Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-6v9c-1xtu-xuhf

Summary

Aliases

alias	CVE-2019-16738

alias	GHSA-7hwr-f745-5rwq

Fixed_packages

url	pkg:composer/mediawiki/core@1.31.4
purl	pkg:composer/mediawiki/core@1.31.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.31.4

url	pkg:composer/mediawiki/core@1.32.4
purl	pkg:composer/mediawiki/core@1.32.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.32.4

url	pkg:composer/mediawiki/core@1.33.1
purl	pkg:composer/mediawiki/core@1.33.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/mediawiki/core@1.33.1

url	pkg:deb/debian/mediawiki@1:1.31.4-1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.31.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.31.4-1%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dy2d-u1gz-13ay

vulnerability	VCID-hptv-c5aw-hug1

vulnerability	VCID-sxb8-md4u-5keg

vulnerability	VCID-tsf9-7a44-q7et

vulnerability	VCID-wmkn-nfpp-nkhx

vulnerability	VCID-ywtb-7f1t-bugv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/mediawiki@1:1.39.17-1%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hptv-c5aw-hug1

vulnerability	VCID-tsf9-7a44-q7et

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16738

reference_id

reference_type

scores

value	0.00415
scoring_system	epss
scoring_elements	0.61947
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16738

reference_url

https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2019-16738.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2019-16738.yaml

reference_url

https://github.com/wikimedia/mediawiki

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/wikimedia/mediawiki

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7OMG3BMUHGWTAPYTK2NXM6CXF6FYLOUO

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7OMG3BMUHGWTAPYTK2NXM6CXF6FYLOUO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QBAOLXETM5BOYQG6OQVHGB2LNLZUXVN6

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QBAOLXETM5BOYQG6OQVHGB2LNLZUXVN6

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7OMG3BMUHGWTAPYTK2NXM6CXF6FYLOUO

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7OMG3BMUHGWTAPYTK2NXM6CXF6FYLOUO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBAOLXETM5BOYQG6OQVHGB2LNLZUXVN6

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBAOLXETM5BOYQG6OQVHGB2LNLZUXVN6

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-16738

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-16738

reference_url

https://phabricator.wikimedia.org/T230402

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://phabricator.wikimedia.org/T230402

reference_url

https://seclists.org/bugtraq/2019/Oct/32

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://seclists.org/bugtraq/2019/Oct/32

reference_url

https://www.debian.org/security/2019/dsa-4545

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2019/dsa-4545

Weaknesses

cwe_id	200
name	Exposure of Sensitive Information to an Unauthorized Actor
description	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

cwe_id	862
name	Missing Authorization
description	The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6v9c-1xtu-xuhf

Vulnerability Instance