically, certain URL patterns are incorrectly classified as safe relative paths by the server, but are normalized by browsers into external domain references.\n\nThis is particularly impactful in SSO authentication flows (e.g., OAuth2 providers), where an attacker can craft a login URL that redirects the victim to an attacker-controlled site immediately after successful authentication, without any visible indication during the login process.\n\n### Impact\n\n- **Phishing:** Users may be silently redirected to attacker-controlled sites impersonating legitimate services after authenticating.\n- **Credential/token theft:** The redirect can be chained to capture OAuth tokens or authorization codes.\n- **Trust erosion:** Users lose confidence in the application after being redirected to unexpected domains post-login.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35410", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03606", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03589", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03611", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0362", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35410" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-cf45-hxwj-4cfj", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T14:47:25Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-cf45-hxwj-4cfj" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35410", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35410" }, { "reference_url": "https://github.com/advisories/GHSA-cf45-hxwj-4cfj", "reference_id": "GHSA-cf45-hxwj-4cfj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cf45-hxwj-4cfj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/110102?format=api", "purl": "pkg:npm/directus@11.16.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.16.1" } ], "aliases": [ "CVE-2026-35410", "GHSA-cf45-hxwj-4cfj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9y4r-6qtg-83cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44616?format=api", "vulnerability_id": "VCID-ap5v-6yzk-rud6", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nDirectus is a real-time API and App dashboard for managing SQL database content. In versions prior to 9.16.0 users with read access to the `password` field in `directus_users` can extract the argon2 password hashes by brute forcing the export functionality combined with a `_starts_with` filter. This allows the user to enumerate the password hashes. Accounts cannot be taken over unless the hashes can be reversed which is unlikely with current hardware. This problem has been patched by preventing any hashed/concealed field to be filtered against with the `_starts_with` or other string operator in version 9.16.0. Users are advised to upgrade. Users unable to upgrade may mitigate this issue by ensuring that no user has `read` access to the `password` field in `directus_users`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53772", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53771", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53748", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53784", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53775", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27481" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/pull/14829", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:10Z/" } ], "url": "https://github.com/directus/directus/pull/14829" }, { "reference_url": "https://github.com/directus/directus/pull/15010", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:10Z/" } ], "url": "https://github.com/directus/directus/pull/15010" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27481", "reference_id": "CVE-2023-27481", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27481" }, { "reference_url": "https://github.com/advisories/GHSA-m5q3-8wgf-x8xf", "reference_id": "GHSA-m5q3-8wgf-x8xf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m5q3-8wgf-x8xf" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-m5q3-8wgf-x8xf", "reference_id": "GHSA-m5q3-8wgf-x8xf", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:10Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-m5q3-8wgf-x8xf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/64235?format=api", "purl": "pkg:npm/directus@9.16.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-3trx-stq1-fkbf" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-azpj-92x3-jyet" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e1s2-fxgd-3ud8" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-hvd7-28p5-q7fs" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p425-cguh-83c8" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-pdb5-hm2r-xfga" }, { "vulnerability": "VCID-qb7x-z5hp-qqcx" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-t16j-g2em-wqem" }, { "vulnerability": "VCID-tz3z-smv5-3ydd" }, { "vulnerability": "VCID-ut99-st7g-yqh6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.16.0" } ], "aliases": [ "CVE-2023-27481", "GHSA-m5q3-8wgf-x8xf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ap5v-6yzk-rud6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47242?format=api", "vulnerability_id": "VCID-azpj-92x3-jyet", "summary": "Session Token in URL in directus\n### Impact\n\nWhen reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places (e.g., web server logs, browser history). Attackers gaining access to these logs may hijack active user sessions, leading to unauthorized access to sensitive information or actions on behalf of the user.\n\n### Patches\n\n_Has the problem been patched? What versions should users upgrade to?_\n\n### Workarounds\n\nThere's no workaround available.\n\n### References\n\n_Are there any links users can visit to find out more?_", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28238", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.2564", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25543", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25534", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25593", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25649", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28238" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28238", "reference_id": "CVE-2024-28238", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28238" }, { "reference_url": "https://github.com/advisories/GHSA-2ccr-g2rv-h677", "reference_id": "GHSA-2ccr-g2rv-h677", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2ccr-g2rv-h677" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-2ccr-g2rv-h677", "reference_id": "GHSA-2ccr-g2rv-h677", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-02T19:50:33Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-2ccr-g2rv-h677" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/69356?format=api", "purl": "pkg:npm/directus@10.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b5vw-9vy2-xbev" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-dkgn-bvf4-jka4" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-hvd7-28p5-q7fs" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-n6nd-tbf1-k7aj" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-ut99-st7g-yqh6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.10.0" } ], "aliases": [ "CVE-2024-28238", "GHSA-2ccr-g2rv-h677" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-azpj-92x3-jyet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89445?format=api", "vulnerability_id": "VCID-azsd-u8r6-kqcd", "summary": "Directus: Missing Cross-Origin Opener Policy\n## Summary\n\nDirectus's Single Sign-On (SSO) login pages lacked a `Cross-Origin-Opener-Policy` (COOP) HTTP response header. Without this header, a malicious cross-origin window that opens the Directus login page retains the ability to access and manipulate the `window` object of that page. An attacker can exploit this to intercept and redirect the OAuth authorization flow to an attacker-controlled OAuth client, causing the victim to unknowingly grant access to their authentication provider account (e.g. Google, Discord).\n\n## Impact\n\nA successful attack allows the attacker to obtain an OAuth access token for the victim's third-party identity provider account. Depending on the scopes authorized, this can lead to:\n- Unauthorized access to the victim's linked identity provider account\n- Account takeover of the Directus instance if the attacker can authenticate using the stolen credentials or provider session\n\n## Patches\n\nThis issue has been addressed by adding the `Cross-Origin-Opener-Policy: same-origin` HTTP response header to SSO-related endpoints. This header instructs the browser to place the page in its own browsing context group, severing any reference the opener window may hold.\n\n## Workarounds\n\nUsers who are unable to upgrade immediately can mitigate this vulnerability by configuring their reverse proxy or web server to add the following HTTP response header to all Directus responses: `Cross-Origin-Opener-Policy: same-origin`", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35408", "reference_id": "", "reference_type": "", "scores": [ { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00958", "published_at": "2026-06-05T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00956", "published_at": "2026-06-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00959", "published_at": "2026-06-07T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00957", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35408" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-8m32-p958-jg99", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T16:23:35Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-8m32-p958-jg99" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35408", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35408" }, { "reference_url": "https://github.com/advisories/GHSA-8m32-p958-jg99", "reference_id": "GHSA-8m32-p958-jg99", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8m32-p958-jg99" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/110629?format=api", "purl": "pkg:npm/directus@11.