CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5256

In certain scenarios, Drupal's JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading to privilege escalation. This vulnerability only affects sites with the JSON:API module enabled, and can be mitigated by uninstalling JSON:API. The core REST and contributed GraphQL modules are not affected.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.016

EPSS Ranking 80.8%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2023-5256

Drupal » Drupal » Version: 10.0.0

cpe:2.3:a:drupal:drupal:10.0.0
Drupal » Drupal » Version: 10.0.1

cpe:2.3:a:drupal:drupal:10.0.1
Drupal » Drupal » Version: 10.0.10

cpe:2.3:a:drupal:drupal:10.0.10
Drupal » Drupal » Version: 10.0.2

cpe:2.3:a:drupal:drupal:10.0.2
Drupal » Drupal » Version: 10.0.3

cpe:2.3:a:drupal:drupal:10.0.3
Drupal » Drupal » Version: 10.0.4

cpe:2.3:a:drupal:drupal:10.0.4
Drupal » Drupal » Version: 10.0.5

cpe:2.3:a:drupal:drupal:10.0.5
Drupal » Drupal » Version: 10.0.6

cpe:2.3:a:drupal:drupal:10.0.6
Drupal » Drupal » Version: 10.0.7

cpe:2.3:a:drupal:drupal:10.0.7
Drupal » Drupal » Version: 10.0.8

cpe:2.3:a:drupal:drupal:10.0.8
Drupal » Drupal » Version: 10.0.9

cpe:2.3:a:drupal:drupal:10.0.9
Drupal » Drupal » Version: 10.1.0

cpe:2.3:a:drupal:drupal:10.1.0
Drupal » Drupal » Version: 10.1.1

cpe:2.3:a:drupal:drupal:10.1.1
Drupal » Drupal » Version: 10.1.2

cpe:2.3:a:drupal:drupal:10.1.2
Drupal » Drupal » Version: 10.1.3

cpe:2.3:a:drupal:drupal:10.1.3
Drupal » Drupal » Version: 8.7.0

cpe:2.3:a:drupal:drupal:8.7.0
Drupal » Drupal » Version: 8.7.1

cpe:2.3:a:drupal:drupal:8.7.1
Drupal » Drupal » Version: 8.7.10

cpe:2.3:a:drupal:drupal:8.7.10
Drupal » Drupal » Version: 8.7.11

cpe:2.3:a:drupal:drupal:8.7.11
Drupal » Drupal » Version: 8.7.12

cpe:2.3:a:drupal:drupal:8.7.12
Drupal » Drupal » Version: 8.7.13

cpe:2.3:a:drupal:drupal:8.7.13
Drupal » Drupal » Version: 8.7.14

cpe:2.3:a:drupal:drupal:8.7.14
Drupal » Drupal » Version: 8.7.2

cpe:2.3:a:drupal:drupal:8.7.2
Drupal » Drupal » Version: 8.7.3

cpe:2.3:a:drupal:drupal:8.7.3
Drupal » Drupal » Version: 8.7.4

cpe:2.3:a:drupal:drupal:8.7.4
Drupal » Drupal » Version: 8.7.5

cpe:2.3:a:drupal:drupal:8.7.5
Drupal » Drupal » Version: 8.7.6

cpe:2.3:a:drupal:drupal:8.7.6
Drupal » Drupal » Version: 8.7.7

cpe:2.3:a:drupal:drupal:8.7.7
Drupal » Drupal » Version: 8.7.8

cpe:2.3:a:drupal:drupal:8.7.8
Drupal » Drupal » Version: 8.7.9

cpe:2.3:a:drupal:drupal:8.7.9
Drupal » Drupal » Version: 8.8.0

cpe:2.3:a:drupal:drupal:8.8.0
Drupal » Drupal » Version: 8.8.1

cpe:2.3:a:drupal:drupal:8.8.1
Drupal » Drupal » Version: 8.8.10

cpe:2.3:a:drupal:drupal:8.8.10
Drupal » Drupal » Version: 8.8.11

cpe:2.3:a:drupal:drupal:8.8.11
Drupal » Drupal » Version: 8.8.12

cpe:2.3:a:drupal:drupal:8.8.12
Drupal » Drupal » Version: 8.8.2

cpe:2.3:a:drupal:drupal:8.8.2
