Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django@2.2.8
Typepypi
Namespace
Namedjango
Version2.2.8
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.2.25
Latest_non_vulnerable_version6.0.5
Affected_by_vulnerabilities
0
url VCID-29qk-rv5n-efbm
vulnerability_id VCID-29qk-rv5n-efbm
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36359
reference_id
reference_type
scores
0
value 0.0113
scoring_system epss
scoring_elements 0.78658
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36359
1
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
2
reference_url https://docs.djangoproject.com/en/4.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.0/releases/security/
3
reference_url https://github.com/advisories/GHSA-8x94-hmjh-97hq
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-8x94-hmjh-97hq
4
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
5
reference_url https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80
6
reference_url https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3
7
reference_url https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml
9
reference_url https://groups.google.com/g/django-announce/c/8cz--gvaJr4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/django-announce/c/8cz--gvaJr4
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36359
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36359
13
reference_url https://security.netapp.com/advisory/ntap-20220915-0008
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220915-0008
14
reference_url https://www.debian.org/security/2022/dsa-5254
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5254
15
reference_url https://www.djangoproject.com/weblog/2022/aug/03/security-releases
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/aug/03/security-releases
16
reference_url https://www.djangoproject.com/weblog/2022/aug/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/aug/03/security-releases/
17
reference_url http://www.openwall.com/lists/oss-security/2022/08/03/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/08/03/1
18
reference_url https://security.archlinux.org/AVG-2810
reference_id AVG-2810
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2810
fixed_packages
0
url pkg:pypi/django@3.2.15
purl pkg:pypi/django@3.2.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z4e-8ttu-tyd6
1
vulnerability VCID-am3f-c5ex-8ff2
2
vulnerability VCID-au8h-vj9k-pufv
3
vulnerability VCID-f4a7-tcz5-byfj
4
vulnerability VCID-fsaw-3ta1-x3dw
5
vulnerability VCID-m1dr-sjmw-jfd2
6
vulnerability VCID-m33h-4p9q-63fb
7
vulnerability VCID-qgp1-4efd-6yg6
8
vulnerability VCID-yuda-1mur-8bbq
9
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.15
1
url pkg:pypi/django@4.0.7
purl pkg:pypi/django@4.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z4e-8ttu-tyd6
1
vulnerability VCID-au8h-vj9k-pufv
2
vulnerability VCID-f4a7-tcz5-byfj
3
vulnerability VCID-m1dr-sjmw-jfd2
4
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.7
aliases CVE-2022-36359, GHSA-8x94-hmjh-97hq, PYSEC-2022-245
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29qk-rv5n-efbm
1
url VCID-4cp2-k4mn-8ffj
vulnerability_id VCID-4cp2-k4mn-8ffj
summary An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13596.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13596.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13596
reference_id
reference_type
scores
0
value 0.00571
scoring_system epss
scoring_elements 0.69
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13596
2
reference_url https://docs.djangoproject.com/en/3.0/releases/security
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.0/releases/security
3
reference_url https://docs.djangoproject.com/en/3.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.0/releases/security/
4
reference_url https://github.com/advisories/GHSA-2m34-jcjv-45xf
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2m34-jcjv-45xf
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/1f2dd37f6fcefdd10ed44cb233b2e62b520afb38
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/1f2dd37f6fcefdd10ed44cb233b2e62b520afb38
7
reference_url https://github.com/django/django/commit/6d61860b22875f358fac83d903dc629897934815
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6d61860b22875f358fac83d903dc629897934815
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-32.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-32.yaml
9
reference_url https://groups.google.com/forum/#!msg/django-announce/pPEmb2ot4Fo/X-SMalYSBAAJ
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/django-announce/pPEmb2ot4Fo/X-SMalYSBAAJ
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
12
reference_url https://security.netapp.com/advisory/ntap-20200611-0002
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200611-0002
13
reference_url https://security.netapp.com/advisory/ntap-20200611-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200611-0002/
14
reference_url https://usn.ubuntu.com/4381-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4381-1
15
reference_url https://usn.ubuntu.com/4381-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4381-1/
16
reference_url https://usn.ubuntu.com/4381-2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4381-2
17
reference_url https://usn.ubuntu.com/4381-2/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4381-2/
18
reference_url https://www.debian.org/security/2020/dsa-4705
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4705
19
reference_url https://www.djangoproject.com/weblog/2020/jun/03/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/jun/03/security-releases
20
reference_url https://www.djangoproject.com/weblog/2020/jun/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2020/jun/03/security-releases/
21
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1843625
reference_id 1843625
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1843625
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962323
reference_id 962323
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962323
24
reference_url https://security.archlinux.org/ASA-202006-8
reference_id ASA-202006-8
reference_type
scores
url https://security.archlinux.org/ASA-202006-8
25
reference_url https://security.archlinux.org/AVG-1176
reference_id AVG-1176
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1176
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13596
reference_id CVE-2020-13596
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13596
fixed_packages
0
url pkg:pypi/django@2.2.13
purl pkg:pypi/django@2.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-attf-6gj8-ebaj
6
vulnerability VCID-drwp-htkk-bkfh
7
vulnerability VCID-fhp8-tck4-mye4
8
vulnerability VCID-fksk-pr23-2yd8
9
vulnerability VCID-hh9b-52xn-z7a9
10
vulnerability VCID-j81e-su1y-tqa6
11
vulnerability VCID-n9vn-4uxr-hkau
12
vulnerability VCID-nss9-1yrb-x7f2
13
vulnerability VCID-q8r2-m9s6-rbek
14
vulnerability VCID-qvfs-2v1h-p3h4
15
vulnerability VCID-u9q1-63gf-7feh
16
vulnerability VCID-wnxx-rc7w-cke4
17
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.13
1
url pkg:pypi/django@3.0.7
purl pkg:pypi/django@3.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-9mpt-zxaw-kkeg
2
vulnerability VCID-fhp8-tck4-mye4
3
vulnerability VCID-hh9b-52xn-z7a9
4
vulnerability VCID-q8r2-m9s6-rbek
5
vulnerability VCID-qvfs-2v1h-p3h4
6
vulnerability VCID-wnxx-rc7w-cke4
7
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.7
aliases CVE-2020-13596, GHSA-2m34-jcjv-45xf, PYSEC-2020-32
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4cp2-k4mn-8ffj
2
url VCID-51tx-4tp9-kbcz
vulnerability_id VCID-51tx-4tp9-kbcz