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.17.0" } ], "aliases": [ "CVE-2026-35408", "GHSA-8m32-p958-jg99" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-azsd-u8r6-kqcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42844?format=api", "vulnerability_id": "VCID-bm9d-bx8y-jbgy", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nDirectus is a real-time API and App dashboard for managing SQL database content. Prior to version 9.7.0, unauthorized JavaScript (JS) can be executed by inserting an iframe into the rich text html interface that links to a file uploaded HTML file that loads another uploaded JS file in its script tag. This satisfies the regular content security policy header, which in turn allows the file to run any arbitrary JS. This issue was resolved in version 9.7.0. As a workaround, disable the live embed in the what-you-see-is-what-you-get by adding `{ \"media_live_embeds\": false }` to the _Options Overrides_ option of the Rich Text HTML interface.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24814", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62879", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62851", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62894", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62903", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0043", "scoring_system": "epss", "scoring_elements": "0.62893", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24814" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/pull/12020", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:54:47Z/" } ], "url": "https://github.com/directus/directus/pull/12020" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v9.7.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:54:47Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v9.7.0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24814", "reference_id": "CVE-2022-24814", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24814" }, { "reference_url": "https://github.com/advisories/GHSA-xmjj-3c76-5w84", "reference_id": "GHSA-xmjj-3c76-5w84", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xmjj-3c76-5w84" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-xmjj-3c76-5w84", "reference_id": "GHSA-xmjj-3c76-5w84", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:54:47Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-xmjj-3c76-5w84" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61266?format=api", "purl": "pkg:npm/directus@9.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-3trx-stq1-fkbf" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ap5v-6yzk-rud6" }, { "vulnerability": "VCID-azpj-92x3-jyet" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e1s2-fxgd-3ud8" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-fj84-xm4j-5bfw" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p425-cguh-83c8" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-pdb5-hm2r-xfga" }, { "vulnerability": "VCID-qb7x-z5hp-qqcx" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-t16j-g2em-wqem" }, { "vulnerability": "VCID-tz3z-smv5-3ydd" }, { "vulnerability": "VCID-ut99-st7g-yqh6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.7.0" } ], "aliases": [ "CVE-2022-24814", "GHSA-xmjj-3c76-5w84" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bm9d-bx8y-jbgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57653?format=api", "vulnerability_id": "VCID-d7x4-xpyz-9ybv", "summary": "Directus tokens are not redacted in flow logs, exposing session credentials to all admin\nWhen using Directus Flows with the WebHook trigger, all incoming request details are logged including security sensitive data like access and refresh tokens in cookies.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53886", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54496", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54528", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54518", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53886" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/859f664f56fb50401c407b095889cea38ff580e5", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/commit/859f664f56fb50401c407b095889cea38ff580e5" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.9.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:41:05Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.9.0" }, { "reference_url": "https://github.com/directus/directus/pull/25354", "reference_id": "25354", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:41:05Z/" } ], "url": "https://github.com/directus/directus/pull/25354" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53886", "reference_id": "CVE-2025-53886", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53886" }, { "reference_url": "https://github.com/advisories/GHSA-f24x-rm6g-3w5v", "reference_id": "GHSA-f24x-rm6g-3w5v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f24x-rm6g-3w5v" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-f24x-rm6g-3w5v", "reference_id": "GHSA-f24x-rm6g-3w5v", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:41:05Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-f24x-rm6g-3w5v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85746?format=api", "purl": "pkg:npm/directus@11.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.9.0" } ], "aliases": [ "CVE-2025-53886", "GHSA-f24x-rm6g-3w5v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d7x4-xpyz-9ybv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56524?format=api", "vulnerability_id": "VCID-depg-4gcv-ekb9", "summary": "Directus allows privilege escalation using Share feature\nWhen sharing an item, user can specify an arbitrary role. It allows user to use a higher-privileged role to see fields that otherwise the user should not be able to see.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24353", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.5757", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57574", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57556", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57568", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57578", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24353" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/e288a43a79613dada905da683f4919c6965ac804", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:52:42Z/" } ], "url": "https://github.com/directus/directus/commit/e288a43a79613dada905da683f4919c6965ac804" }, { "reference_url": "https://github.com/directus/directus/pull/23716", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:52:42Z/" } ], "url": "https://github.com/directus/directus/pull/23716" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.2.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:52:42Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.2.0" }, { "reference_url": "https://www.youtube.com/watch?v=DbV4IxbWzN4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:52:42Z/" } ], "url": "https://www.youtube.com/watch?v=DbV4IxbWzN4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24353", "reference_id": "CVE-2025-24353", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24353" }, { "reference_url": "https://github.com/advisories/GHSA-pmf4-v838-29hg", "reference_id": "GHSA-pmf4-v838-29hg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pmf4-v838-29hg" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-pmf4-v838-29hg", "reference_id": "GHSA-pmf4-v838-29hg", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T18:52:42Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-pmf4-v838-29hg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/83903?format=api", "purl": "pkg:npm/directus@11.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b5vw-9vy2-xbev" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-fzg2-jhe9-8udy" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-n6nd-tbf1-k7aj" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.2.0" } ], "aliases": [ "CVE-2025-24353", "GHSA-pmf4-v838-29hg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-depg-4gcv-ekb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46037?format=api", "vulnerability_id": "VCID-e1s2-fxgd-3ud8", "summary": "Directus affected by VM2 sandbox escape vulnerability\n### Impact\nIn vm2 for versions up to 3.9.19, Promise handler sanitization can be bypassed, allowing attackers to escape the sandbox and run arbitrary code. Within Directus this applies to the \"Run Script\" operation in flows being able to escape the sandbox running code in the main nodejs context.\n\n### Patches\nPatched in v10.6.0 by replacing `vm2` with `isolated-vm`\n\n### Workarounds\nNone\n\n### References\nhttps://github.com/patriksimek/vm2/security/advisories/GHSA-cchq-frgv-rjh5", "references": [ { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/284156426fa94f688e8d65a7a4f34f9e6705f058", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/commit/284156426fa94f688e8d65a7a4f34f9e6705f058" }, { "reference_url": "https://github.com/directus/directus/pull/19332", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/pull/19332" }, { "reference_url": "https://github.com/advisories/GHSA-22rr-f3p8-5gf8", "reference_id": "GHSA-22rr-f3p8-5gf8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-22rr-f3p8-5gf8" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-22rr-f3p8-5gf8", "reference_id": "GHSA-22rr-f3p8-5gf8", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-22rr-f3p8-5gf8" }, { "reference_url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-cchq-frgv-rjh5", "reference_id": "GHSA-cchq-frgv-rjh5", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-cchq-frgv-rjh5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/66991?format=api", "purl": "pkg:npm/directus@10.