Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-mtr5-suag-2bdj
Summary
Magento Open Source allows Incorrect Authorization
Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A privileged attacker could leverage this vulnerability to modify a minor functionality of another user's data. Exploitation of this issue does not require user interaction.
Aliases
0
alias CVE-2023-29288
1
alias GHSA-f989-3fp9-q3r2
Fixed_packages
0
url pkg:composer/magento/community-edition@2.4.4-p4
purl pkg:composer/magento/community-edition@2.4.4-p4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p4
1
url pkg:composer/magento/community-edition@2.4.5-p3
purl pkg:composer/magento/community-edition@2.4.5-p3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p3
Affected_packages
0
url pkg:composer/magento/community-edition@2.4.4-p1
purl pkg:composer/magento/community-edition@2.4.4-p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4-p1
1
url pkg:composer/magento/community-edition@2.4.4
purl pkg:composer/magento/community-edition@2.4.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.4
2
url pkg:composer/magento/community-edition@2.4.5-p1
purl pkg:composer/magento/community-edition@2.4.5-p1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5-p1
3
url pkg:composer/magento/community-edition@2.4.5
purl pkg:composer/magento/community-edition@2.4.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7ewa-w75h-qfdy
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-d2ab-j8bf-e7dx
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-hh8a-mgkk-3yb5
12
vulnerability VCID-j124-q39m-mkby
13
vulnerability VCID-j5vp-2jrx-ukf4
14
vulnerability VCID-jhd5-tqph-3ufu
15
vulnerability VCID-kxnm-y19k-mqg2
16
vulnerability VCID-m83v-51cy-uqar
17
vulnerability VCID-msac-ptqf-pyg1
18
vulnerability VCID-mtr5-suag-2bdj
19
vulnerability VCID-p222-28c1-vfhy
20
vulnerability VCID-qfw5-3tdu-x7g4
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-upcj-z3c1-ubcf
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.5
4
url pkg:composer/magento/community-edition@2.4.6
purl pkg:composer/magento/community-edition@2.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-3et4-3zad-1qfn
2
vulnerability VCID-525q-afzj-tkcp
3
vulnerability VCID-7s7e-adr6-h3dc
4
vulnerability VCID-az2w-5xhy-5fe4
5
vulnerability VCID-b4jg-dj1a-9qd5
6
vulnerability VCID-cafy-5dd8-rudj
7
vulnerability VCID-cgwk-hn4t-n7c1
8
vulnerability VCID-dj5a-35gt-u7dn
9
vulnerability VCID-dx43-89w9-a7dg
10
vulnerability VCID-fzam-yuyg-qyd5
11
vulnerability VCID-j124-q39m-mkby
12
vulnerability VCID-j5vp-2jrx-ukf4
13
vulnerability VCID-jhd5-tqph-3ufu
14
vulnerability VCID-kxnm-y19k-mqg2
15
vulnerability VCID-m83v-51cy-uqar
16
vulnerability VCID-msac-ptqf-pyg1
17
vulnerability VCID-mtr5-suag-2bdj
18
vulnerability VCID-p222-28c1-vfhy
19
vulnerability VCID-qfw5-3tdu-x7g4
20
vulnerability VCID-qrwc-3gsb-zkfy
21
vulnerability VCID-r7nh-arcj-8fb3
22
vulnerability VCID-rbjk-3gcs-2qb5
23
vulnerability VCID-rf6p-ct86-5bgz
24
vulnerability VCID-ruru-fwmn-5kes
25
vulnerability VCID-s5e2-d6n8-kkbr
26
vulnerability VCID-th7y-aj51-mbaj
27
vulnerability VCID-w3zd-fezc-nuhd
28
vulnerability VCID-wjfe-wh5k-1qft
29
vulnerability VCID-ws6y-k3tx-r3gb
30
vulnerability VCID-x46d-a16g-nkg9
31
vulnerability VCID-y4r1-yr69-uuf6
32
vulnerability VCID-yuvf-e7hk-kqf9
33
vulnerability VCID-yyq6-dvyx-3bb9
34
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.6
5
url pkg:composer/magento/project-community-edition@2.0.2
purl pkg:composer/magento/project-community-edition@2.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2h52-3pt6-dfcw
1
vulnerability VCID-36ve-7wxt-z7fz
2
vulnerability VCID-3et4-3zad-1qfn
3
vulnerability VCID-525q-afzj-tkcp
4
vulnerability VCID-7s7e-adr6-h3dc
5
vulnerability VCID-az2w-5xhy-5fe4
6
vulnerability VCID-b4jg-dj1a-9qd5
7
vulnerability VCID-b5hn-f1qk-z7cu
8
vulnerability VCID-cafy-5dd8-rudj
9
vulnerability VCID-cgwk-hn4t-n7c1
10
vulnerability VCID-d2ab-j8bf-e7dx
11
vulnerability VCID-dj5a-35gt-u7dn
12
vulnerability VCID-dx43-89w9-a7dg
13
vulnerability VCID-fzam-yuyg-qyd5
14
vulnerability VCID-hh8a-mgkk-3yb5
15
vulnerability VCID-j124-q39m-mkby
16
vulnerability VCID-j5vp-2jrx-ukf4
17
vulnerability VCID-jhd5-tqph-3ufu
18
vulnerability VCID-kxnm-y19k-mqg2
19
vulnerability VCID-m83v-51cy-uqar
20
vulnerability VCID-msac-ptqf-pyg1
21
vulnerability VCID-mtr5-suag-2bdj
22
vulnerability VCID-nn21-hf8r-ykfd
23
vulnerability VCID-p222-28c1-vfhy
24
vulnerability VCID-qfw5-3tdu-x7g4
25
vulnerability VCID-qrwc-3gsb-zkfy
26
vulnerability VCID-r7nh-arcj-8fb3
27
vulnerability VCID-rbjk-3gcs-2qb5
28
vulnerability VCID-rf6p-ct86-5bgz
29
vulnerability VCID-ruru-fwmn-5kes
30
vulnerability VCID-s5e2-d6n8-kkbr
31
vulnerability VCID-th7y-aj51-mbaj
32
vulnerability VCID-upcj-z3c1-ubcf
33
vulnerability VCID-w3zd-fezc-nuhd
34
vulnerability VCID-wjfe-wh5k-1qft
35
vulnerability VCID-ws6y-k3tx-r3gb
36
vulnerability VCID-x46d-a16g-nkg9
37
vulnerability VCID-y4r1-yr69-uuf6
38
vulnerability VCID-y93w-2qcc-wqg8
39
vulnerability VCID-yuvf-e7hk-kqf9
40
vulnerability VCID-yyq6-dvyx-3bb9
41
vulnerability VCID-zt9b-9sjx-7qb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/magento/project-community-edition@2.0.2
References
0
reference_url https://github.com/magento/magento2
reference_id
reference_type
scores
url https://github.com/magento/magento2
1
reference_url https://helpx.adobe.com/security/products/magento/apsb23-35.html
reference_id
reference_type
scores
url https://helpx.adobe.com/security/products/magento/apsb23-35.html
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-29288
reference_id CVE-2023-29288
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-29288
3
reference_url https://github.com/advisories/GHSA-f989-3fp9-q3r2
reference_id GHSA-f989-3fp9-q3r2
reference_type
scores
url https://github.com/advisories/GHSA-f989-3fp9-q3r2
Weaknesses
0
cwe_id 863
name Incorrect Authorization
description The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
1
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
2
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-mtr5-suag-2bdj