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23833.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23833.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23833
reference_id
reference_type
scores
0
value 0.01058
scoring_system epss
scoring_elements 0.7796
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23833
2
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
3
reference_url https://docs.djangoproject.com/en/4.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.0/releases/security/
4
reference_url https://github.com/advisories/GHSA-6cw3-g6wv-c2xv
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-6cw3-g6wv-c2xv
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/c477b761804984c932704554ad35f78a2e230c6a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c477b761804984c932704554ad35f78a2e230c6a
7
reference_url https://github.com/django/django/commit/d16133568ef9c9b42cb7a08bdf9ff3feec2e5468
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d16133568ef9c9b42cb7a08bdf9ff3feec2e5468
8
reference_url https://github.com/django/django/commit/f9c7d48fdd6f198a6494a9202f90242f176e4fc9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f9c7d48fdd6f198a6494a9202f90242f176e4fc9
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-20.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-20.yaml
10
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
12
reference_url https://security.netapp.com/advisory/ntap-20220221-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220221-0003
13
reference_url https://www.debian.org/security/2022/dsa-5254
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5254
14
reference_url https://www.djangoproject.com/weblog/2022/feb/01/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/feb/01/security-releases
15
reference_url https://www.djangoproject.com/weblog/2022/feb/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/feb/01/security-releases/
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004752
reference_id 1004752
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004752
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2048778
reference_id 2048778
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2048778
18
reference_url https://security.archlinux.org/AVG-2808
reference_id AVG-2808
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2808
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23833
reference_id CVE-2022-23833
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23833
20
reference_url https://access.redhat.com/errata/RHSA-2022:5498
reference_id RHSA-2022:5498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5498
21
reference_url https://access.redhat.com/errata/RHSA-2022:8853
reference_id RHSA-2022:8853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8853
22
reference_url https://access.redhat.com/errata/RHSA-2022:8872
reference_id RHSA-2022:8872
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8872
fixed_packages
0
url pkg:pypi/django@2.2.27
purl pkg:pypi/django@2.2.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-drwp-htkk-bkfh
2
vulnerability VCID-nss9-1yrb-x7f2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.27
1
url pkg:pypi/django@3.2.12
purl pkg:pypi/django@3.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-am3f-c5ex-8ff2
4
vulnerability VCID-au8h-vj9k-pufv
5
vulnerability VCID-drwp-htkk-bkfh
6
vulnerability VCID-f4a7-tcz5-byfj
7
vulnerability VCID-fsaw-3ta1-x3dw
8
vulnerability VCID-m1dr-sjmw-jfd2
9
vulnerability VCID-m33h-4p9q-63fb
10
vulnerability VCID-nss9-1yrb-x7f2
11
vulnerability VCID-qgp1-4efd-6yg6
12
vulnerability VCID-yuda-1mur-8bbq
13
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.12
2
url pkg:pypi/django@4.0.2
purl pkg:pypi/django@4.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-au8h-vj9k-pufv
4
vulnerability VCID-drwp-htkk-bkfh
5
vulnerability VCID-f4a7-tcz5-byfj
6
vulnerability VCID-m1dr-sjmw-jfd2
7
vulnerability VCID-nss9-1yrb-x7f2
8
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.2
aliases CVE-2022-23833, GHSA-6cw3-g6wv-c2xv, PYSEC-2022-20
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-51tx-4tp9-kbcz
3
url VCID-5q58-pzt4-8uey
vulnerability_id VCID-5q58-pzt4-8uey
summary Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7471.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7471.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7471
reference_id
reference_type
scores
0
value 0.1537
scoring_system epss
scoring_elements 0.94763
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7471
2
reference_url https://docs.djangoproject.com/en/3.0/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.0/releases/security
3
reference_url https://docs.djangoproject.com/en/3.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.0/releases/security/
4
reference_url https://github.com/advisories/GHSA-hmr4-m2h5-33qx
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hmr4-m2h5-33qx
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd
7
reference_url https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b
8
reference_url https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147
9
reference_url https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml
11
reference_url https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
14
reference_url https://seclists.org/bugtraq/2020/Feb/30
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2020/Feb/30
15
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
16
reference_url https://security.netapp.com/advisory/ntap-20200221-0006
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200221-0006
17
reference_url https://security.netapp.com/advisory/ntap-20200221-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200221-0006/
18
reference_url https://usn.ubuntu.com/4264-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4264-1
19
reference_url https://usn.ubuntu.com/4264-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4264-1/
20
reference_url https://www.debian.org/security/2020/dsa-4629
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4629
21
reference_url https://www.djangoproject.com/weblog/2020/feb/03/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/feb/03/security-releases
22
reference_url https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
23
reference_url https://www.openwall.com/lists/oss-security/2020/02/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/02/03/1
24
reference_url http://www.openwall.com/lists/oss-security/2020/02/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/02/03/1
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1798515
reference_id 1798515
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1798515
26
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581
reference_id 950581
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581
27
reference_url https://security.archlinux.org/ASA-202002-1
reference_id ASA-202002-1
reference_type
scores
url https://security.archlinux.org/ASA-202002-1
28
reference_url https://security.archlinux.org/AVG-1091
reference_id AVG-1091
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1091
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7471
reference_id CVE-2020-7471
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7471
fixed_packages
0
url pkg:pypi/django@2.2.10
purl pkg:pypi/django@2.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4cp2-k4mn-8ffj
2
vulnerability VCID-51tx-4tp9-kbcz
3
vulnerability VCID-6jpg-yrf8-cufy
4
vulnerability VCID-9end-mq19-rke5
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-attf-6gj8-ebaj
7
vulnerability VCID-drwp-htkk-bkfh
8