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-3trx-stq1-fkbf" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-azpj-92x3-jyet" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-hvd7-28p5-q7fs" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-pdb5-hm2r-xfga" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-syj4-5j4a-hkct" }, { "vulnerability": "VCID-t16j-g2em-wqem" }, { "vulnerability": "VCID-ut99-st7g-yqh6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.6.0" } ], "aliases": [ "GHSA-22rr-f3p8-5gf8", "GMS-2023-2358" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e1s2-fxgd-3ud8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48375?format=api", "vulnerability_id": "VCID-e6pq-efd4-yfbd", "summary": "Directus is Vulnerable to Stored Cross-site Scripting\nA stored cross-site scripting (XSS) vulnerability exists that allows users with `upload files` and `edit item` permissions to inject malicious JavaScript through the Block Editor interface. Attackers can bypass Content Security Policy (CSP) restrictions by combining file uploads with iframe srcdoc attributes, resulting in persistent XSS execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64747", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11075", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11156", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1119", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11196", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64747" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/d23525317f0780f04aa1fe7a99171a358e43cb2e", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:33:34Z/" } ], "url": "https://github.com/directus/directus/commit/d23525317f0780f04aa1fe7a99171a358e43cb2e" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64747", "reference_id": "CVE-2025-64747", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64747" }, { "reference_url": "https://github.com/advisories/GHSA-vv2v-pw69-8crf", "reference_id": "GHSA-vv2v-pw69-8crf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vv2v-pw69-8crf" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-vv2v-pw69-8crf", "reference_id": "GHSA-vv2v-pw69-8crf", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:33:34Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-vv2v-pw69-8crf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/71386?format=api", "purl": "pkg:npm/directus@11.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.13.0" } ], "aliases": [ "CVE-2025-64747", "GHSA-vv2v-pw69-8crf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6pq-efd4-yfbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89632?format=api", "vulnerability_id": "VCID-ew63-hmst-d7ct", "summary": "Directus: Unauthenticated Denial of Service via GraphQL Alias Amplification of Expensive Health Check Resolver\n## Summary\n\nThe GraphQL specification permits a single query to repeat the same field multiple times using aliases, with each alias resolved independently by default. Directus did not deduplicate resolver invocations within a single request, meaning each alias triggered a full, independent execution of the underlying resolver.\n\nThe health check resolver ran all backend checks (database connectivity, cache, storage writes, and SMTP verification) on every invocation. Combined with unauthenticated access to the system GraphQL endpoint, this allowed an attacker to amplify resource consumption significantly from a single HTTP request, exhausting the database connection pool, storage I/O, and SMTP connections.\n\n## Fix\n\nA request-scoped resolver deduplication mechanism was introduced and applied broadly across all GraphQL read resolvers, both system and items endpoints. When multiple aliases in a single request invoke the same resolver with identical arguments, only the first call executes; all subsequent aliases share its result. This eliminates the amplification factor regardless of how many aliases an attacker includes in a query.\n\n## Impact\n\n- **Service degradation or outage:** Database connection pool exhaustion prevents all Directus operations for all users\n- **Storage I/O saturation:** Concurrent file writes can overwhelm disk I/O\n- **SMTP resource exhaustion:** Concurrent SMTP verification calls may overwhelm the mail server\n- **No authentication required:** Any network-accessible attacker can trigger this condition\n- **Single-request impact:** A single request is sufficient to cause significant resource consumption\n\n## Credit\n\nThis vulnerability was discovered and reported by [bugbunny.ai](https://bugbunny.ai).", "references": [ { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-6q22-g298-grjh", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-6q22-g298-grjh" }, { "reference_url": "https://github.com/advisories/GHSA-6q22-g298-grjh", "reference_id": "GHSA-6q22-g298-grjh", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6q22-g298-grjh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/110629?format=api", "purl": "pkg:npm/directus@11.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.17.0" } ], "aliases": [ "GHSA-6q22-g298-grjh" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ew63-hmst-d7ct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/109951?format=api", "vulnerability_id": "VCID-fj84-xm4j-5bfw", "summary": "Directus vulnerable to unhandled exception on illegal filename_disk value\nThe Directus process can be aborted by having an authorized user update the `filename_disk` value to a folder and accessing that file through the `/assets` endpoint. \n\nThe vulnerability is patched and released in v9.15.0.\n\nYou can prevent this problem by making sure no (untrusted) non-admin users have permissions to update the `filename_disk` field on `directus_files`.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Open a Discussion in [directus/directus](https://github.com/directus/directus/discussions)\n* Email us at [security@directus.io](mailto:security@directus.io)\n\n### Credits\n\nThis vulnerability was first discovered and reported by Witold Gorecki.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36031", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49586", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49596", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49524", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4956", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4955", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49578", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-36031" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-77qm-wvqq-fg79", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:45:00Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-77qm-wvqq-fg79" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36031", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36031" }, { "reference_url": "https://github.com/advisories/GHSA-77qm-wvqq-fg79", "reference_id": "GHSA-77qm-wvqq-fg79", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-77qm-wvqq-fg79" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/148057?format=api", "purl": "pkg:npm/directus@9.15.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-3trx-stq1-fkbf" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ap5v-6yzk-rud6" }, { "vulnerability": "VCID-azpj-92x3-jyet" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e1s2-fxgd-3ud8" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-hvd7-28p5-q7fs" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p425-cguh-83c8" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-pdb5-hm2r-xfga" }, { "vulnerability": "VCID-qb7x-z5hp-qqcx" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-t16j-g2em-wqem" }, { "vulnerability": "VCID-tz3z-smv5-3ydd" }, { "vulnerability": "VCID-ut99-st7g-yqh6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.15.0" } ], "aliases": [ "CVE-2022-36031", "GHSA-77qm-wvqq-fg79" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fj84-xm4j-5bfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55190?format=api", "vulnerability_id": "VCID-gkde-rn6p-rba5", "summary": "Directus is soft-locked by providing a string value to random string util\nThis counts as an unauthenticated denial of service attack vector so this impacts all unpatched instances reachable over the internet.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36128", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57956", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57957", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57942", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57967", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57959", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36128" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/7d2a1392f43613094de700062aba168a9400dd3b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-03T15:30:27Z/" } ], "url": "https://github.com/directus/directus/commit/7d2a1392f43613094de700062aba168a9400dd3b" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36128", "reference_id": "CVE-2024-36128", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36128" }, { "reference_url": "https://github.com/advisories/GHSA-632p-p495-25m5", "reference_id": "GHSA-632p-p495-25m5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-632p-p495-25m5" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-632p-p495-25m5", "reference_id": "GHSA-632p-p495-25m5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-03T15:30:27Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-632p-p495-25m5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81729?format=api", "purl": "pkg:npm/directus@10.11.