Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-kymb-9kr6-fkd7
SummaryDrupal core Access control bypass
Aliases
0
alias GHSA-5x28-3f32-x523
Fixed_packages
0
url pkg:composer/drupal/drupal@8.7.11
purl pkg:composer/drupal/drupal@8.7.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xsh-7f63-v3df
1
vulnerability VCID-4p5n-ujzt-qfdx
2
vulnerability VCID-5821-1xss-8fdu
3
vulnerability VCID-b2x6-54c3-jqa2
4
vulnerability VCID-daa6-2qhc-3bhq
5
vulnerability VCID-e8mp-5awh-eybz
6
vulnerability VCID-f687-ubdn-37en
7
vulnerability VCID-gvey-a924-8qhf
8
vulnerability VCID-h93x-dbpr-q7cz
9
vulnerability VCID-j2g3-u36y-nqdv
10
vulnerability VCID-jgec-wuca-bbf1
11
vulnerability VCID-n2z8-yesj-9bea
12
vulnerability VCID-n6tq-72g7-afdg
13
vulnerability VCID-phkw-q4nd-m7hh
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.11
1
url pkg:composer/drupal/drupal@8.8.1
purl pkg:composer/drupal/drupal@8.8.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xsh-7f63-v3df
1
vulnerability VCID-4p5n-ujzt-qfdx
2
vulnerability VCID-5821-1xss-8fdu
3
vulnerability VCID-b2x6-54c3-jqa2
4
vulnerability VCID-bxh1-7fvj-zybm
5
vulnerability VCID-daa6-2qhc-3bhq
6
vulnerability VCID-e8mp-5awh-eybz
7
vulnerability VCID-f687-ubdn-37en
8
vulnerability VCID-gaay-gs4k-5fba
9
vulnerability VCID-gvey-a924-8qhf
10
vulnerability VCID-h93x-dbpr-q7cz
11
vulnerability VCID-j2g3-u36y-nqdv
12
vulnerability VCID-jgec-wuca-bbf1
13
vulnerability VCID-n2z8-yesj-9bea
14
vulnerability VCID-n6tq-72g7-afdg
15
vulnerability VCID-phkw-q4nd-m7hh
16
vulnerability VCID-swh1-rvuw-jqfx
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.1
Affected_packages
0
url pkg:composer/drupal/drupal@8.0.0
purl pkg:composer/drupal/drupal@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1unn-dn56-vufe
1
vulnerability VCID-1xsh-7f63-v3df
2
vulnerability VCID-2bnn-1wmq-ckdd
3
vulnerability VCID-2yyq-kyeu-uufc
4
vulnerability VCID-3k2a-rajw-87cb
5
vulnerability VCID-4p5n-ujzt-qfdx
6
vulnerability VCID-4un9-k6n8-nffu
7
vulnerability VCID-4yqy-eqn7-wkcf
8
vulnerability VCID-4zg8-2vm9-ubch
9
vulnerability VCID-51ze-a1zm-ukey
10
vulnerability VCID-55x9-nh66-1qh5
11
vulnerability VCID-5821-1xss-8fdu
12
vulnerability VCID-5txj-xsnq-ducf
13
vulnerability VCID-7kzf-7csh-wkds
14
vulnerability VCID-7qhc-n6hc-ukbu
15
vulnerability VCID-8fxw-fw46-yuar
16
vulnerability VCID-99sr-urzq-8few
17
vulnerability VCID-aknt-8ey4-m7hr
18
vulnerability VCID-ardj-zyxg-9ued
19
vulnerability VCID-az1b-uzab-jqdh
20
vulnerability VCID-b2x6-54c3-jqa2
21
vulnerability VCID-bavm-v6d9-sqd9
22
vulnerability VCID-bhyk-vjnk-e3af
23
vulnerability VCID-cfty-fvf7-3kcx
24
vulnerability VCID-crny-qmhc-tqfm
25
vulnerability VCID-d173-npte-yqdt
26
vulnerability VCID-dhzk-3ek4-2uf8
27
vulnerability VCID-e8mp-5awh-eybz
28
vulnerability VCID-e9pt-c5az-ebe2
29
vulnerability VCID-ejt8-umuh-g7e7
30
vulnerability VCID-f687-ubdn-37en
31
vulnerability VCID-f81c-sjqn-wbc3
32
vulnerability VCID-fbqa-6fpw-kyg9
33
vulnerability VCID-fmyh-mnq6-uyb9
34
vulnerability VCID-fx6n-du84-yya2
35
vulnerability VCID-g3u3-6dza-gkg7
36
vulnerability VCID-h93x-dbpr-q7cz
37
vulnerability VCID-hqyt-nhb4-4ycr
38
vulnerability VCID-hz2k-at38-wbeb
39
vulnerability VCID-j1yc-pqhw-pbh1
40
vulnerability VCID-j2g3-u36y-nqdv
41