vulnerability VCID-fhp8-tck4-mye4
9
vulnerability VCID-fksk-pr23-2yd8
10
vulnerability VCID-hh9b-52xn-z7a9
11
vulnerability VCID-j81e-su1y-tqa6
12
vulnerability VCID-m4wa-xv9b-q7ce
13
vulnerability VCID-n9vn-4uxr-hkau
14
vulnerability VCID-na9w-xkvx-cbhd
15
vulnerability VCID-nss9-1yrb-x7f2
16
vulnerability VCID-q8r2-m9s6-rbek
17
vulnerability VCID-qvfs-2v1h-p3h4
18
vulnerability VCID-u9q1-63gf-7feh
19
vulnerability VCID-wnxx-rc7w-cke4
20
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.10
1
url pkg:pypi/django@3.0.3
purl pkg:pypi/django@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4cp2-k4mn-8ffj
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-fhp8-tck4-mye4
4
vulnerability VCID-hh9b-52xn-z7a9
5
vulnerability VCID-m4wa-xv9b-q7ce
6
vulnerability VCID-na9w-xkvx-cbhd
7
vulnerability VCID-q8r2-m9s6-rbek
8
vulnerability VCID-qvfs-2v1h-p3h4
9
vulnerability VCID-wnxx-rc7w-cke4
10
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.3
aliases CVE-2020-7471, GHSA-hmr4-m2h5-33qx, PYSEC-2020-35
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5q58-pzt4-8uey
4
url VCID-6jpg-yrf8-cufy
vulnerability_id VCID-6jpg-yrf8-cufy
summary An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45115.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45115.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-45115
reference_id
reference_type
scores
0
value 0.00414
scoring_system epss
scoring_elements 0.61943
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-45115
2
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
3
reference_url https://docs.djangoproject.com/en/4.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.0/releases/security/
4
reference_url https://github.com/advisories/GHSA-53qw-q765-4fww
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-53qw-q765-4fww
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/2135637fdd5ce994de110affef9e67dffdf77277
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2135637fdd5ce994de110affef9e67dffdf77277
7
reference_url https://github.com/django/django/commit/a8b32fe13bcaed1c0b772fdc53de84abc224fb20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/a8b32fe13bcaed1c0b772fdc53de84abc224fb20
8
reference_url https://github.com/django/django/commit/df79ef03ac867c93caaa6be56bc69e66abfeef8f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/df79ef03ac867c93caaa6be56bc69e66abfeef8f
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-1.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-1.yaml
10
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
12
reference_url https://security.netapp.com/advisory/ntap-20220121-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220121-0005
13
reference_url https://www.djangoproject.com/weblog/2022/jan/04/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/jan/04/security-releases
14
reference_url https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003113
reference_id 1003113
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003113
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2037024
reference_id 2037024
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2037024
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-45115
reference_id CVE-2021-45115
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-45115
18
reference_url https://access.redhat.com/errata/RHSA-2022:5498
reference_id RHSA-2022:5498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5498
fixed_packages
0
url pkg:pypi/django@2.2.26
purl pkg:pypi/django@2.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-attf-6gj8-ebaj
3
vulnerability VCID-drwp-htkk-bkfh
4
vulnerability VCID-nss9-1yrb-x7f2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.26
1
url pkg:pypi/django@3.2.11
purl pkg:pypi/django@3.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-51tx-4tp9-kbcz
4
vulnerability VCID-am3f-c5ex-8ff2
5
vulnerability VCID-attf-6gj8-ebaj
6
vulnerability VCID-au8h-vj9k-pufv
7
vulnerability VCID-drwp-htkk-bkfh
8
vulnerability VCID-f4a7-tcz5-byfj
9
vulnerability VCID-fsaw-3ta1-x3dw
10
vulnerability VCID-m1dr-sjmw-jfd2
11
vulnerability VCID-m33h-4p9q-63fb
12
vulnerability VCID-nss9-1yrb-x7f2
13
vulnerability VCID-qgp1-4efd-6yg6
14
vulnerability VCID-yuda-1mur-8bbq
15
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.11
2
url pkg:pypi/django@4.0.1
purl pkg:pypi/django@4.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-51tx-4tp9-kbcz
4
vulnerability VCID-attf-6gj8-ebaj
5
vulnerability VCID-au8h-vj9k-pufv
6
vulnerability VCID-drwp-htkk-bkfh
7
vulnerability VCID-f4a7-tcz5-byfj
8
vulnerability VCID-m1dr-sjmw-jfd2
9
vulnerability VCID-nss9-1yrb-x7f2
10
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.1
aliases CVE-2021-45115, GHSA-53qw-q765-4fww, PYSEC-2022-1
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6jpg-yrf8-cufy
5
url VCID-9end-mq19-rke5
vulnerability_id VCID-9end-mq19-rke5
summary Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45452.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45452.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-45452
reference_id
reference_type
scores
0
value 0.00238
scoring_system epss
scoring_elements 0.47049
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-45452
2
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
3
reference_url https://docs.djangoproject.com/en/4.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.0/releases/security/
4
reference_url https://github.com/advisories/GHSA-jrh2-hc4r-7jwx
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-jrh2-hc4r-7jwx
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/4cb35b384ceef52123fc66411a73c36a706825e1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4cb35b384ceef52123fc66411a73c36a706825e1
7
reference_url https://github.com/django/django/commit/8d2f7cff76200cbd2337b2cf1707e383eb1fb54b
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/8d2f7cff76200cbd2337b2cf1707e383eb1fb54b
8
reference_url https://github.com/django/django/commit/e1592e0f26302e79856cc7f2218ae848ae19b0f6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/e1592e0f26302e79856cc7f2218ae848ae19b0f6
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-3.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-3.yaml
10
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
12
reference_url https://security.netapp.com/advisory/ntap-20220121-0005
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220121-0005
13
reference_url https://www.djangoproject.com/weblog/2022/jan/04/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/jan/04/security-releases
14
reference_url https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003113
reference_id 1003113
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003113
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2037028
reference_id 2037028
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2037028
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-45452
reference_id CVE-2021-45452
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-45452
18
reference_url https://access.redhat.com/errata/RHSA-2022:5498
reference_id RHSA-2022:5498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5498
fixed_packages
0
url pkg:pypi/django@2.2.26
purl pkg:pypi/django@2.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-attf-6gj8-ebaj
3
vulnerability VCID-drwp-htkk-bkfh
4
vulnerability VCID-nss9-1yrb-x7f2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.26
1
url pkg:pypi/django@3.2.11
purl pkg:pypi/django@3.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-51tx-4tp9-kbcz
4
vulnerability VCID-am3f-c5ex-8ff2
5
vulnerability VCID-attf-6gj8-ebaj
6
vulnerability VCID-au8h-vj9k-pufv
