Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django@2.1.12
Typepypi
Namespace
Namedjango
Version2.1.12
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.2.28
Latest_non_vulnerable_version6.0.5
Affected_by_vulnerabilities
0
url VCID-2bh9-k4at-r7hz
vulnerability_id VCID-2bh9-k4at-r7hz
summary sql injection
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7471
reference_id
reference_type
scores
0
value 0.09442
scoring_system epss
scoring_elements 0.92943
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7471
1
reference_url https://docs.djangoproject.com/en/3.0/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.0/releases/security
2
reference_url https://docs.djangoproject.com/en/3.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.0/releases/security/
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-hmr4-m2h5-33qx
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hmr4-m2h5-33qx
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd
7
reference_url https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b
8
reference_url https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147
9
reference_url https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml
11
reference_url https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
14
reference_url https://seclists.org/bugtraq/2020/Feb/30
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2020/Feb/30
15
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
16
reference_url https://security.netapp.com/advisory/ntap-20200221-0006
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200221-0006
17
reference_url https://security.netapp.com/advisory/ntap-20200221-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200221-0006/
18
reference_url https://usn.ubuntu.com/4264-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4264-1
19
reference_url https://usn.ubuntu.com/4264-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4264-1/
20
reference_url https://www.debian.org/security/2020/dsa-4629
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4629
21
reference_url https://www.djangoproject.com/weblog/2020/feb/03/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/feb/03/security-releases
22
reference_url https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
23
reference_url https://www.openwall.com/lists/oss-security/2020/02/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/02/03/1
24
reference_url http://www.openwall.com/lists/oss-security/2020/02/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/02/03/1
25
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581
reference_id 950581
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581
26
reference_url https://security.archlinux.org/ASA-202002-1
reference_id ASA-202002-1
reference_type
scores
url https://security.archlinux.org/ASA-202002-1
27
reference_url https://security.archlinux.org/AVG-1091
reference_id AVG-1091
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1091
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7471
reference_id CVE-2020-7471
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7471
fixed_packages
0
url pkg:pypi/django@2.2.10
purl pkg:pypi/django@2.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f2p-wfbs-73hz
1
vulnerability VCID-5a2y-2m62-1qfa
2
vulnerability VCID-7b47-vsfh-y3gh
3
vulnerability VCID-81q1-gytk-2uaq
4
vulnerability VCID-9hp4-hn21-zkg8
5
vulnerability VCID-b81v-3drw-xudf
6
vulnerability VCID-bbxx-48nj-pqcd
7
vulnerability VCID-dcv2-gx5a-pfe2
8
vulnerability VCID-dqkn-1888-y3er
9
vulnerability VCID-fc6y-y2b1-v3d5
10
vulnerability VCID-gxju-xjh2-z7bn
11
vulnerability VCID-hzcv-euwq-eqeg
12
vulnerability VCID-jzbk-uswz-8ucg
13
vulnerability VCID-nxbs-37dx-rbbh
14
vulnerability VCID-punr-dfy5-v3g1
15
vulnerability VCID-u53d-8afk-c3gq
16
vulnerability VCID-vyzr-dkz3-vfg6
17
vulnerability VCID-xb3c-6rew-z3ba
18
vulnerability VCID-xu9t-qtjz-bud8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.10
1
url pkg:pypi/django@3.0.3
purl pkg:pypi/django@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5a2y-2m62-1qfa
1
vulnerability VCID-7b47-vsfh-y3gh
2
vulnerability VCID-9hp4-hn21-zkg8
3
vulnerability VCID-b81v-3drw-xudf
4
vulnerability VCID-hzcv-euwq-eqeg
5
vulnerability VCID-nxbs-37dx-rbbh
6
vulnerability VCID-punr-dfy5-v3g1
7
vulnerability VCID-xb3c-6rew-z3ba
8
vulnerability VCID-xu9t-qtjz-bud8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.3
aliases BIT-django-2020-7471, CVE-2020-7471, GHSA-hmr4-m2h5-33qx, PYSEC-2020-35
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2bh9-k4at-r7hz
1
url VCID-3gvv-5jbs-cfc1
vulnerability_id VCID-3gvv-5jbs-cfc1
