Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-fb35-de6c-jyht
SummaryAn uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.
Aliases
0
alias CVE-2025-25011
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-25011
reference_id
reference_type
scores
0
value 0.00043
scoring_system epss
scoring_elements 0.13388
published_at 2026-06-11T12:55:00Z
1
value 0.00043
scoring_system epss
scoring_elements 0.13506
published_at 2026-06-12T12:55:00Z
2
value 0.00043
scoring_system epss
scoring_elements 0.13511
published_at 2026-06-13T12:55:00Z
3
value 0.00043
scoring_system epss
scoring_elements 0.13485
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-25011
1
reference_url https://discuss.elastic.co/t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558
reference_id 380558
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-02T03:55:50Z/
url https://discuss.elastic.co/t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558
Weaknesses
0
cwe_id 427
name Uncontrolled Search Path Element
description The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
Exploits
Severity_range_score7.0 - 7.0
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-fb35-de6c-jyht