7
vulnerability VCID-drwp-htkk-bkfh
8
vulnerability VCID-f4a7-tcz5-byfj
9
vulnerability VCID-fsaw-3ta1-x3dw
10
vulnerability VCID-m1dr-sjmw-jfd2
11
vulnerability VCID-m33h-4p9q-63fb
12
vulnerability VCID-nss9-1yrb-x7f2
13
vulnerability VCID-qgp1-4efd-6yg6
14
vulnerability VCID-yuda-1mur-8bbq
15
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.11
2
url pkg:pypi/django@4.0.1
purl pkg:pypi/django@4.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-51tx-4tp9-kbcz
4
vulnerability VCID-attf-6gj8-ebaj
5
vulnerability VCID-au8h-vj9k-pufv
6
vulnerability VCID-drwp-htkk-bkfh
7
vulnerability VCID-f4a7-tcz5-byfj
8
vulnerability VCID-m1dr-sjmw-jfd2
9
vulnerability VCID-nss9-1yrb-x7f2
10
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.1
aliases CVE-2021-45452, GHSA-jrh2-hc4r-7jwx, PYSEC-2022-3
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9end-mq19-rke5
6
url VCID-9mpt-zxaw-kkeg
vulnerability_id VCID-9mpt-zxaw-kkeg
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33203.json
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33203.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33203
reference_id
reference_type
scores
0
value 0.00143
scoring_system epss
scoring_elements 0.34125
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33203
2
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.2/releases/security
3
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
4
reference_url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90
7
reference_url https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f
8
reference_url https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml
10
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
12
reference_url https://security.netapp.com/advisory/ntap-20210727-0004
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210727-0004
13
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
14
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966251
reference_id 1966251
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966251
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
reference_id 989394
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
17
reference_url https://security.archlinux.org/ASA-202106-41
reference_id ASA-202106-41
reference_type
scores
url https://security.archlinux.org/ASA-202106-41
18
reference_url https://security.archlinux.org/AVG-2026
reference_id AVG-2026
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2026
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33203
reference_id CVE-2021-33203
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33203
20
reference_url https://access.redhat.com/errata/RHSA-2021:3490
reference_id RHSA-2021:3490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3490
21
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
22
reference_url https://access.redhat.com/errata/RHSA-2021:5070
reference_id RHSA-2021:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5070
fixed_packages
0
url pkg:pypi/django@2.2.24
purl pkg:pypi/django@2.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-attf-6gj8-ebaj
5
vulnerability VCID-drwp-htkk-bkfh
6
vulnerability VCID-fksk-pr23-2yd8
7
vulnerability VCID-n9vn-4uxr-hkau
8
vulnerability VCID-nss9-1yrb-x7f2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24
1
url pkg:pypi/django@3.1.12
purl pkg:pypi/django@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4pb2-tqru-uufs
2
vulnerability VCID-n9vn-4uxr-hkau
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12
2
url pkg:pypi/django@3.2.4
purl pkg:pypi/django@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4pb2-tqru-uufs
3
vulnerability VCID-4z4e-8ttu-tyd6
4
vulnerability VCID-51tx-4tp9-kbcz
5
vulnerability VCID-6jpg-yrf8-cufy
6
vulnerability VCID-9end-mq19-rke5
7
vulnerability VCID-am3f-c5ex-8ff2
8
vulnerability VCID-attf-6gj8-ebaj
9
vulnerability VCID-au8h-vj9k-pufv
10
vulnerability VCID-drwp-htkk-bkfh
11
vulnerability VCID-f4a7-tcz5-byfj
12
vulnerability VCID-fksk-pr23-2yd8
13
vulnerability VCID-fsaw-3ta1-x3dw
14
vulnerability VCID-m1dr-sjmw-jfd2
15
vulnerability VCID-m33h-4p9q-63fb
16
vulnerability VCID-n9vn-4uxr-hkau
17
vulnerability VCID-nss9-1yrb-x7f2
18
vulnerability VCID-qgp1-4efd-6yg6
19
vulnerability VCID-yuda-1mur-8bbq
20
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4
aliases CVE-2021-33203, GHSA-68w8-qjq3-2gfm, PYSEC-2021-98
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9mpt-zxaw-kkeg
7
url VCID-attf-6gj8-ebaj
vulnerability_id VCID-attf-6gj8-ebaj
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22818.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22818.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22818
reference_id
reference_type
scores
0
value 0.00554
scoring_system epss
scoring_elements 0.68433
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22818
2
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
3
reference_url https://docs.djangoproject.com/en/4.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.0/releases/security/
4
reference_url https://github.com/advisories/GHSA-95rw-fx8r-36v6
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-95rw-fx8r-36v6
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/01422046065d2b51f8f613409cad2c81b39487e5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/01422046065d2b51f8f613409cad2c81b39487e5
7
reference_url https://github.com/django/django/commit/1a1e8278c46418bde24c86a65443b0674bae65e2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/1a1e8278c46418bde24c86a65443b0674bae65e2
8
reference_url https://github.com/django/django/commit/c27a7eb9f40b64990398978152e62b6ff839c2e6
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c27a7eb9f40b64990398978152e62b6ff839c2e6
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-19.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-19.yaml
10
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
12
reference_url https://security.netapp.com/advisory/ntap-20220221-0003
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220221-0003
13
reference_url https://www.debian.org/security/2022/dsa-5254
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5254
14
reference_url https://www.djangoproject.com/weblog/2022/feb/01/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/feb/01/security-releases
15
reference_url https://www.djangoproject.com/weblog/2022/feb/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/feb/01/security-releases/
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004752
reference_id 1004752
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004752
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2048775
reference_id 2048775
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2048775
18
reference_url https://security.archlinux.org/AVG-2808
reference_id AVG-2808
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2808
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-22818
reference_id CVE-2022-22818
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-22818
20
reference_url https://access.redhat.com/errata/RHSA-2022:5498
reference_id RHSA-2022:5498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5498
21
reference_url https://access.redhat.com/errata/RHSA-2022:8506
reference_id RHSA-2022:8506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8506
22
reference_url https://access.redhat.com/errata/RHSA-2022:8853
reference_id RHSA-2022:8853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8853
23
reference_url https://access.redhat.com/errata/RHSA-2022:8872
reference_id RHSA-2022:8872
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8872
fixed_packages
0
url pkg:pypi/django@2.2.27