summary privilege escalation
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19118
reference_id
reference_type
scores
0
value 0.00354
scoring_system epss
scoring_elements 0.57971
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19118
1
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
2
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
3
reference_url https://github.com/advisories/GHSA-hvmf-r92r-27hr
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hvmf-r92r-27hr
4
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
5
reference_url https://github.com/django/django/commit/103ebe2b5ff1b2614b85a52c239f471904d26244
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/103ebe2b5ff1b2614b85a52c239f471904d26244
6
reference_url https://github.com/django/django/commit/36f580a17f0b3cb087deadf3b65eea024f479c21
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/36f580a17f0b3cb087deadf3b65eea024f479c21
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-15.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-15.yaml
8
reference_url https://groups.google.com/forum/#!topic/django-announce/GjGqDvtNmWQ
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/GjGqDvtNmWQ
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R4HD22PVEVQ45H2JA2NXH443AYJOPL5
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R4HD22PVEVQ45H2JA2NXH443AYJOPL5
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R4HD22PVEVQ45H2JA2NXH443AYJOPL5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R4HD22PVEVQ45H2JA2NXH443AYJOPL5/
11
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
12
reference_url https://security.netapp.com/advisory/ntap-20191217-0003
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20191217-0003
13
reference_url https://security.netapp.com/advisory/ntap-20191217-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20191217-0003/
14
reference_url https://www.djangoproject.com/weblog/2019/dec/02/security-releases
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/dec/02/security-releases
15
reference_url https://www.djangoproject.com/weblog/2019/dec/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/dec/02/security-releases/
16
reference_url http://www.openwall.com/lists/oss-security/2019/12/02/1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/12/02/1
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946011
reference_id 946011
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946011
18
reference_url https://security.archlinux.org/AVG-1070
reference_id AVG-1070
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1070
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19118
reference_id CVE-2019-19118
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19118
fixed_packages
0
url pkg:pypi/django@2.1.15
purl pkg:pypi/django@2.1.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-fynq-usj6-rfd3
2
vulnerability VCID-hzcv-euwq-eqeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.15
1
url pkg:pypi/django@2.2.8
purl pkg:pypi/django@2.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-2f2p-wfbs-73hz
2
vulnerability VCID-5a2y-2m62-1qfa
3
vulnerability VCID-7b47-vsfh-y3gh
4
vulnerability VCID-81q1-gytk-2uaq
5
vulnerability VCID-9hp4-hn21-zkg8
6
vulnerability VCID-arff-yjfe-auhp
7
vulnerability VCID-b81v-3drw-xudf
8
vulnerability VCID-bbxx-48nj-pqcd
9
vulnerability VCID-dcv2-gx5a-pfe2
10
vulnerability VCID-dqkn-1888-y3er
11
vulnerability VCID-fc6y-y2b1-v3d5
12
vulnerability VCID-fynq-usj6-rfd3
13
vulnerability VCID-gxju-xjh2-z7bn
14
vulnerability VCID-hzcv-euwq-eqeg
15
vulnerability VCID-jzbk-uswz-8ucg
16
vulnerability VCID-nxbs-37dx-rbbh
17
vulnerability VCID-punr-dfy5-v3g1
18
vulnerability VCID-u53d-8afk-c3gq
19
vulnerability VCID-vyzr-dkz3-vfg6
20
vulnerability VCID-xb3c-6rew-z3ba
21
vulnerability VCID-xu9t-qtjz-bud8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.8
aliases CVE-2019-19118, GHSA-hvmf-r92r-27hr, PYSEC-2019-15
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3gvv-5jbs-cfc1
2
url VCID-fynq-usj6-rfd3
vulnerability_id VCID-fynq-usj6-rfd3
summary insufficient validation
references
0
reference_url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19844
reference_id
reference_type
scores
0
value 0.13973
scoring_system epss
scoring_elements 0.94448
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19844
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-vfq6-hq5r-27r6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-vfq6-hq5r-27r6
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26
8
reference_url https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e
9
reference_url https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