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b5vw-9vy2-xbev" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-hvd7-28p5-q7fs" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-n6nd-tbf1-k7aj" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.11.2" } ], "aliases": [ "CVE-2024-36128", "GHSA-632p-p495-25m5" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gkde-rn6p-rba5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48369?format=api", "vulnerability_id": "VCID-h9sb-tucg-b3fw", "summary": "Directus Vulnerable to Information Leakage in Existing Collections\nAn observable difference in error messaging was found in the Directus REST API. The `/items/{collection}` API returns different error messages for these two cases:\n1. A user tries to access an existing collection which they are not authorized to access.\n2. A user tries to access a non-existing collection.\n\nThe two differing error messages leak the existence of collections to users which are not authorized to access these collections.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64749", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14378", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14459", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14498", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14495", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64749" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/f99c9b89071f9d136cc9b0d0c182f2d24542bc31", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T17:14:48Z/" } ], "url": "https://github.com/directus/directus/commit/f99c9b89071f9d136cc9b0d0c182f2d24542bc31" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64749", "reference_id": "CVE-2025-64749", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64749" }, { "reference_url": "https://github.com/advisories/GHSA-cph6-524f-3hgr", "reference_id": "GHSA-cph6-524f-3hgr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cph6-524f-3hgr" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-cph6-524f-3hgr", "reference_id": "GHSA-cph6-524f-3hgr", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T17:14:48Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-cph6-524f-3hgr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/71386?format=api", "purl": "pkg:npm/directus@11.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.13.0" } ], "aliases": [ "CVE-2025-64749", "GHSA-cph6-524f-3hgr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h9sb-tucg-b3fw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50117?format=api", "vulnerability_id": "VCID-hp3s-jfj1-efdy", "summary": "Directus Vulnerable to User Enumeration via Password Reset Timing Attack\nA timing-based user enumeration vulnerability exists in the password reset functionality. When an invalid reset_url parameter is provided, the response time differs by approximately 500ms between existing and non-existing users, enabling reliable user enumeration.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02559", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02575", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.0263", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02627", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26185" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/e69aa7a5248c6e3e822cb1ac354dee295df90b2a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T15:58:57Z/" } ], "url": "https://github.com/directus/directus/commit/e69aa7a5248c6e3e822cb1ac354dee295df90b2a" }, { "reference_url": "https://github.com/directus/directus/pull/26485", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T15:58:57Z/" } ], "url": "https://github.com/directus/directus/pull/26485" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.14.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T15:58:57Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.14.1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26185", "reference_id": "CVE-2026-26185", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26185" }, { "reference_url": "https://github.com/advisories/GHSA-jr94-gj3h-c8rf", "reference_id": "GHSA-jr94-gj3h-c8rf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jr94-gj3h-c8rf" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-jr94-gj3h-c8rf", "reference_id": "GHSA-jr94-gj3h-c8rf", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T15:58:57Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-jr94-gj3h-c8rf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74017?format=api", "purl": "pkg:npm/directus@11.14.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.14.1" } ], "aliases": [ "CVE-2026-26185", "GHSA-jr94-gj3h-c8rf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hp3s-jfj1-efdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48360?format=api", "vulnerability_id": "VCID-j9tx-h9v5-w7am", "summary": "Directus's conceal fields are searchable if read permissions enabled\nA vulnerability allows authenticated users to search concealed/sensitive fields when they have read permissions. While actual values remain masked (`****`), successful matches can be detected through returned records, enabling enumeration attacks on sensitive data.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13742", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13826", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13862", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13858", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64748" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/7737d56e096f95edfbdf861a3c08999ad31ce204", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:39:19Z/" } ], "url": "https://github.com/directus/directus/commit/7737d56e096f95edfbdf861a3c08999ad31ce204" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64748", "reference_id": "CVE-2025-64748", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64748" }, { "reference_url": "https://github.com/advisories/GHSA-8jpw-gpr4-8cmh", "reference_id": "GHSA-8jpw-gpr4-8cmh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8jpw-gpr4-8cmh" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-8jpw-gpr4-8cmh", "reference_id": "GHSA-8jpw-gpr4-8cmh", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:39:19Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-8jpw-gpr4-8cmh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/71386?format=api", "purl": "pkg:npm/directus@11.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.13.0" } ], "aliases": [ "CVE-2025-64748", "GHSA-8jpw-gpr4-8cmh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j9tx-h9v5-w7am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89893?format=api", "vulnerability_id": "VCID-m4z2-58pn-k3cb", "summary": "Directus: Sensitive fields exposed in revision history\n### Summary\n\nDirectus stores revision records (in `directus_revisions`) whenever items are created or updated. Due to the revision snapshot code not consistently calling the `prepareDelta` sanitization pipeline, sensitive fields (including user tokens, two-factor authentication secrets, external auth identifiers, auth data, stored credentials, and AI provider API keys) could be stored in plaintext within revision records.\n\n### Impact\nAny user or service account with read access to `directus_revisions` (or flow logs) could retrieve values for fields that are supposed to be concealed or encrypted at rest, including:\n- `token`, `tfa_secret`, `external_identifier`, `auth_data`, `credentials`\n- `ai_openai_api_key`, `ai_anthropic_api_key`, `ai_google_api_key`, `ai_openai_compatible_api_key`\n\nThis could lead to account takeover (via stolen tokens or 2FA secrets) or unauthorized use of third-party API keys stored against users.\n\n### Affected code paths\n\n1. **Item create/update revisions** The data (snapshot) field written to directus_revisions was not processed through prepareDelta, so concealed/encrypted fields were stored without redaction. Relational fields were also included, which should have been excluded.\n2. **Authentication service** When a user was auto-suspended after repeated failed login attempts, the revision record was created with the raw user object (including all sensitive fields) rather than the sanitized delta.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39943", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09692", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09628", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09686", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09712", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39943" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.17.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T14:06:00Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.17.0" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-mvv8-v4jj-g47j", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T14:06:00Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-mvv8-v4jj-g47j" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39943", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39943" }, { "reference_url": "https://github.com/advisories/GHSA-mvv8-v4jj-g47j", "reference_id": "GHSA-mvv8-v4jj-g47j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mvv8-v4jj-g47j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/110629?format=api", "purl": "pkg:npm/directus@11.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.17.0" } ], "aliases": [ "CVE-2026-39943", "GHSA-mvv8-v4jj-g47j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m4z2-58pn-k3cb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57654?format=api", "vulnerability_id": "VCID-nug7-m3d7-f7gq", "summary": "Directus' insufficient permission checks can enable unauthenticated users to manually trigger Flows\nDirectus Flows with a manual trigger are not validating whether the user triggering the Flow has permissions to the items provided as payload to the Flow. Depending on what the Flow is set up to do this can lead to the Flow executing potential tasks on the attacker's behalf without authenticating.