purl pkg:pypi/django@2.2.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-drwp-htkk-bkfh
2
vulnerability VCID-nss9-1yrb-x7f2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.27
1
url pkg:pypi/django@3.2.12
purl pkg:pypi/django@3.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-am3f-c5ex-8ff2
4
vulnerability VCID-au8h-vj9k-pufv
5
vulnerability VCID-drwp-htkk-bkfh
6
vulnerability VCID-f4a7-tcz5-byfj
7
vulnerability VCID-fsaw-3ta1-x3dw
8
vulnerability VCID-m1dr-sjmw-jfd2
9
vulnerability VCID-m33h-4p9q-63fb
10
vulnerability VCID-nss9-1yrb-x7f2
11
vulnerability VCID-qgp1-4efd-6yg6
12
vulnerability VCID-yuda-1mur-8bbq
13
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.12
2
url pkg:pypi/django@4.0.2
purl pkg:pypi/django@4.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-au8h-vj9k-pufv
4
vulnerability VCID-drwp-htkk-bkfh
5
vulnerability VCID-f4a7-tcz5-byfj
6
vulnerability VCID-m1dr-sjmw-jfd2
7
vulnerability VCID-nss9-1yrb-x7f2
8
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.2
aliases CVE-2022-22818, GHSA-95rw-fx8r-36v6, PYSEC-2022-19
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-attf-6gj8-ebaj
8
url VCID-drwp-htkk-bkfh
vulnerability_id VCID-drwp-htkk-bkfh
summary sql injection
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28347.json
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28347.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28347
reference_id
reference_type
scores
0
value 0.00748
scoring_system epss
scoring_elements 0.73453
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28347
2
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
3
reference_url https://docs.djangoproject.com/en/4.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.0/releases/security/
4
reference_url https://github.com/advisories/GHSA-w24h-v9qh-8gxj
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-w24h-v9qh-8gxj
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/00b0fc50e1738c7174c495464a5ef069408a4402
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/00b0fc50e1738c7174c495464a5ef069408a4402
7
reference_url https://github.com/django/django/commit/29a6c98b4c13af82064f993f0acc6e8fafa4d3f5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/29a6c98b4c13af82064f993f0acc6e8fafa4d3f5
8
reference_url https://github.com/django/django/commit/6723a26e59b0b5429a0c5873941e01a2e1bdbb81
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6723a26e59b0b5429a0c5873941e01a2e1bdbb81
9
reference_url https://github.com/django/django/commit/9e19accb6e0a00ba77d5a95a91675bf18877c72d
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/9e19accb6e0a00ba77d5a95a91675bf18877c72d
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-191.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-191.yaml
11
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
14
reference_url https://www.debian.org/security/2022/dsa-5254
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5254
15
reference_url https://www.djangoproject.com/weblog/2022/apr/11/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/apr/11/security-releases
16
reference_url https://www.djangoproject.com/weblog/2022/apr/11/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/apr/11/security-releases/
17
reference_url http://www.openwall.com/lists/oss-security/2022/04/11/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/04/11/1
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009677
reference_id 1009677
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009677
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2072459
reference_id 2072459
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2072459
20
reference_url https://security.archlinux.org/ASA-202204-9
reference_id ASA-202204-9
reference_type
scores
url https://security.archlinux.org/ASA-202204-9
21
reference_url https://security.archlinux.org/AVG-2667
reference_id AVG-2667
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2667
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-28347
reference_id CVE-2022-28347
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-28347
23
reference_url https://access.redhat.com/errata/RHSA-2022:5498
reference_id RHSA-2022:5498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5498
24
reference_url https://access.redhat.com/errata/RHSA-2022:5602
reference_id RHSA-2022:5602
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5602
25
reference_url https://access.redhat.com/errata/RHSA-2022:5702
reference_id RHSA-2022:5702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5702
26
reference_url https://access.redhat.com/errata/RHSA-2022:5703
reference_id RHSA-2022:5703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5703
fixed_packages
0
url pkg:pypi/django@2.2.28
purl pkg:pypi/django@2.2.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.28
1
url pkg:pypi/django@3.2.13
purl pkg:pypi/django@3.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-am3f-c5ex-8ff2
4
vulnerability VCID-au8h-vj9k-pufv
5
vulnerability VCID-f4a7-tcz5-byfj
6
vulnerability VCID-fsaw-3ta1-x3dw
7
vulnerability VCID-m1dr-sjmw-jfd2
8
vulnerability VCID-m33h-4p9q-63fb
9
vulnerability VCID-qgp1-4efd-6yg6
10
vulnerability VCID-yuda-1mur-8bbq
11
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.13
2
url pkg:pypi/django@4.0.4
purl pkg:pypi/django@4.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-au8h-vj9k-pufv
4
vulnerability VCID-f4a7-tcz5-byfj
5
vulnerability VCID-m1dr-sjmw-jfd2
6
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.4
aliases CVE-2022-28347, GHSA-w24h-v9qh-8gxj, PYSEC-2022-191
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-drwp-htkk-bkfh
9
url VCID-fhp8-tck4-mye4
vulnerability_id VCID-fhp8-tck4-mye4
summary In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28658.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28658.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-28658
reference_id
reference_type
scores
0
value 0.01505
scoring_system epss
scoring_elements 0.81494
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-28658
2
reference_url https://docs.djangoproject.com/en/3.1/releases/security
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.1/releases/security
3
reference_url https://docs.djangoproject.com/en/3.1/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.1/releases/security/
4
reference_url https://github.com/advisories/GHSA-xgxc-v2qg-chmh
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-xgxc-v2qg-chmh
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-6.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-6.yaml
7
reference_url https://groups.google.com/g/django-announce/c/ePr5j-ngdPU
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/django-announce/c/ePr5j-ngdPU
8
reference_url https://lists.debian.org/debian-lts-announce/2021/04/msg00008.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/04/msg00008.html
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE/
11
reference_url https://pypi.org/project/Django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/Django
12
reference_url https://security.netapp.com/advisory/ntap-20210528-0001
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210528-0001
13
reference_url https://www.djangoproject.com/weblog/2021/apr/06/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/apr/06/security-releases
14
reference_url https://www.djangoproject.com/weblog/2021/apr/06/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/apr/06/security-releases/
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986447
reference_id 986447
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986447
16