10
reference_url https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml
12
reference_url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
15
reference_url https://seclists.org/bugtraq/2020/Jan/9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2020/Jan/9
16
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
17
reference_url https://security.netapp.com/advisory/ntap-20200110-0003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200110-0003
18
reference_url https://security.netapp.com/advisory/ntap-20200110-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200110-0003/
19
reference_url https://usn.ubuntu.com/4224-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4224-1
20
reference_url https://usn.ubuntu.com/4224-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4224-1/
21
reference_url https://www.debian.org/security/2020/dsa-4598
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4598
22
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases
23
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937
reference_id 946937
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937
25
reference_url https://security.archlinux.org/AVG-1080
reference_id AVG-1080
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1080
26
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md
reference_id CVE-2019-19844
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19844
reference_id CVE-2019-19844
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19844
28
reference_url https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
reference_id CVE-2019-19844
reference_type exploit
scores
url https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
29
reference_url https://usn.ubuntu.com/6722-1/
reference_id USN-6722-1
reference_type
scores
url https://usn.ubuntu.com/6722-1/
fixed_packages
0
url pkg:pypi/django@2.2.9
purl pkg:pypi/django@2.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-2f2p-wfbs-73hz
2
vulnerability VCID-5a2y-2m62-1qfa
3
vulnerability VCID-7b47-vsfh-y3gh
4
vulnerability VCID-81q1-gytk-2uaq
5
vulnerability VCID-9hp4-hn21-zkg8
6
vulnerability VCID-b81v-3drw-xudf
7
vulnerability VCID-bbxx-48nj-pqcd
8
vulnerability VCID-dcv2-gx5a-pfe2
9
vulnerability VCID-dqkn-1888-y3er
10
vulnerability VCID-fc6y-y2b1-v3d5
11
vulnerability VCID-gxju-xjh2-z7bn
12
vulnerability VCID-hzcv-euwq-eqeg
13
vulnerability VCID-jzbk-uswz-8ucg
14
vulnerability VCID-nxbs-37dx-rbbh
15
vulnerability VCID-punr-dfy5-v3g1
16
vulnerability VCID-u53d-8afk-c3gq
17
vulnerability VCID-vyzr-dkz3-vfg6
18
vulnerability VCID-xb3c-6rew-z3ba
19
vulnerability VCID-xu9t-qtjz-bud8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9
1
url pkg:pypi/django@3.0.1
purl pkg:pypi/django@3.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-5a2y-2m62-1qfa
2
vulnerability VCID-7b47-vsfh-y3gh
3
vulnerability VCID-9hp4-hn21-zkg8
4
vulnerability VCID-b81v-3drw-xudf
5
vulnerability VCID-hzcv-euwq-eqeg
6
vulnerability VCID-nxbs-37dx-rbbh
7
vulnerability VCID-punr-dfy5-v3g1
8
vulnerability VCID-xb3c-6rew-z3ba
9
vulnerability VCID-xu9t-qtjz-bud8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.1
aliases CVE-2019-19844, GHSA-vfq6-hq5r-27r6, PYSEC-2019-16
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fynq-usj6-rfd3
3
url VCID-hzcv-euwq-eqeg
vulnerability_id VCID-hzcv-euwq-eqeg
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33203
reference_id
reference_type
scores
0
value 0.00327
scoring_system epss
scoring_elements 0.5585
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33203
1
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.2/releases/security
2
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90
7
reference_url https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f
8
reference_url https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml
10
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33203
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33203
13
reference_url https://security.netapp.com/advisory/ntap-20210727-0004
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210727-0004
14
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
15
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
reference_id 989394
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
17
reference_url https://security.archlinux.org/ASA-202106-41
reference_id ASA-202106-41
reference_type
scores
url https://security.archlinux.org/ASA-202106-41
18
reference_url https://security.archlinux.org/AVG-2026
reference_id AVG-2026
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2026
19
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