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53889", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47917", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47946", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47964", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.4796", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53889" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/22be460c76957708d67fdd52846a9ad1cbb083fb", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:43:29Z/" } ], "url": "https://github.com/directus/directus/commit/22be460c76957708d67fdd52846a9ad1cbb083fb" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v11.9.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:43:29Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v11.9.0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53889", "reference_id": "CVE-2025-53889", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53889" }, { "reference_url": "https://github.com/advisories/GHSA-7cvf-pxgp-42fc", "reference_id": "GHSA-7cvf-pxgp-42fc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7cvf-pxgp-42fc" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-7cvf-pxgp-42fc", "reference_id": "GHSA-7cvf-pxgp-42fc", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:43:29Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-7cvf-pxgp-42fc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85746?format=api", "purl": "pkg:npm/directus@11.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.9.0" } ], "aliases": [ "CVE-2025-53889", "GHSA-7cvf-pxgp-42fc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nug7-m3d7-f7gq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44621?format=api", "vulnerability_id": "VCID-p425-cguh-83c8", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nDirectus is a real-time API and App dashboard for managing SQL database content. Instances relying on an allow-listed reset URL is vulnerable to an HTML injection attack through the use of query parameters in the reset URL. An attacker could exploit this to email users urls to the servers domain but which may contain malicious code. The problem has been resolved and released under version 9.23.0. People relying on a custom password reset URL should upgrade to 9.23.0 or later, or remove the custom reset url from the configured allow list. Users are advised to upgrade. Users unable to upgrade may disable the custom reset URL allow list as a workaround.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27474", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00828", "scoring_system": "epss", "scoring_elements": "0.74899", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00828", "scoring_system": "epss", "scoring_elements": "0.74909", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00828", "scoring_system": "epss", "scoring_elements": "0.74883", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00828", "scoring_system": "epss", "scoring_elements": "0.74907", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00828", "scoring_system": "epss", "scoring_elements": "0.74902", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27474" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/issues/17119", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:29:56Z/" } ], "url": "https://github.com/directus/directus/issues/17119" }, { "reference_url": "https://github.com/directus/directus/pull/17120", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:29:56Z/" } ], "url": "https://github.com/directus/directus/pull/17120" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27474", "reference_id": "CVE-2023-27474", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27474" }, { "reference_url": "https://github.com/advisories/GHSA-4hmq-ggrm-qfc6", "reference_id": "GHSA-4hmq-ggrm-qfc6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4hmq-ggrm-qfc6" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6", "reference_id": "GHSA-4hmq-ggrm-qfc6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:29:56Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/64237?format=api", "purl": "pkg:npm/directus@9.23.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-tjsu-gczu-9kdj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.23.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/64147?format=api", "purl": "pkg:npm/directus@9.23.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-3trx-stq1-fkbf" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-azpj-92x3-jyet" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e1s2-fxgd-3ud8" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-hvd7-28p5-q7fs" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-pdb5-hm2r-xfga" }, { "vulnerability": "VCID-qb7x-z5hp-qqcx" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-t16j-g2em-wqem" }, { "vulnerability": "VCID-tjsu-gczu-9kdj" }, { "vulnerability": "VCID-ut99-st7g-yqh6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.23.1" } ], "aliases": [ "CVE-2023-27474", "GHSA-4hmq-ggrm-qfc6" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p425-cguh-83c8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49589?format=api", "vulnerability_id": "VCID-p9j6-rpp2-bqd6", "summary": "Directus has open redirect in SAML\nAn open redirect vulnerability exists in the Directus SAML authentication callback endpoint. The `RelayState` parameter is used in redirects without proper validation against an allowlist of permitted domains.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-22032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14411", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14497", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15188", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.2509", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-22032" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/dad9576ea9362905cc4de8028d3877caff36dc23", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:48:13Z/" } ], "url": "https://github.com/directus/directus/commit/dad9576ea9362905cc4de8028d3877caff36dc23" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22032", "reference_id": "CVE-2026-22032", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22032" }, { "reference_url": "https://github.com/advisories/GHSA-3573-4c68-g8cc", "reference_id": "GHSA-3573-4c68-g8cc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3573-4c68-g8cc" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-3573-4c68-g8cc", "reference_id": "GHSA-3573-4c68-g8cc", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-08T14:48:13Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-3573-4c68-g8cc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73208?format=api", "purl": "pkg:npm/directus@11.14.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.14.0" } ], "aliases": [ "CVE-2026-22032", "GHSA-3573-4c68-g8cc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p9j6-rpp2-bqd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47174?format=api", "vulnerability_id": "VCID-pdb5-hm2r-xfga", "summary": "Directus has MySQL accent insensitive email matching\n## Password reset vulnerable to accent confusion\n\nThe password reset mechanism of the Directus backend is implemented in a way where combined with (specific, need to double check if i can work around) configuration in MySQL or MariaDB. As such, it allows attackers to receive a password reset email of a victim user, specifically having it arrive at a similar email address as the victim with a one or more characters changed to use accents. \n\nThis is due to the fact that by default MySQL/MariaDB are configured for accent-insenstive and case-insensitve comparisons.\n\nMySQL weak comparison:\n```sql\nselect 1 from directus_users where 'julian@cure53.de' = 'julian@cüre53.de';\n```\n\nThis is exploitable due to an error in the API using the supplied email address for sending the reset password mail instead of using the email from the database.\n\n### Steps to reproduce:\n\n1. If the attacker knows the email address of the victim user, i.e., `julian@cure53.de`. (possibly just the domain could be enough for an educated guess)\n2. A off-by-one accented domain `cüre53.de` can be registered to be able to receive emails.\n3. With this email the attacker can request a password reset for `julian@cüre53.de`. \n```http\nPOST /auth/password/request HTTP/1.1\nHost: example.com\n[...]\n{\"email\":\"julian@cüre53.de\"}\n```\n4. The supplied email (julian@cüre53.de) gets checked against the database and will match the non-accented email `julian@cure53.de` and will continue to email the password reset link to the provided email address instead of the saved email address.\n5. With this email the attacker can log into the target account and use it for nefarious things\n\n### Workarounds\nShould be possible with collations but haven't been able to confirm this. \n\n### References\n- https://www.monolune.com/articles/what-is-the-utf8mb4_0900_ai_ci-collation/\n- https://dev.mysql.com/doc/refman/8.0/en/charset-unicode-sets.html", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27295", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.70022", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.69999", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.70011", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.70023", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00604", "scoring_system": "epss", "scoring_elements": "0.70015", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27295" }, { "reference_url": "https://dev.mysql.com/doc/refman/8.0/en/charset-unicode-sets.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://dev.mysql.com/doc/refman/8.0/en/charset-unicode-sets.html" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/a8ef790ea2d28b1727f9027d99bd360920d57919", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus/commit/a8ef790ea2d28b1727f9027d99bd360920d57919" }, { "reference_url": "https://www.monolune.com/articles/what-is-the-utf8mb4_0900_ai_ci-collation", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.monolune.com/articles/what-is-the-utf8mb4_0900_ai_ci-collation" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27295", "reference_id": "CVE-2024-27295", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27295" }, { "reference_url": "https://github.com/advisories/GHSA-qw9g-7549-7wg5", "reference_id": "GHSA-qw9g-7549-7wg5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qw9g-7549-7wg5" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-qw9g-7549-7wg5", "reference_id": "GHSA-qw9g-7549-7wg5", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-05T19:45:59Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-qw9g-7549-7wg5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/69219?format=api", "purl": "pkg:npm/directus@10.