Drupal » Drupal » Version: 8.8.3

cpe:2.3:a:drupal:drupal:8.8.3
Drupal » Drupal » Version: 8.8.4

cpe:2.3:a:drupal:drupal:8.8.4
Drupal » Drupal » Version: 8.8.5

cpe:2.3:a:drupal:drupal:8.8.5
Drupal » Drupal » Version: 8.8.6

cpe:2.3:a:drupal:drupal:8.8.6
Drupal » Drupal » Version: 8.8.7

cpe:2.3:a:drupal:drupal:8.8.7
Drupal » Drupal » Version: 8.8.8

cpe:2.3:a:drupal:drupal:8.8.8
Drupal » Drupal » Version: 8.8.9

cpe:2.3:a:drupal:drupal:8.8.9
Drupal » Drupal » Version: 8.9.0

cpe:2.3:a:drupal:drupal:8.9.0
Drupal » Drupal » Version: 8.9.1

cpe:2.3:a:drupal:drupal:8.9.1
Drupal » Drupal » Version: 8.9.10

cpe:2.3:a:drupal:drupal:8.9.10
Drupal » Drupal » Version: 8.9.11

cpe:2.3:a:drupal:drupal:8.9.11
Drupal » Drupal » Version: 8.9.12

cpe:2.3:a:drupal:drupal:8.9.12
Drupal » Drupal » Version: 8.9.13

cpe:2.3:a:drupal:drupal:8.9.13
Drupal » Drupal » Version: 8.9.14

cpe:2.3:a:drupal:drupal:8.9.14
Drupal » Drupal » Version: 8.9.15

cpe:2.3:a:drupal:drupal:8.9.15
Drupal » Drupal » Version: 8.9.16

cpe:2.3:a:drupal:drupal:8.9.16
Drupal » Drupal » Version: 8.9.17

cpe:2.3:a:drupal:drupal:8.9.17
Drupal » Drupal » Version: 8.9.18

cpe:2.3:a:drupal:drupal:8.9.18
Drupal » Drupal » Version: 8.9.19

cpe:2.3:a:drupal:drupal:8.9.19
Drupal » Drupal » Version: 8.9.2

cpe:2.3:a:drupal:drupal:8.9.2
Drupal » Drupal » Version: 8.9.20

cpe:2.3:a:drupal:drupal:8.9.20
Drupal » Drupal » Version: 8.9.3

cpe:2.3:a:drupal:drupal:8.9.3
Drupal » Drupal » Version: 8.9.4

cpe:2.3:a:drupal:drupal:8.9.4
Drupal » Drupal » Version: 8.9.5

cpe:2.3:a:drupal:drupal:8.9.5
Drupal » Drupal » Version: 8.9.6

cpe:2.3:a:drupal:drupal:8.9.6
Drupal » Drupal » Version: 8.9.7

cpe:2.3:a:drupal:drupal:8.9.7
Drupal » Drupal » Version: 8.9.8

cpe:2.3:a:drupal:drupal:8.9.8
Drupal » Drupal » Version: 8.9.9

cpe:2.3:a:drupal:drupal:8.9.9
Drupal » Drupal » Version: 9.0.0

cpe:2.3:a:drupal:drupal:9.0.0
Drupal » Drupal » Version: 9.0.1

cpe:2.3:a:drupal:drupal:9.0.1
Drupal » Drupal » Version: 9.0.10

cpe:2.3:a:drupal:drupal:9.0.10
Drupal » Drupal » Version: 9.0.11

cpe:2.3:a:drupal:drupal:9.0.11
Drupal » Drupal » Version: 9.0.12

cpe:2.3:a:drupal:drupal:9.0.12
Drupal » Drupal » Version: 9.0.13

cpe:2.3:a:drupal:drupal:9.0.13
Drupal » Drupal » Version: 9.0.14

cpe:2.3:a:drupal:drupal:9.0.14
Drupal » Drupal » Version: 9.0.2

cpe:2.3:a:drupal:drupal:9.0.2
Drupal » Drupal » Version: 9.0.3

cpe:2.3:a:drupal:drupal:9.0.3
Drupal » Drupal » Version: 9.0.4

cpe:2.3:a:drupal:drupal:9.0.4
Drupal » Drupal » Version: 9.0.5

cpe:2.3:a:drupal:drupal:9.0.5
Drupal » Drupal » Version: 9.0.6

cpe:2.3:a:drupal:drupal:9.0.6
Drupal » Drupal » Version: 9.0.7

cpe:2.3:a:drupal:drupal:9.0.7
Drupal » Drupal » Version: 9.0.8

cpe:2.3:a:drupal:drupal:9.0.8
Drupal » Drupal » Version: 9.0.9

cpe:2.3:a:drupal:drupal:9.0.9
Drupal » Drupal » Version: 9.1.0

cpe:2.3:a:drupal:drupal:9.1.0