20
reference_url https://usn.ubuntu.com/4975-1/
reference_id USN-4975-1
reference_type
scores
url https://usn.ubuntu.com/4975-1/
21
reference_url https://usn.ubuntu.com/4975-2/
reference_id USN-4975-2
reference_type
scores
url https://usn.ubuntu.com/4975-2/
fixed_packages
0
url pkg:pypi/django@2.2.24
purl pkg:pypi/django@2.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f2p-wfbs-73hz
1
vulnerability VCID-81q1-gytk-2uaq
2
vulnerability VCID-bbxx-48nj-pqcd
3
vulnerability VCID-dcv2-gx5a-pfe2
4
vulnerability VCID-dqkn-1888-y3er
5
vulnerability VCID-fc6y-y2b1-v3d5
6
vulnerability VCID-jzbk-uswz-8ucg
7
vulnerability VCID-vyzr-dkz3-vfg6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24
1
url pkg:pypi/django@3.1.12
purl pkg:pypi/django@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fc6y-y2b1-v3d5
1
vulnerability VCID-zvet-h29t-tub8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12
2
url pkg:pypi/django@3.2.4
purl pkg:pypi/django@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f2p-wfbs-73hz
1
vulnerability VCID-5k3f-9smv-8bev
2
vulnerability VCID-6bct-bfhb-xugt
3
vulnerability VCID-7u6e-a3ng-fude
4
vulnerability VCID-81q1-gytk-2uaq
5
vulnerability VCID-bbxx-48nj-pqcd
6
vulnerability VCID-bjn5-qpmt-qffx
7
vulnerability VCID-ctk2-ykg7-h7ag
8
vulnerability VCID-dcv2-gx5a-pfe2
9
vulnerability VCID-dqkn-1888-y3er
10
vulnerability VCID-e2p6-m8gu-jbfu
11
vulnerability VCID-fc6y-y2b1-v3d5
12
vulnerability VCID-fwkd-bq8u-9kg8
13
vulnerability VCID-jzbk-uswz-8ucg
14
vulnerability VCID-kmv2-339j-8ugc
15
vulnerability VCID-nyy8-t17r-syex
16
vulnerability VCID-qg2s-fuw3-nbda
17
vulnerability VCID-rn9d-fd73-3kb9
18
vulnerability VCID-vyzr-dkz3-vfg6
19
vulnerability VCID-x4s4-qav9-xbet
20
vulnerability VCID-zvet-h29t-tub8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4
aliases BIT-django-2021-33203, CVE-2021-33203, GHSA-68w8-qjq3-2gfm, PYSEC-2021-98
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hzcv-euwq-eqeg
4
url VCID-vr6h-ymzh-1kb2
vulnerability_id VCID-vr6h-ymzh-1kb2
summary Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests, for updating the inline model. Directly editing the view-only parent model was not possible, but the parent model's save() method was called, triggering potential side effects, and causing pre and post-save signal handlers to be invoked. (To resolve this, the Django admin is adjusted to require edit permissions on the parent model in order for inline models to be editable.)
references
0
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
1
reference_url https://groups.google.com/forum/#!topic/django-announce/GjGqDvtNmWQ
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/django-announce/GjGqDvtNmWQ
2
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R4HD22PVEVQ45H2JA2NXH443AYJOPL5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R4HD22PVEVQ45H2JA2NXH443AYJOPL5/
3
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/202004-17
4
reference_url https://security.netapp.com/advisory/ntap-20191217-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20191217-0003/
5
reference_url https://www.djangoproject.com/weblog/2019/dec/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/dec/02/security-releases/
6
reference_url http://www.openwall.com/lists/oss-security/2019/12/02/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2019/12/02/1
fixed_packages
0
url pkg:pypi/django@2.1.15
purl pkg:pypi/django@2.1.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-fynq-usj6-rfd3
2
vulnerability VCID-hzcv-euwq-eqeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.15
1
url pkg:pypi/django@2.2.8
purl pkg:pypi/django@2.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-2f2p-wfbs-73hz
2
vulnerability VCID-5a2y-2m62-1qfa
3
vulnerability VCID-7b47-vsfh-y3gh
4
vulnerability VCID-81q1-gytk-2uaq
5
vulnerability VCID-9hp4-hn21-zkg8
6
vulnerability VCID-arff-yjfe-auhp
7
vulnerability VCID-b81v-3drw-xudf
8
vulnerability VCID-bbxx-48nj-pqcd
9
vulnerability VCID-dcv2-gx5a-pfe2
10
vulnerability VCID-dqkn-1888-y3er
11
vulnerability VCID-fc6y-y2b1-v3d5
12
vulnerability VCID-fynq-usj6-rfd3
13
vulnerability VCID-gxju-xjh2-z7bn
14
vulnerability VCID-hzcv-euwq-eqeg
15
vulnerability VCID-jzbk-uswz-8ucg
16
vulnerability VCID-nxbs-37dx-rbbh
17
vulnerability VCID-punr-dfy5-v3g1
18
vulnerability VCID-u53d-8afk-c3gq
19
vulnerability VCID-vyzr-dkz3-vfg6
20
vulnerability VCID-xb3c-6rew-z3ba
21
vulnerability VCID-xu9t-qtjz-bud8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.8
aliases PYSEC-2019-85
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vr6h-ymzh-1kb2
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.12