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-3trx-stq1-fkbf" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azpj-92x3-jyet" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-hvd7-28p5-q7fs" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-ut99-st7g-yqh6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.8.3" } ], "aliases": [ "CVE-2024-27295", "GHSA-qw9g-7549-7wg5" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pdb5-hm2r-xfga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44754?format=api", "vulnerability_id": "VCID-qb7x-z5hp-qqcx", "summary": "Insertion of Sensitive Information into Log File\nDirectus is a real-time API and App dashboard for managing SQL database content. Prior to version 9.23.3, the `directus_refresh_token` is not redacted properly from the log outputs and can be used to impersonate users without their permission. This issue is patched in version 9.23.3.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19179", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19249", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19293", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.192", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19296", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28443" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/blob/7c479c5161639aac466c763b6b958a9524201d74/api/src/logger.ts#L13", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-21T15:28:44Z/" } ], "url": "https://github.com/directus/directus/blob/7c479c5161639aac466c763b6b958a9524201d74/api/src/logger.ts#L13" }, { "reference_url": "https://github.com/directus/directus/commit/349536303983ccba68ecb3e4fb35315424011afc", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-21T15:28:44Z/" } ], "url": "https://github.com/directus/directus/commit/349536303983ccba68ecb3e4fb35315424011afc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28443", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28443" }, { "reference_url": "https://github.com/advisories/GHSA-8vg2-wf3q-mwv7", "reference_id": "GHSA-8vg2-wf3q-mwv7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8vg2-wf3q-mwv7" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-8vg2-wf3q-mwv7", "reference_id": "GHSA-8vg2-wf3q-mwv7", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-21T15:28:44Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-8vg2-wf3q-mwv7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/64399?format=api", "purl": "pkg:npm/directus@9.23.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-3trx-stq1-fkbf" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-azpj-92x3-jyet" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e1s2-fxgd-3ud8" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-hvd7-28p5-q7fs" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-pdb5-hm2r-xfga" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-t16j-g2em-wqem" }, { "vulnerability": "VCID-tjsu-gczu-9kdj" }, { "vulnerability": "VCID-ut99-st7g-yqh6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.23.3" } ], "aliases": [ "CVE-2023-28443", "GHSA-8vg2-wf3q-mwv7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qb7x-z5hp-qqcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48381?format=api", "vulnerability_id": "VCID-r972-eutc-73fh", "summary": "Directus has Improper Permission Handling on Deleted Fields\nDirectus does not properly clean up field-level permissions when a field is deleted. If a new field with the same name is created later, the system automatically re-applies the old permissions, which can lead to unauthorized access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64746", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12595", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12676", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12709", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12705", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64746" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/84d7636969083387164ce5d2fd15a65e11e2d0b8", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:18:13Z/" } ], "url": "https://github.com/directus/directus/commit/84d7636969083387164ce5d2fd15a65e11e2d0b8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64746", "reference_id": "CVE-2025-64746", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64746" }, { "reference_url": "https://github.com/advisories/GHSA-9x5g-62gj-wqf2", "reference_id": "GHSA-9x5g-62gj-wqf2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9x5g-62gj-wqf2" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-9x5g-62gj-wqf2", "reference_id": "GHSA-9x5g-62gj-wqf2", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:18:13Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-9x5g-62gj-wqf2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/71386?format=api", "purl": "pkg:npm/directus@11.13.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.13.0" } ], "aliases": [ "CVE-2025-64746", "GHSA-9x5g-62gj-wqf2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r972-eutc-73fh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47183?format=api", "vulnerability_id": "VCID-t16j-g2em-wqem", "summary": "Directus version number disclosure\n### Impact\n\nCurrently the exact Directus version number is being shipped in compiled JS bundles which are accessible without authentication. With this information a malicious attacker can trivially look for known vulnerabilities in Directus core or any of its shipped dependencies in that specific running version.\n\n### Patches\n\nThe problem has been resolved in versions 10.8.3 and newer\n\n### Workarounds\n\nNone", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27296", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63449", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63456", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63437", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63458", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63451", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27296" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/a5a1c26ac48795ed3212a4c51b9523588aff4fa0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-01T19:28:33Z/" } ], "url": "https://github.com/directus/directus/commit/a5a1c26ac48795ed3212a4c51b9523588aff4fa0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27296", "reference_id": "CVE-2024-27296", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27296" }, { "reference_url": "https://github.com/advisories/GHSA-5mhg-wv8w-p59j", "reference_id": "GHSA-5mhg-wv8w-p59j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5mhg-wv8w-p59j" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-5mhg-wv8w-p59j", "reference_id": "GHSA-5mhg-wv8w-p59j", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-03-01T19:28:33Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-5mhg-wv8w-p59j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/69219?format=api", "purl": "pkg:npm/directus@10.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-3trx-stq1-fkbf" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azpj-92x3-jyet" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-hvd7-28p5-q7fs" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-ut99-st7g-yqh6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.8.3" } ], "aliases": [ "CVE-2024-27296", "GHSA-5mhg-wv8w-p59j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t16j-g2em-wqem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44581?format=api", "vulnerability_id": "VCID-tz3z-smv5-3ydd", "summary": "Directus is a real-time API and App dashboard for managing SQL database content. Directus is vulnerable to Server-Side Request Forgery (SSRF) when importing a file from a remote web server (POST to `/files/import`). An attacker can bypass the security controls by performing a DNS rebinding attack and view sensitive data from internal servers or perform a local port scan. An attacker can exploit this vulnerability to access highly sensitive internal server(s) and steal sensitive information. This issue was fixed in version 9.23.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-26492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45852", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45839", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45826", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.458", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45869", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45873", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-26492" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/ff53d3e69a602d05342e15d9bb616884833ddbff", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:38Z/" } ], "url": "https://github.com/directus/directus/commit/ff53d3e69a602d05342e15d9bb616884833ddbff" }, { "reference_url": "https://github.com/directus/directus/releases/tag/v9.23.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:38Z/" } ], "url": "https://github.com/directus/directus/releases/tag/v9.23.0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26492", "reference_id": "CVE-2023-26492", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26492" }, { "reference_url": "https://github.com/advisories/GHSA-j3rg-3rgm-537h", "reference_id": "GHSA-j3rg-3rgm-537h", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j3rg-3rgm-537h" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-j3rg-3rgm-537h", "reference_id": "GHSA-j3rg-3rgm-537h", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:30:38Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-j3rg-3rgm-537h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/64237?format=api", "purl": "pkg:npm/directus@9.23.