Drupal » Drupal » Version: 9.1.1

cpe:2.3:a:drupal:drupal:9.1.1
Drupal » Drupal » Version: 9.1.10

cpe:2.3:a:drupal:drupal:9.1.10
Drupal » Drupal » Version: 9.1.11

cpe:2.3:a:drupal:drupal:9.1.11
Drupal » Drupal » Version: 9.1.12

cpe:2.3:a:drupal:drupal:9.1.12
Drupal » Drupal » Version: 9.1.13

cpe:2.3:a:drupal:drupal:9.1.13
Drupal » Drupal » Version: 9.1.14

cpe:2.3:a:drupal:drupal:9.1.14
Drupal » Drupal » Version: 9.1.15

cpe:2.3:a:drupal:drupal:9.1.15
Drupal » Drupal » Version: 9.1.2

cpe:2.3:a:drupal:drupal:9.1.2
Drupal » Drupal » Version: 9.1.3

cpe:2.3:a:drupal:drupal:9.1.3
Drupal » Drupal » Version: 9.1.4

cpe:2.3:a:drupal:drupal:9.1.4
Drupal » Drupal » Version: 9.1.5

cpe:2.3:a:drupal:drupal:9.1.5
Drupal » Drupal » Version: 9.1.6

cpe:2.3:a:drupal:drupal:9.1.6
Drupal » Drupal » Version: 9.1.7

cpe:2.3:a:drupal:drupal:9.1.7
Drupal » Drupal » Version: 9.1.8

cpe:2.3:a:drupal:drupal:9.1.8
Drupal » Drupal » Version: 9.1.9

cpe:2.3:a:drupal:drupal:9.1.9
Drupal » Drupal » Version: 9.2.0

cpe:2.3:a:drupal:drupal:9.2.0
Drupal » Drupal » Version: 9.2.1

cpe:2.3:a:drupal:drupal:9.2.1
Drupal » Drupal » Version: 9.2.10

cpe:2.3:a:drupal:drupal:9.2.10
Drupal » Drupal » Version: 9.2.11

cpe:2.3:a:drupal:drupal:9.2.11
Drupal » Drupal » Version: 9.2.12

cpe:2.3:a:drupal:drupal:9.2.12
Drupal » Drupal » Version: 9.2.13

cpe:2.3:a:drupal:drupal:9.2.13
Drupal » Drupal » Version: 9.2.14

cpe:2.3:a:drupal:drupal:9.2.14
Drupal » Drupal » Version: 9.2.15

cpe:2.3:a:drupal:drupal:9.2.15
Drupal » Drupal » Version: 9.2.16

cpe:2.3:a:drupal:drupal:9.2.16
Drupal » Drupal » Version: 9.2.17

cpe:2.3:a:drupal:drupal:9.2.17
Drupal » Drupal » Version: 9.2.18

cpe:2.3:a:drupal:drupal:9.2.18
Drupal » Drupal » Version: 9.2.19

cpe:2.3:a:drupal:drupal:9.2.19
Drupal » Drupal » Version: 9.2.2

cpe:2.3:a:drupal:drupal:9.2.2
Drupal » Drupal » Version: 9.2.20

cpe:2.3:a:drupal:drupal:9.2.20
Drupal » Drupal » Version: 9.2.21

cpe:2.3:a:drupal:drupal:9.2.21
Drupal » Drupal » Version: 9.2.3

cpe:2.3:a:drupal:drupal:9.2.3
Drupal » Drupal » Version: 9.2.4

cpe:2.3:a:drupal:drupal:9.2.4
Drupal » Drupal » Version: 9.2.5

cpe:2.3:a:drupal:drupal:9.2.5
Drupal » Drupal » Version: 9.2.6

cpe:2.3:a:drupal:drupal:9.2.6
Drupal » Drupal » Version: 9.2.7

cpe:2.3:a:drupal:drupal:9.2.7
Drupal » Drupal » Version: 9.2.8

cpe:2.3:a:drupal:drupal:9.2.8
Drupal » Drupal » Version: 9.2.9

cpe:2.3:a:drupal:drupal:9.2.9
Drupal » Drupal » Version: 9.3.0

cpe:2.3:a:drupal:drupal:9.3.0
Drupal » Drupal » Version: 9.3.1

cpe:2.3:a:drupal:drupal:9.3.1
Drupal » Drupal » Version: 9.3.10

cpe:2.3:a:drupal:drupal:9.3.10
Drupal » Drupal » Version: 9.3.11

cpe:2.3:a:drupal:drupal:9.3.11
Drupal » Drupal » Version: 9.3.12

cpe:2.3:a:drupal:drupal:9.3.12
Drupal » Drupal » Version: 9.3.13

cpe:2.3:a:drupal:drupal:9.3.13
Drupal » Drupal » Version: 9.3.14

cpe:2.3:a:drupal:drupal:9.3.14
