Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-y1y4-ruee-mbbz

Summary

Improper Authorization in @sap-cloud-sdk/core
Affected versions of `@sap-cloud-sdk/core` do not properly validate JWTs. The `verifyJwt()` function does not properly validate the URL from where the public verification key for the JWT can be downloaded. Any URL was trusted which makes it possible to provide a URL belonging to a manipulated JWT. Upgrade to or later.

Aliases

alias	GHSA-r2vw-jgq9-jqx2

alias	GMS-2020-37

Fixed_packages

url pkg:npm/%40sap-cloud-sdk/core@1.21.2

purl pkg:npm/%40sap-cloud-sdk/core@1.21.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2

Affected_packages

url pkg:npm/%40sap-cloud-sdk/core@1.19.0

purl pkg:npm/%40sap-cloud-sdk/core@1.19.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.0

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.1

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.1

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.3

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.3

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.6

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.6

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.7

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.7

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.8

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.8

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.9

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.9

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.12

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.12

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.17

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.17

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.18

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.18

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.19

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.19

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.20

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.20

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.21

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.21

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.21

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.22

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.22

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.23

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.23

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.23

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.24

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.24

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.24

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.25

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.25

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.25

url pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.26

purl pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.26

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.26

url pkg:npm/%40sap-cloud-sdk/core@1.20.0

purl pkg:npm/%40sap-cloud-sdk/core@1.20.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.0

url pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.0

purl pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.0

url pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.1

purl pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.1

url pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.2

purl pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.2

url pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.3

purl pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.3

url pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.4

purl pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.4

url pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.5

purl pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.5

url pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.6

purl pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.6

url pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.7

purl pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.7

url pkg:npm/%40sap-cloud-sdk/core@1.20.1

purl pkg:npm/%40sap-cloud-sdk/core@1.20.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-0bf1d899.11

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-0bf1d899.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-0bf1d899.11

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-319be49d.8

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-319be49d.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-319be49d.8

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-517a6d82.9

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-517a6d82.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-517a6d82.9

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.0

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.0

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.1

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.1

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.2

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.2

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.3

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.3

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.4

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.4

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.5

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.5

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.6

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.6

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.7

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.7

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.9

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.9

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.11

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.11

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.13

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.13

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.15

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.15

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.17

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.17

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.19

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.19

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.21

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.21

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.21

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.23

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.23

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.23

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.25

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.25

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.25

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.27

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.27

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.27

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.32

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.32

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.32

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.34

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.34

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.34

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.35

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.35

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.35

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.36

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.36

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.36

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-b406d7af.10

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-b406d7af.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-b406d7af.10

url pkg:npm/%40sap-cloud-sdk/core@1.20.2-f6a7e0bd.7

purl pkg:npm/%40sap-cloud-sdk/core@1.20.2-f6a7e0bd.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-f6a7e0bd.7

url pkg:npm/%40sap-cloud-sdk/core@1.21.0

purl pkg:npm/%40sap-cloud-sdk/core@1.21.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.0

url pkg:npm/%40sap-cloud-sdk/core@1.21.1-3902933.0

purl pkg:npm/%40sap-cloud-sdk/core@1.21.1-3902933.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-3902933.0

url pkg:npm/%40sap-cloud-sdk/core@1.21.1-2e6b619f.3

purl pkg:npm/%40sap-cloud-sdk/core@1.21.1-2e6b619f.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-2e6b619f.3

url pkg:npm/%40sap-cloud-sdk/core@1.21.1-7f787e81.4

purl pkg:npm/%40sap-cloud-sdk/core@1.21.1-7f787e81.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-7f787e81.4

url pkg:npm/%40sap-cloud-sdk/core@1.21.1-88b10c48.6

purl pkg:npm/%40sap-cloud-sdk/core@1.21.1-88b10c48.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-88b10c48.6

url pkg:npm/%40sap-cloud-sdk/core@1.21.1-cc126c9d.2

purl pkg:npm/%40sap-cloud-sdk/core@1.21.1-cc126c9d.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-cc126c9d.2

url pkg:npm/%40sap-cloud-sdk/core@1.21.1-d48b5e51.0

purl pkg:npm/%40sap-cloud-sdk/core@1.21.1-d48b5e51.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-d48b5e51.0

url pkg:npm/%40sap-cloud-sdk/core@1.21.1-d70aa00f.5

purl pkg:npm/%40sap-cloud-sdk/core@1.21.1-d70aa00f.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-d70aa00f.5

url pkg:npm/%40sap-cloud-sdk/core@1.21.1-e6a1b24b.1

purl pkg:npm/%40sap-cloud-sdk/core@1.21.1-e6a1b24b.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-e6a1b24b.1

url pkg:npm/%40sap-cloud-sdk/core@1.21.1

purl pkg:npm/%40sap-cloud-sdk/core@1.21.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1

url pkg:npm/%40sap-cloud-sdk/core@1.21.2-82386522.3

purl pkg:npm/%40sap-cloud-sdk/core@1.21.2-82386522.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-82386522.3

url pkg:npm/%40sap-cloud-sdk/core@1.21.2-18d895d0.7

purl pkg:npm/%40sap-cloud-sdk/core@1.21.2-18d895d0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-18d895d0.7

url pkg:npm/%40sap-cloud-sdk/core@1.21.2-19cf3cf8.1

purl pkg:npm/%40sap-cloud-sdk/core@1.21.2-19cf3cf8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-19cf3cf8.1

url pkg:npm/%40sap-cloud-sdk/core@1.21.2-364b5dcb.6

purl pkg:npm/%40sap-cloud-sdk/core@1.21.2-364b5dcb.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-364b5dcb.6

url pkg:npm/%40sap-cloud-sdk/core@1.21.2-80cb3463.2

purl pkg:npm/%40sap-cloud-sdk/core@1.21.2-80cb3463.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-80cb3463.2

url pkg:npm/%40sap-cloud-sdk/core@1.21.2-951e55ca.0

purl pkg:npm/%40sap-cloud-sdk/core@1.21.2-951e55ca.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-951e55ca.0

url pkg:npm/%40sap-cloud-sdk/core@1.21.2-d19fc554.4

purl pkg:npm/%40sap-cloud-sdk/core@1.21.2-d19fc554.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gwq-pd7m-3ubv

vulnerability	VCID-y1y4-ruee-mbbz

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-d19fc554.4

References

reference_url

https://www.npmjs.com/advisories/1540

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.npmjs.com/advisories/1540

reference_url

https://github.com/advisories/GHSA-r2vw-jgq9-jqx2

reference_id

GHSA-r2vw-jgq9-jqx2

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r2vw-jgq9-jqx2

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	285
name	Improper Authorization
description	The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y1y4-ruee-mbbz

Vulnerability Instance