Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-5udv-rheh-kqfy
Summary
Improper Access Control
A vulnerability in Tomcat leads to the exposure of resources to users that are not authorised to access them.
Aliases
0
alias CVE-2018-1305
1
alias GHSA-jx6h-3fjx-cgv5
Fixed_packages
0
url pkg:maven/org.apache.tomcat/tomcat@7.0.85
purl pkg:maven/org.apache.tomcat/tomcat@7.0.85
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.85
1
url pkg:maven/org.apache.tomcat/tomcat@9.0.5
purl pkg:maven/org.apache.tomcat/tomcat@9.0.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.5
2
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.85
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.85
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.85
3
url pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.5
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.5
Affected_packages
0
url pkg:maven/org.apache.tomcat/tomcat@7.0.0
purl pkg:maven/org.apache.tomcat/tomcat@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1b-3pdg-jbfq
1
vulnerability VCID-2kjh-4r2g-rqe6
2
vulnerability VCID-3txt-1psa-5kf5
3
vulnerability VCID-46sr-9kr3-1ubw
4
vulnerability VCID-4qcn-52ug-mbd5
5
vulnerability VCID-4t2h-jjhm-y7fq
6
vulnerability VCID-59dd-qzpt-aucm
7
vulnerability VCID-5m85-3zyu-7qak
8
vulnerability VCID-5udv-rheh-kqfy
9
vulnerability VCID-6umz-z8db-kqcy
10
vulnerability VCID-6uuq-2a39-yubx
11
vulnerability VCID-74c7-a56p-kufz
12
vulnerability VCID-89e9-m968-vfhe
13
vulnerability VCID-937w-2w2q-7fdy
14
vulnerability VCID-9hm5-e4dw-6ffe
15
vulnerability VCID-aar2-398x-p3d8
16
vulnerability VCID-atus-ryef-17h1
17
vulnerability VCID-axzz-cadr-b7fv
18
vulnerability VCID-dk58-p9py-rka9
19
vulnerability VCID-e2gy-1c6a-6fdf
20
vulnerability VCID-e72e-axdj-7qfw
21
vulnerability VCID-f4ka-47dk-zffs
22
vulnerability VCID-fu9h-e3jx-abe2
23
vulnerability VCID-g3vd-74yh-s7bn
24
vulnerability VCID-gmjm-6ck2-skgu
25
vulnerability VCID-hqzu-shyu-j3hp
26
vulnerability VCID-j1m6-79yt-f7h5
27
vulnerability VCID-jw6e-g8z9-43ej
28
vulnerability VCID-jzta-navk-87bn
29
vulnerability VCID-nnye-4xbb-kuf5
30
vulnerability VCID-nxb3-55eu-auhp
31
vulnerability VCID-pq53-6deg-abfx
32
vulnerability VCID-qhqg-ekuv-z7fc
33
vulnerability VCID-redv-2x5y-8khx
34
vulnerability VCID-s37s-p75k-27e6
35
vulnerability VCID-se44-f85s-xyex
36
vulnerability VCID-sk1w-8yt4-93cv
37
vulnerability VCID-tcmv-6ftg-fqen
38
vulnerability VCID-vsta-e8jg-4qa8
39
vulnerability VCID-wtke-y2cx-x3et
40
vulnerability VCID-xjj5-fy4e-e7ha
41
vulnerability VCID-y9hs-ymcm-3ucx
42
vulnerability VCID-yusx-ncpv-sfhg
43
vulnerability VCID-yvcg-96dp-r7e6
44
vulnerability VCID-zm75-zwps-h3fv
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.0
1
url pkg:maven/org.apache.tomcat/tomcat@7.0.84
purl pkg:maven/org.apache.tomcat/tomcat@7.0.84
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5udv-rheh-kqfy
1
vulnerability VCID-g3vd-74yh-s7bn
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@7.0.84
2
url pkg:maven/org.apache.tomcat/tomcat@8.0.0
purl pkg:maven/org.apache.tomcat/tomcat@8.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1a1b-3pdg-jbfq
1
vulnerability VCID-2kjh-4r2g-rqe6
2
vulnerability VCID-5udv-rheh-kqfy
3
vulnerability VCID-6umz-z8db-kqcy
4
vulnerability VCID-6uuq-2a39-yubx
5
vulnerability VCID-937w-2w2q-7fdy
6
vulnerability VCID-axzz-cadr-b7fv
7
vulnerability VCID-fukm-h3r6-s7cr
8
vulnerability VCID-g3vd-74yh-s7bn
9
vulnerability VCID-gmjm-6ck2-skgu
10
vulnerability VCID-hqzu-shyu-j3hp
11
vulnerability VCID-j1m6-79yt-f7h5
12
vulnerability VCID-jzta-navk-87bn
13
vulnerability VCID-nnye-4xbb-kuf5
14
vulnerability VCID-pq53-6deg-abfx
15
vulnerability VCID-q7g1-m4e7-pya4
16
vulnerability VCID-rtmv-qetu-yqfa
17
vulnerability VCID-se44-f85s-xyex
18
vulnerability VCID-vu84-dfwa-z3dg
19
vulnerability VCID-xjj5-fy4e-e7ha
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@8.0.0
3
url pkg:maven/org.apache.tomcat/tomcat@9.0.4
purl pkg:maven/org.apache.tomcat/tomcat@9.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5udv-rheh-kqfy
1
vulnerability VCID-g3vd-74yh-s7bn
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.tomcat/tomcat@9.0.4
References
0
reference_url https://access.redhat.com/errata/RHSA-2018:0465
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0465
1
reference_url https://access.redhat.com/errata/RHSA-2018:0466
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0466
2
reference_url https://access.redhat.com/errata/RHSA-2018:1320
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1320
3
reference_url https://access.redhat.com/errata/RHSA-2018:2939
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2939
4
reference_url https://access.redhat.com/errata/RHSA-2019:2205
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2205
5
reference_url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781@%3Cannounce.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781@%3Cannounce.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
22
reference_url https://lists.debian.org/debian-lts-announce/2018/03/msg00004.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/03/msg00004.html
23
reference_url https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html
24
reference_url https://lists.debian.org/debian-lts-announce/2018/07/msg00044.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/07/msg00044.html
25
reference_url https://security.netapp.com/advisory/ntap-20180706-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20180706-0001/
26
reference_url https://usn.ubuntu.com/3665-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3665-1/
27
reference_url https://www.debian.org/security/2018/dsa-4281
reference_id
reference_type
scores
url https://www.debian.org/security/2018/dsa-4281
28
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuapr2020.html
29
reference_url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
30
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
31
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
32
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
33
reference_url http://www.securityfocus.com/bid/103144
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/103144
34
reference_url http://www.securitytracker.com/id/1040428
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040428
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1305
reference_id CVE-2018-1305
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-1305
36
reference_url https://github.com/advisories/GHSA-jx6h-3fjx-cgv5
reference_id GHSA-jx6h-3fjx-cgv5
reference_type
scores
url https://github.com/advisories/GHSA-jx6h-3fjx-cgv5
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-5udv-rheh-kqfy