Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/%40strapi/plugin-content-manager@0.0.0-next.734763e5757af27ff96ad1c9662161f3f677052a
Typenpm
Namespace@strapi
Nameplugin-content-manager
Version0.0.0-next.734763e5757af27ff96ad1c9662161f3f677052a
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.19.1
Latest_non_vulnerable_version4.19.1
Affected_by_vulnerabilities
0
url VCID-8fa9-9978-fbh7
vulnerability_id VCID-8fa9-9978-fbh7
summary Strapi is an open-source content management system. Prior to version 4.19.1, a super admin can create a collection where an item in the collection has an association to another collection. When this happens, another user with Author Role can see the list of associated items they did not create. They should see nothing but their own items they created not all items ever created. Users should upgrade @strapi/plugin-content-manager to version 4.19.1 to receive a patch.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-29181
reference_id
reference_type
scores
0
value 0.00433
scoring_system epss
scoring_elements 0.63254
published_at 2026-06-14T12:55:00Z
1
value 0.00433
scoring_system epss
scoring_elements 0.63246
published_at 2026-06-12T12:55:00Z
2
value 0.00433
scoring_system epss
scoring_elements 0.63144
published_at 2026-06-11T12:55:00Z
3
value 0.00433
scoring_system epss
scoring_elements 0.63257
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-29181
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-29181
reference_id CVE-2024-29181
reference_type
scores
0
value 2.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-29181
2
reference_url https://github.com/strapi/strapi/commit/e1dfd4d9f1cab25cf6da3614c1975e4e508e01c6
reference_id e1dfd4d9f1cab25cf6da3614c1975e4e508e01c6
reference_type
scores
0
value 2.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T15:34:46Z/
url https://github.com/strapi/strapi/commit/e1dfd4d9f1cab25cf6da3614c1975e4e508e01c6
3
reference_url https://github.com/advisories/GHSA-6j89-frxc-q26m
reference_id GHSA-6j89-frxc-q26m
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6j89-frxc-q26m
4
reference_url https://github.com/strapi/strapi/security/advisories/GHSA-6j89-frxc-q26m
reference_id GHSA-6j89-frxc-q26m
reference_type
scores
0
value 2.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T15:34:46Z/
url https://github.com/strapi/strapi/security/advisories/GHSA-6j89-frxc-q26m
fixed_packages
0
url pkg:npm/%40strapi/plugin-content-manager@4.19.1
purl pkg:npm/%40strapi/plugin-content-manager@4.19.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540strapi/plugin-content-manager@4.19.1
aliases CVE-2024-29181, GHSA-6j89-frxc-q26m
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8fa9-9978-fbh7
Fixing_vulnerabilities
Risk_score1.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/%2540strapi/plugin-content-manager@0.0.0-next.734763e5757af27ff96ad1c9662161f3f677052a