Drupal » Drupal » Version: 9.3.15

cpe:2.3:a:drupal:drupal:9.3.15
Drupal » Drupal » Version: 9.3.16

cpe:2.3:a:drupal:drupal:9.3.16
Drupal » Drupal » Version: 9.3.18

cpe:2.3:a:drupal:drupal:9.3.18
Drupal » Drupal » Version: 9.3.19

cpe:2.3:a:drupal:drupal:9.3.19
Drupal » Drupal » Version: 9.3.2

cpe:2.3:a:drupal:drupal:9.3.2
Drupal » Drupal » Version: 9.3.20

cpe:2.3:a:drupal:drupal:9.3.20
Drupal » Drupal » Version: 9.3.21

cpe:2.3:a:drupal:drupal:9.3.21
Drupal » Drupal » Version: 9.3.22

cpe:2.3:a:drupal:drupal:9.3.22
Drupal » Drupal » Version: 9.3.3

cpe:2.3:a:drupal:drupal:9.3.3
Drupal » Drupal » Version: 9.3.4

cpe:2.3:a:drupal:drupal:9.3.4
Drupal » Drupal » Version: 9.3.5

cpe:2.3:a:drupal:drupal:9.3.5
Drupal » Drupal » Version: 9.3.6

cpe:2.3:a:drupal:drupal:9.3.6
Drupal » Drupal » Version: 9.3.7

cpe:2.3:a:drupal:drupal:9.3.7
Drupal » Drupal » Version: 9.3.8

cpe:2.3:a:drupal:drupal:9.3.8
Drupal » Drupal » Version: 9.3.9

cpe:2.3:a:drupal:drupal:9.3.9
Drupal » Drupal » Version: 9.4

cpe:2.3:a:drupal:drupal:9.4
Drupal » Drupal » Version: 9.4.0

cpe:2.3:a:drupal:drupal:9.4.0
Drupal » Drupal » Version: 9.4.1

cpe:2.3:a:drupal:drupal:9.4.1
Drupal » Drupal » Version: 9.4.10

cpe:2.3:a:drupal:drupal:9.4.10
Drupal » Drupal » Version: 9.4.11

cpe:2.3:a:drupal:drupal:9.4.11
Drupal » Drupal » Version: 9.4.12

cpe:2.3:a:drupal:drupal:9.4.12
Drupal » Drupal » Version: 9.4.13

cpe:2.3:a:drupal:drupal:9.4.13
Drupal » Drupal » Version: 9.4.14

cpe:2.3:a:drupal:drupal:9.4.14
Drupal » Drupal » Version: 9.4.15

cpe:2.3:a:drupal:drupal:9.4.15
Drupal » Drupal » Version: 9.4.2

cpe:2.3:a:drupal:drupal:9.4.2
Drupal » Drupal » Version: 9.4.3

cpe:2.3:a:drupal:drupal:9.4.3
Drupal » Drupal » Version: 9.4.4

cpe:2.3:a:drupal:drupal:9.4.4
Drupal » Drupal » Version: 9.4.5

cpe:2.3:a:drupal:drupal:9.4.5
Drupal » Drupal » Version: 9.4.6

cpe:2.3:a:drupal:drupal:9.4.6
Drupal » Drupal » Version: 9.4.7

cpe:2.3:a:drupal:drupal:9.4.7
Drupal » Drupal » Version: 9.4.8

cpe:2.3:a:drupal:drupal:9.4.8
Drupal » Drupal » Version: 9.4.9

cpe:2.3:a:drupal:drupal:9.4.9
Drupal » Drupal » Version: 9.5

cpe:2.3:a:drupal:drupal:9.5
Drupal » Drupal » Version: 9.5.0

cpe:2.3:a:drupal:drupal:9.5.0
Drupal » Drupal » Version: 9.5.1

cpe:2.3:a:drupal:drupal:9.5.1
Drupal » Drupal » Version: 9.5.10

cpe:2.3:a:drupal:drupal:9.5.10
Drupal » Drupal » Version: 9.5.2

cpe:2.3:a:drupal:drupal:9.5.2
Drupal » Drupal » Version: 9.5.3

cpe:2.3:a:drupal:drupal:9.5.3
Drupal » Drupal » Version: 9.5.4

cpe:2.3:a:drupal:drupal:9.5.4
Drupal » Drupal » Version: 9.5.5

cpe:2.3:a:drupal:drupal:9.5.5
Drupal » Drupal » Version: 9.5.7

cpe:2.3:a:drupal:drupal:9.5.7
Drupal » Drupal » Version: 9.5.8

cpe:2.3:a:drupal:drupal:9.5.8
Drupal » Drupal » Version: 9.5.9

cpe:2.3:a:drupal:drupal:9.5.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5256

Products

Pricing

Contact Us