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-tjsu-gczu-9kdj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.23.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/64147?format=api", "purl": "pkg:npm/directus@9.23.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-3trx-stq1-fkbf" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-azpj-92x3-jyet" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e1s2-fxgd-3ud8" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-hvd7-28p5-q7fs" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-pdb5-hm2r-xfga" }, { "vulnerability": "VCID-qb7x-z5hp-qqcx" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-t16j-g2em-wqem" }, { "vulnerability": "VCID-tjsu-gczu-9kdj" }, { "vulnerability": "VCID-ut99-st7g-yqh6" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.23.1" } ], "aliases": [ "CVE-2023-26492", "GHSA-j3rg-3rgm-537h" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tz3z-smv5-3ydd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54780?format=api", "vulnerability_id": "VCID-ut99-st7g-yqh6", "summary": "Directus allows redacted data extraction on the API through \"alias\"\nA user with permission to view any collection using redacted hashed fields can get access the raw stored version using the `alias` functionality on the API.\nNormally, these redacted fields will return `**********` however if we change the request to `?alias[workaround]=redacted` we can instead retrieve the plain text value for the field.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34708", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55745", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55746", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55727", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55757", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55751", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34708" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/e70a90c267bea695afce6545174c2b77517d617b", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T15:21:26Z/" } ], "url": "https://github.com/directus/directus/commit/e70a90c267bea695afce6545174c2b77517d617b" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34708", "reference_id": "CVE-2024-34708", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34708" }, { "reference_url": "https://github.com/advisories/GHSA-p8v3-m643-4xqx", "reference_id": "GHSA-p8v3-m643-4xqx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p8v3-m643-4xqx" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-p8v3-m643-4xqx", "reference_id": "GHSA-p8v3-m643-4xqx", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T15:21:26Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-p8v3-m643-4xqx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81244?format=api", "purl": "pkg:npm/directus@10.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-22vf-zyed-nyf8" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b5vw-9vy2-xbev" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-gkde-rn6p-rba5" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-hvd7-28p5-q7fs" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-n6nd-tbf1-k7aj" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z5ka-gqzc-kued" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.11.0" } ], "aliases": [ "CVE-2024-34708", "GHSA-p8v3-m643-4xqx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ut99-st7g-yqh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89718?format=api", "vulnerability_id": "VCID-v44m-ug4p-mqhv", "summary": "Directus: TUS Upload Authorization Bypass Allows Arbitrary File Overwrite\n## Summary\n\nDirectus' TUS resumable upload endpoint (`/files/tus`) allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only collection-level authorization checks, verifying the user has some permission on `directus_files`, but never validates item-level access to the specific file being replaced. As a result, row-level permission rules (e.g., \"users can only update their own files\") are completely bypassed via the TUS path while being correctly enforced on the standard REST upload path.\n\n## Impact\n\n- **Arbitrary file overwrite:** Any authenticated user with basic TUS upload permissions can overwrite any file in `directus_files` by UUID, regardless of row-level permission rules.\n- **Permanent data loss:** The victim file's original stored bytes are deleted from storage and replaced with attacker-controlled content.\n- **Metadata corruption:** The victim file's database record is updated with the attacker's filename, type, and size metadata.\nPrivilege escalation potential: If admin-owned files (e.g., application assets, templates) are stored in `directus_files`, a low-privilege user could replace them with malicious content.\n\n## Workaround\n\nDisable TUS uploads by setting `TUS_ENABLED=false` if resumable uploads are not required.\n\n## Credit\n\nThis vulnerability was discovered and reported by [bugbunny.ai](https://bugbunny.ai).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0251", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02439", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02453", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02512", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35412" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-qqmv-5p3g-px89", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T16:23:08Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-qqmv-5p3g-px89" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35412", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35412" }, { "reference_url": "https://github.com/advisories/GHSA-qqmv-5p3g-px89", "reference_id": "GHSA-qqmv-5p3g-px89", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qqmv-5p3g-px89" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/110102?format=api", "purl": "pkg:npm/directus@11.16.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.16.1" } ], "aliases": [ "CVE-2026-35412", "GHSA-qqmv-5p3g-px89" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v44m-ug4p-mqhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89166?format=api", "vulnerability_id": "VCID-v46e-qqux-7fdq", "summary": "Directus: Open Redirect in Admin 2FA Setup Page\n### Summary\n\nDirectus is vulnerable to an Open Redirect via the redirect query parameter on the `/admin/tfa-setup` page. When an administrator who has not yet configured Two-Factor Authentication (2FA) visits a crafted URL, they are presented with the legitimate Directus 2FA setup page. After completing the setup process, the application redirects the user to the attacker-controlled URL specified in the `redirect` parameter without any validation.\n\nThis vulnerability could be used in phishing attacks targeting Directus administrators, as the initial interaction occurs on a trusted domain.\n\n### Credits\nDiscovered by Neo by ProjectDiscovery (https://neo.projectdiscovery.io/)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35411", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05302", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.0524", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.0528", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05286", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35411" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-q75c-4gmv-mg9x", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T13:36:55Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-q75c-4gmv-mg9x" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35411", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35411" }, { "reference_url": "https://github.com/advisories/GHSA-q75c-4gmv-mg9x", "reference_id": "GHSA-q75c-4gmv-mg9x", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q75c-4gmv-mg9x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/110102?format=api", "purl": "pkg:npm/directus@11.16.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.16.1" } ], "aliases": [ "CVE-2026-35411", "GHSA-q75c-4gmv-mg9x" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v46e-qqux-7fdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89867?format=api", "vulnerability_id": "VCID-wvhh-m37j-nff5", "summary": "Directus: Authenticated Users Can Extract Concealed Fields via Aggregate Queries\n### Summary\n\nAggregate functions (`min`, `max`) applied to fields with the `conceal` special type incorrectly return raw database values instead of the masked placeholder. When combined with `groupBy`, any authenticated user with read access to the affected collection can extract concealed field values, including static API tokens and two-factor authentication secrets from `directus_users`.\n\n### Details\n\nFields marked with `conceal` are protected by payload processing logic that replaces real values with a masked placeholder on read. This protection works correctly for standard item queries, but aggregate query results are structured differently, operations are nested under their function name rather than appearing as flat field keys. The masking logic does not account for this nested structure, causing it to silently skip concealed fields in aggregate responses and return their raw values to the client.\n\n### Impact\n\n- **Account Takeover** An authenticated attacker can harvest static API tokens for all users, including administrators, enabling immediate authentication as any account without credentials.\n\n- **2FA Bypass** TOTP seeds stored in directus_users can similarly be extracted, allowing an attacker to bypass two-factor authentication for any account.