reference_url https://security.archlinux.org/AVG-1776
reference_id AVG-1776
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1776
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-28658
reference_id CVE-2021-28658
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-28658
18
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
19
reference_url https://access.redhat.com/errata/RHSA-2021:5070
reference_id RHSA-2021:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5070
fixed_packages
0
url pkg:pypi/django@2.2.20
purl pkg:pypi/django@2.2.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-attf-6gj8-ebaj
6
vulnerability VCID-drwp-htkk-bkfh
7
vulnerability VCID-fksk-pr23-2yd8
8
vulnerability VCID-j81e-su1y-tqa6
9
vulnerability VCID-n9vn-4uxr-hkau
10
vulnerability VCID-nss9-1yrb-x7f2
11
vulnerability VCID-u9q1-63gf-7feh
12
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.20
1
url pkg:pypi/django@3.0.14
purl pkg:pypi/django@3.0.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-9mpt-zxaw-kkeg
2
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.14
2
url pkg:pypi/django@3.1.8
purl pkg:pypi/django@3.1.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4pb2-tqru-uufs
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-j81e-su1y-tqa6
4
vulnerability VCID-n9vn-4uxr-hkau
5
vulnerability VCID-u9q1-63gf-7feh
6
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.8
aliases CVE-2021-28658, GHSA-xgxc-v2qg-chmh, PYSEC-2021-6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fhp8-tck4-mye4
10
url VCID-fksk-pr23-2yd8
vulnerability_id VCID-fksk-pr23-2yd8
summary An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45116.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45116.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-45116
reference_id
reference_type
scores
0
value 0.00363
scoring_system epss
scoring_elements 0.58706
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-45116
2
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
3
reference_url https://docs.djangoproject.com/en/4.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.0/releases/security/
4
reference_url https://github.com/advisories/GHSA-8c5j-9r9f-c6w8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-8c5j-9r9f-c6w8
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/2a8ec7f546d6d5806e221ec948c5146b55bd7489
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2a8ec7f546d6d5806e221ec948c5146b55bd7489
7
reference_url https://github.com/django/django/commit/c7fe895bca06daf12cc1670b56eaf72a1ef27a16
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c7fe895bca06daf12cc1670b56eaf72a1ef27a16
8
reference_url https://github.com/django/django/commit/c9f648ccfac5ab90fb2829a66da4f77e68c7f93a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c9f648ccfac5ab90fb2829a66da4f77e68c7f93a
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-2.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-2.yaml
10
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
12
reference_url https://security.netapp.com/advisory/ntap-20220121-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220121-0005
13
reference_url https://www.djangoproject.com/weblog/2022/jan/04/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/jan/04/security-releases
14
reference_url https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003113
reference_id 1003113
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003113
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2037025
reference_id 2037025
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2037025
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-45116
reference_id CVE-2021-45116
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-45116
18
reference_url https://access.redhat.com/errata/RHSA-2022:5498
reference_id RHSA-2022:5498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5498
fixed_packages
0
url pkg:pypi/django@2.2.26
purl pkg:pypi/django@2.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-attf-6gj8-ebaj
3
vulnerability VCID-drwp-htkk-bkfh
4
vulnerability VCID-nss9-1yrb-x7f2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.26
1
url pkg:pypi/django@3.2.11
purl pkg:pypi/django@3.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-51tx-4tp9-kbcz
4
vulnerability VCID-am3f-c5ex-8ff2
5
vulnerability VCID-attf-6gj8-ebaj
6
vulnerability VCID-au8h-vj9k-pufv
7
vulnerability VCID-drwp-htkk-bkfh
8
vulnerability VCID-f4a7-tcz5-byfj
9
vulnerability VCID-fsaw-3ta1-x3dw
10
vulnerability VCID-m1dr-sjmw-jfd2
11
vulnerability VCID-m33h-4p9q-63fb
12
vulnerability VCID-nss9-1yrb-x7f2
13
vulnerability VCID-qgp1-4efd-6yg6
14
vulnerability VCID-yuda-1mur-8bbq
15
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.11
2
url pkg:pypi/django@4.0.1
purl pkg:pypi/django@4.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-51tx-4tp9-kbcz
4
vulnerability VCID-attf-6gj8-ebaj
5
vulnerability VCID-au8h-vj9k-pufv
6
vulnerability VCID-drwp-htkk-bkfh
7
vulnerability VCID-f4a7-tcz5-byfj
8
vulnerability VCID-m1dr-sjmw-jfd2
9
vulnerability VCID-nss9-1yrb-x7f2
10
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.1
aliases CVE-2021-45116, GHSA-8c5j-9r9f-c6w8, PYSEC-2022-2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fksk-pr23-2yd8
11
url VCID-hh9b-52xn-z7a9
vulnerability_id VCID-hh9b-52xn-z7a9
summary An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24584.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24584.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-24584
reference_id
reference_type
scores
0
value 0.02755
scoring_system epss
scoring_elements 0.86282
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-24584
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
4
reference_url https://github.com/advisories/GHSA-fr28-569j-53c4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-fr28-569j-53c4
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/1853724acaf17ed7414d54c7d2b5563a25025a71
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/1853724acaf17ed7414d54c7d2b5563a25025a71
7
reference_url https://github.com/django/django/commit/2b099caa5923afa8cfb5f1e8c0d56b6e0e81915b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2b099caa5923afa8cfb5f1e8c0d56b6e0e81915b
8
reference_url https://github.com/django/django/commit/a3aebfdc8153dc230686b6d2454ccd32ed4c9e6f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/a3aebfdc8153dc230686b6d2454ccd32ed4c9e6f
9
reference_url https://github.com/django/django/commit/cdb367c92a0ba72ddc0cbd13ff42b0e6df709554
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/cdb367c92a0ba72ddc0cbd13ff42b0e6df709554
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-34.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-34.yaml
11
reference_url https://groups.google.com/forum/#!topic/django-announce/Gdqn58RqIDM
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/Gdqn58RqIDM
12
reference_url https://groups.google.com/forum/#!topic/django-announce/zFCMdgUnutU
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/zFCMdgUnutU
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI/
19
reference_url https://security.netapp.com/advisory/ntap-20200918-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200918-0004
20
reference_url https://security.netapp.com/advisory/ntap-20200918-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200918-0004/
21
reference_url https://usn.ubuntu.com/4479-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4479-1
22
reference_url https://usn.ubuntu.com/4479-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4479-1/
23
reference_url https://www.djangoproject.com/weblog/2020/sep/01/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/sep/01/security-releases