vulnerability VCID-j545-f44v-w3cn
42
vulnerability VCID-j7zf-w99n-nfcf
43
vulnerability VCID-jecz-bm88-9uf1
44
vulnerability VCID-jgec-wuca-bbf1
45
vulnerability VCID-kd54-616n-wbcw
46
vulnerability VCID-kymb-9kr6-fkd7
47
vulnerability VCID-n5ur-2ytr-qbh5
48
vulnerability VCID-n6tq-72g7-afdg
49
vulnerability VCID-nqz7-ej49-ckay
50
vulnerability VCID-nszv-9z68-bqeu
51
vulnerability VCID-p6q6-apzp-pbbh
52
vulnerability VCID-pbqh-x6zw-duhn
53
vulnerability VCID-phkw-q4nd-m7hh
54
vulnerability VCID-pyjy-13mt-cyck
55
vulnerability VCID-qdwc-2mrq-6qgk
56
vulnerability VCID-qf91-4h5f-fuhv
57
vulnerability VCID-s8d1-k9q4-nkds
58
vulnerability VCID-sbnt-qndd-xubz
59
vulnerability VCID-svhr-wt5d-xbbq
60
vulnerability VCID-ta2u-bd9e-nfc7
61
vulnerability VCID-tj7d-ydqk-6kga
62
vulnerability VCID-ukc1-s92n-yydh
63
vulnerability VCID-unh6-xwtu-mkbt
64
vulnerability VCID-v2h1-1cfd-muft
65
vulnerability VCID-v4qa-rqty-p7fs
66
vulnerability VCID-vbkh-vghp-qqht
67
vulnerability VCID-vtwk-c1zr-jue5
68
vulnerability VCID-vzwv-ueuz-myar
69
vulnerability VCID-w85b-dws8-uyf1
70
vulnerability VCID-w9xe-83yw-mbhy
71
vulnerability VCID-waz7-ejwd-d3eh
72
vulnerability VCID-x5b9-68nh-rucd
73
vulnerability VCID-yy7m-f66v-fbhz
74
vulnerability VCID-zd4q-kddb-t3ha
75
vulnerability VCID-zhxf-bmyy-wff6
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0
1
url pkg:composer/drupal/drupal@8.8.0
purl pkg:composer/drupal/drupal@8.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xsh-7f63-v3df
1
vulnerability VCID-4gsc-v4nm-nke8
2
vulnerability VCID-4p5n-ujzt-qfdx
3
vulnerability VCID-4yqy-eqn7-wkcf
4
vulnerability VCID-5821-1xss-8fdu
5
vulnerability VCID-63my-dg24-t3dj
6
vulnerability VCID-7d6n-s61h-z3gz
7
vulnerability VCID-b2x6-54c3-jqa2
8
vulnerability VCID-bavm-v6d9-sqd9
9
vulnerability VCID-bxh1-7fvj-zybm
10
vulnerability VCID-daa6-2qhc-3bhq
11
vulnerability VCID-ddmy-kcmb-s7g7
12
vulnerability VCID-e8mp-5awh-eybz
13
vulnerability VCID-e9pt-c5az-ebe2
14
vulnerability VCID-f687-ubdn-37en
15
vulnerability VCID-gaay-gs4k-5fba
16
vulnerability VCID-gvey-a924-8qhf
17
vulnerability VCID-h93x-dbpr-q7cz
18
vulnerability VCID-j2g3-u36y-nqdv
19
vulnerability VCID-jecz-bm88-9uf1
20
vulnerability VCID-jgec-wuca-bbf1
21
vulnerability VCID-jq2w-q55u-8bbq
22
vulnerability VCID-kymb-9kr6-fkd7
23
vulnerability VCID-n2z8-yesj-9bea
24
vulnerability VCID-n6tq-72g7-afdg
25
vulnerability VCID-nf33-22v1-r3fj
26
vulnerability VCID-phkw-q4nd-m7hh
27
vulnerability VCID-swh1-rvuw-jqfx
28
vulnerability VCID-u6ud-1gef-1qbn
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.0
References
0
reference_url https://github.com/drupal/drupal
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/drupal/drupal
1
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2019-12-18-3.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2019-12-18-3.yaml
2
reference_url https://www.drupal.org/sa-core-2019-011
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2019-011
3
reference_url https://github.com/advisories/GHSA-5x28-3f32-x523
reference_id GHSA-5x28-3f32-x523
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5x28-3f32-x523
Weaknesses
0
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
1
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-kymb-9kr6-fkd7