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35442", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04825", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04766", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04804", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04814", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35442" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-38hg-ww64-rrwc", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-07T13:30:05Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-38hg-ww64-rrwc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35442", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35442" }, { "reference_url": "https://github.com/advisories/GHSA-38hg-ww64-rrwc", "reference_id": "GHSA-38hg-ww64-rrwc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-38hg-ww64-rrwc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/110629?format=api", "purl": "pkg:npm/directus@11.17.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.17.0" } ], "aliases": [ "CVE-2026-35442", "GHSA-38hg-ww64-rrwc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wvhh-m37j-nff5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56983?format=api", "vulnerability_id": "VCID-ydha-8cmf-hbdx", "summary": "Directus `search` query parameter allows enumeration of non permitted fields\nThe `search` query parameter allows users with access to a collection to filter items based on fields they do not have permission to view. This allows the enumeration of unknown field contents.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30352", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34446", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34482", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34423", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34466", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34403", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30352" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/ac5a9964d9926f20dc063a74cb417dc7bbad676d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-27T15:14:43Z/" } ], "url": "https://github.com/directus/directus/commit/ac5a9964d9926f20dc063a74cb417dc7bbad676d" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30352", "reference_id": "CVE-2025-30352", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30352" }, { "reference_url": "https://github.com/advisories/GHSA-7wq3-jr35-275c", "reference_id": "GHSA-7wq3-jr35-275c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7wq3-jr35-275c" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-7wq3-jr35-275c", "reference_id": "GHSA-7wq3-jr35-275c", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-27T15:14:43Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-7wq3-jr35-275c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/84601?format=api", "purl": "pkg:npm/directus@11.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.5.0" } ], "aliases": [ "CVE-2025-30352", "GHSA-7wq3-jr35-275c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ydha-8cmf-hbdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55701?format=api", "vulnerability_id": "VCID-z5ka-gqzc-kued", "summary": "Duplicate\nThis advisory duplicates another.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.30803", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.30754", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.30737", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.30769", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.30837", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6533" }, { "reference_url": "https://directus.io", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://directus.io" }, { "reference_url": "https://fluidattacks.com/advisories/bocelli", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T17:30:37Z/" } ], "url": "https://fluidattacks.com/advisories/bocelli" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6533", "reference_id": "CVE-2024-6533", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6533" }, { "reference_url": "https://directus.io/", "reference_id": "directus.io", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T17:30:37Z/" } ], "url": "https://directus.io/" }, { "reference_url": "https://github.com/advisories/GHSA-qf6h-p3mr-vmh5", "reference_id": "GHSA-qf6h-p3mr-vmh5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qf6h-p3mr-vmh5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/513607?format=api", "purl": "pkg:npm/directus@10.13.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9uhu-w6qs-63ez" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b5vw-9vy2-xbev" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-n6nd-tbf1-k7aj" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" }, { "vulnerability": "VCID-z7yb-1fvm-bqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.13.1" } ], "aliases": [ "CVE-2024-6533", "GHSA-qf6h-p3mr-vmh5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z5ka-gqzc-kued" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55857?format=api", "vulnerability_id": "VCID-z7yb-1fvm-bqes", "summary": "Directus vulnerable to SSRF Loopback IP filter bypass\nIf you're relying on blocking access to localhost using the default `0.0.0.0` filter this can be bypassed using other registered loopback devices (like `127.0.0.2` - `127.127.127.127`)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46990", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.47009", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.4699", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.4698", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.47026", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.47023", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46990" }, { "reference_url": "https://github.com/directus/directus", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/directus/directus" }, { "reference_url": "https://github.com/directus/directus/commit/4aace0bbe57232e38cd6a287ee475293e46dc91b", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T18:14:11Z/" } ], "url": "https://github.com/directus/directus/commit/4aace0bbe57232e38cd6a287ee475293e46dc91b" }, { "reference_url": "https://github.com/directus/directus/commit/769fa22797bff5a9231599883b391e013f122e52", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T18:14:11Z/" } ], "url": "https://github.com/directus/directus/commit/769fa22797bff5a9231599883b391e013f122e52" }, { "reference_url": "https://github.com/directus/directus/commit/8cbf943b65fd4a763d09a5fdbba8996b1e7797ff", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T18:14:11Z/" } ], "url": "https://github.com/directus/directus/commit/8cbf943b65fd4a763d09a5fdbba8996b1e7797ff" }, { "reference_url": "https://github.com/directus/directus/commit/c1f3ccc681595038d094ce110ddeee38cb38f431", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T18:14:11Z/" } ], "url": "https://github.com/directus/directus/commit/c1f3ccc681595038d094ce110ddeee38cb38f431" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46990", "reference_id": "CVE-2024-46990", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46990" }, { "reference_url": "https://github.com/advisories/GHSA-68g8-c275-xf2m", "reference_id": "GHSA-68g8-c275-xf2m", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-68g8-c275-xf2m" }, { "reference_url": "https://github.com/directus/directus/security/advisories/GHSA-68g8-c275-xf2m", "reference_id": "GHSA-68g8-c275-xf2m", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "5.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T18:14:11Z/" } ], "url": "https://github.com/directus/directus/security/advisories/GHSA-68g8-c275-xf2m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/82593?format=api", "purl": "pkg:npm/directus@10.13.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@10.13.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/82592?format=api", "purl": "pkg:npm/directus@11.0.0-rc.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9pfu-bhz9-13ea" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b5vw-9vy2-xbev" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-n6nd-tbf1-k7aj" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.0.0-rc.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/82594?format=api", "purl": "pkg:npm/directus@11.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-223k-jar9-ckg1" }, { "vulnerability": "VCID-2bhb-q64y-mqhq" }, { "vulnerability": "VCID-4822-z5gh-zqbw" }, { "vulnerability": "VCID-4jcf-fjd5-pydt" }, { "vulnerability": "VCID-77h9-g53b-qucq" }, { "vulnerability": "VCID-8zhr-k6sm-7yf6" }, { "vulnerability": "VCID-98ug-cruq-e3he" }, { "vulnerability": "VCID-9qru-zceb-8kb2" }, { "vulnerability": "VCID-9y4r-6qtg-83cs" }, { "vulnerability": "VCID-ab99-17mk-kuee" }, { "vulnerability": "VCID-azsd-u8r6-kqcd" }, { "vulnerability": "VCID-b5vw-9vy2-xbev" }, { "vulnerability": "VCID-b7uq-h31v-5ua1" }, { "vulnerability": "VCID-d7x4-xpyz-9ybv" }, { "vulnerability": "VCID-depg-4gcv-ekb9" }, { "vulnerability": "VCID-e6pq-efd4-yfbd" }, { "vulnerability": "VCID-ej7k-saka-huae" }, { "vulnerability": "VCID-ew63-hmst-d7ct" }, { "vulnerability": "VCID-fzg2-jhe9-8udy" }, { "vulnerability": "VCID-h9sb-tucg-b3fw" }, { "vulnerability": "VCID-hp3s-jfj1-efdy" }, { "vulnerability": "VCID-j9tx-h9v5-w7am" }, { "vulnerability": "VCID-m4z2-58pn-k3cb" }, { "vulnerability": "VCID-n6nd-tbf1-k7aj" }, { "vulnerability": "VCID-nug7-m3d7-f7gq" }, { "vulnerability": "VCID-p9j6-rpp2-bqd6" }, { "vulnerability": "VCID-r972-eutc-73fh" }, { "vulnerability": "VCID-v44m-ug4p-mqhv" }, { "vulnerability": "VCID-v46e-qqux-7fdq" }, { "vulnerability": "VCID-wvhh-m37j-nff5" }, { "vulnerability": "VCID-xk1e-dcny-akgb" }, { "vulnerability": "VCID-ydha-8cmf-hbdx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@11.1.0" } ], "aliases": [ "CVE-2024-46990", "GHSA-68g8-c275-xf2m" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z7yb-1fvm-bqes" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/directus@9.0.0-alpha.33" }