24
reference_url https://www.djangoproject.com/weblog/2020/sep/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2020/sep/01/security-releases/
25
reference_url https://www.openwall.com/lists/oss-security/2020/09/01/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/09/01/2
26
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1874492
reference_id 1874492
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1874492
28
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969367
reference_id 969367
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969367
29
reference_url https://security.archlinux.org/ASA-202009-4
reference_id ASA-202009-4
reference_type
scores
url https://security.archlinux.org/ASA-202009-4
30
reference_url https://security.archlinux.org/AVG-1217
reference_id AVG-1217
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1217
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-24584
reference_id CVE-2020-24584
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-24584
fixed_packages
0
url pkg:pypi/django@2.2.16
purl pkg:pypi/django@2.2.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-attf-6gj8-ebaj
6
vulnerability VCID-drwp-htkk-bkfh
7
vulnerability VCID-fhp8-tck4-mye4
8
vulnerability VCID-fksk-pr23-2yd8
9
vulnerability VCID-j81e-su1y-tqa6
10
vulnerability VCID-n9vn-4uxr-hkau
11
vulnerability VCID-nss9-1yrb-x7f2
12
vulnerability VCID-q8r2-m9s6-rbek
13
vulnerability VCID-u9q1-63gf-7feh
14
vulnerability VCID-wnxx-rc7w-cke4
15
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.16
1
url pkg:pypi/django@3.0.10
purl pkg:pypi/django@3.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-9mpt-zxaw-kkeg
2
vulnerability VCID-fhp8-tck4-mye4
3
vulnerability VCID-q8r2-m9s6-rbek
4
vulnerability VCID-wnxx-rc7w-cke4
5
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.10
2
url pkg:pypi/django@3.1.1
purl pkg:pypi/django@3.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4pb2-tqru-uufs
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-fhp8-tck4-mye4
4
vulnerability VCID-j81e-su1y-tqa6
5
vulnerability VCID-n9vn-4uxr-hkau
6
vulnerability VCID-q8r2-m9s6-rbek
7
vulnerability VCID-u9q1-63gf-7feh
8
vulnerability VCID-wnxx-rc7w-cke4
9
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.1
aliases CVE-2020-24584, GHSA-fr28-569j-53c4, PYSEC-2020-34
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hh9b-52xn-z7a9
12
url VCID-j81e-su1y-tqa6
vulnerability_id VCID-j81e-su1y-tqa6
summary In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31542.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31542.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-31542
reference_id
reference_type
scores
0
value 0.04357
scoring_system epss
scoring_elements 0.89129
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-31542
2
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.2/releases/security
3
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
4
reference_url https://github.com/advisories/GHSA-rxjp-mfm9-w4wr
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rxjp-mfm9-w4wr
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/04ac1624bdc2fa737188401757cf95ced122d26d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/04ac1624bdc2fa737188401757cf95ced122d26d
7
reference_url https://github.com/django/django/commit/25d84d64122c15050a0ee739e859f22ddab5ac48
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/25d84d64122c15050a0ee739e859f22ddab5ac48
8
reference_url https://github.com/django/django/commit/c98f446c188596d4ba6de71d1b77b4a6c5c2a007
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c98f446c188596d4ba6de71d1b77b4a6c5c2a007
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-7.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-7.yaml
10
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21forum/django-announce
11
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
12
reference_url https://lists.debian.org/debian-lts-announce/2021/05/msg00005.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/05/msg00005.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE/
18
reference_url https://security.netapp.com/advisory/ntap-20210618-0001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210618-0001
19
reference_url https://www.djangoproject.com/weblog/2021/may/04/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/may/04/security-releases
20
reference_url https://www.djangoproject.com/weblog/2021/may/04/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/may/04/security-releases/
21
reference_url http://www.openwall.com/lists/oss-security/2021/05/04/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/04/3
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1954294
reference_id 1954294
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1954294
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988053
reference_id 988053
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988053
24
reference_url https://security.archlinux.org/AVG-1910
reference_id AVG-1910
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1910
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-31542
reference_id CVE-2021-31542
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-31542
26
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
27
reference_url https://access.redhat.com/errata/RHSA-2021:5070
reference_id RHSA-2021:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5070
fixed_packages
0
url pkg:pypi/django@2.2.21
purl pkg:pypi/django@2.2.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-attf-6gj8-ebaj
6
vulnerability VCID-drwp-htkk-bkfh
7
vulnerability VCID-fksk-pr23-2yd8
8
vulnerability VCID-n9vn-4uxr-hkau
9
vulnerability VCID-nss9-1yrb-x7f2
10
vulnerability VCID-u9q1-63gf-7feh
11
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.21
1
url pkg:pypi/django@3.1.9
purl pkg:pypi/django@3.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4pb2-tqru-uufs
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-n9vn-4uxr-hkau
4
vulnerability VCID-u9q1-63gf-7feh
5
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.9
2
url pkg:pypi/django@3.2.1
purl pkg:pypi/django@3.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4pb2-tqru-uufs
3
vulnerability VCID-4z4e-8ttu-tyd6
4
vulnerability VCID-51tx-4tp9-kbcz
5
vulnerability VCID-6jpg-yrf8-cufy
6
vulnerability VCID-9end-mq19-rke5
7
vulnerability VCID-9mpt-zxaw-kkeg
8
vulnerability VCID-am3f-c5ex-8ff2
9
vulnerability VCID-attf-6gj8-ebaj
10
vulnerability VCID-au8h-vj9k-pufv
11
vulnerability VCID-drwp-htkk-bkfh
12
vulnerability VCID-f4a7-tcz5-byfj
13
vulnerability VCID-fksk-pr23-2yd8
14
vulnerability VCID-fsaw-3ta1-x3dw
15
vulnerability VCID-m1dr-sjmw-jfd2
16
vulnerability VCID-m33h-4p9q-63fb
17
vulnerability VCID-n9vn-4uxr-hkau
18
vulnerability VCID-nss9-1yrb-x7f2
19
vulnerability VCID-qgp1-4efd-6yg6
20
vulnerability VCID-u9q1-63gf-7feh
21
vulnerability VCID-yuda-1mur-8bbq
22
vulnerability VCID-z4x1-e7tp-rqhz
23
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.1
aliases CVE-2021-31542, GHSA-rxjp-mfm9-w4wr, PYSEC-2021-7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j81e-su1y-tqa6
13
url VCID-m4wa-xv9b-q7ce
vulnerability_id VCID-m4wa-xv9b-q7ce
summary Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9402.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9402.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-9402
reference_id
reference_type
scores
0
value 0.84997
scoring_system epss
scoring_elements 0.99365
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-9402
2
reference_url https://docs.djangoproject.com/en/3.0/releases/security
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.0/releases/security
3
reference_url https://docs.djangoproject.com/en/3.0/releases/security/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://docs.djangoproject.com/en/3.0/releases/security/
4
reference_url https://github.com/advisories/GHSA-3gh2-xw74-jmcw
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-3gh2-xw74-jmcw
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/6695d29b1c1ce979725816295a26ecc64ae0e927
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6695d29b1c1ce979725816295a26ecc64ae0e927
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-345.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-345.yaml
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-36.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-36.yaml
9
reference_url https://groups.google.com/forum/#%21topic/django-announce/fLUh_pOaKrY
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21topic/django-announce/fLUh_pOaKrY
10
reference_url https://groups.google.com/forum/#!topic/django-announce/fLUh_pOaKrY
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/fLUh_pOaKrY
11
reference_url https://lists.debian.org/debian-lts-announce/2022/05/msg00035.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/05/msg00035.html
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY
19
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
20
reference_url https://security.netapp.com/advisory/ntap-20200327-0004
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200327-0004
21
reference_url https://security.netapp.com/advisory/ntap-20200327-0004/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://security.netapp.com/advisory/ntap-20200327-0004/
22
reference_url https://usn.ubuntu.com/4296-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4296-1
23
reference_url https://usn.ubuntu.com/4296-1/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://usn.ubuntu.com/4296-1/
24
reference_url https://www.debian.org/security/2020/dsa-4705
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4705
25
reference_url https://www.djangoproject.com/weblog/2020/mar/04/security-releases
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/mar/04/security-releases
26
reference_url https://www.djangoproject.com/weblog/2020/mar/04/security-releases/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://www.djangoproject.com/weblog/2020/mar/04/security-releases/
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1810088
reference_id 1810088
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1810088
28
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953102
reference_id 953102
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953102
29
reference_url https://security.archlinux.org/ASA-202003-5
reference_id ASA-202003-5
reference_type
scores
url https://security.archlinux.org/ASA-202003-5
30
reference_url https://security.archlinux.org/AVG-1111
reference_id AVG-1111
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1111
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-9402
reference_id CVE-2020-9402
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-9402
32
reference_url https://access.redhat.com/errata/RHSA-2021:1313
reference_id RHSA-2021:1313
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1313
fixed_packages
0
url pkg:pypi/django@2.2.11
purl pkg:pypi/django@2.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4cp2-k4mn-8ffj
2
vulnerability VCID-51tx-4tp9-kbcz
3
vulnerability VCID-6jpg-yrf8-cufy
4
vulnerability VCID-9end-mq19-rke5
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-attf-6gj8-ebaj
7
vulnerability VCID-drwp-htkk-bkfh
8
vulnerability VCID-fhp8-tck4-mye4
9
vulnerability VCID-fksk-pr23-2yd8
10
vulnerability VCID-hh9b-52xn-z7a9
11
vulnerability VCID-j81e-su1y-tqa6
12
vulnerability VCID-n9vn-4uxr-hkau
13
vulnerability VCID-na9w-xkvx-cbhd
14
vulnerability VCID-nss9-1yrb-x7f2
15
vulnerability VCID-q8r2-m9s6-rbek
16
vulnerability VCID-qvfs-2v1h-p3h4
17
vulnerability VCID-u9q1-63gf-7feh
18
vulnerability VCID-wnxx-rc7w-cke4
19
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.11
1
url pkg:pypi/django@3.0.4
purl pkg:pypi/django@3.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4cp2-k4mn-8ffj
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-fhp8-tck4-mye4
4
vulnerability VCID-hh9b-52xn-z7a9
5
vulnerability VCID-na9w-xkvx-cbhd
6
vulnerability VCID-q8r2-m9s6-rbek
7
vulnerability VCID-qvfs-2v1h-p3h4
8
vulnerability VCID-wnxx-rc7w-cke4
9
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.4
aliases CVE-2020-9402, GHSA-3gh2-xw74-jmcw, PYSEC-2020-345, PYSEC-2020-36
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4wa-xv9b-q7ce
14
url VCID-n9vn-4uxr-hkau
vulnerability_id VCID-n9vn-4uxr-hkau
summary In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44420.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44420.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44420
reference_id
reference_type
scores
0
value 0.0012
scoring_system epss
scoring_elements 0.30471
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44420
2
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.2/releases/security
3
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
4
reference_url https://github.com/advisories/GHSA-v6rh-hp5x-86rv
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-v6rh-hp5x-86rv
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/d4dcd5b9dd9e462fec8220e33e3e6c822b7e88a6
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d4dcd5b9dd9e462fec8220e33e3e6c822b7e88a6
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-439.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-439.yaml
8
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
10
reference_url https://security.netapp.com/advisory/ntap-20211229-0006
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211229-0006
11
reference_url https://www.djangoproject.com/weblog/2021/dec/07/security-releases
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/dec/07/security-releases
12
reference_url https://www.djangoproject.com/weblog/2021/dec/07/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/dec/07/security-releases/
13
reference_url https://www.openwall.com/lists/oss-security/2021/12/07/1
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2021/12/07/1
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2028178
reference_id 2028178
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2028178
15
reference_url https://security.archlinux.org/AVG-2605
reference_id AVG-2605
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2605
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44420
reference_id CVE-2021-44420
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44420
17
reference_url https://access.redhat.com/errata/RHSA-2022:5498
reference_id RHSA-2022:5498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5498
18
reference_url https://access.redhat.com/errata/RHSA-2023:0742
reference_id RHSA-2023:0742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0742
fixed_packages
0
url pkg:pypi/django@2.2.25
purl pkg:pypi/django@2.2.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-attf-6gj8-ebaj
5
vulnerability VCID-drwp-htkk-bkfh
6
vulnerability VCID-fksk-pr23-2yd8
7
vulnerability VCID-nss9-1yrb-x7f2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.25
1
url pkg:pypi/django@3.1.14
purl pkg:pypi/django@3.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.14
2
url pkg:pypi/django@3.2.10
purl pkg:pypi/django@3.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-51tx-4tp9-kbcz
4
vulnerability VCID-6jpg-yrf8-cufy
5
vulnerability VCID-9end-mq19-rke5
6
vulnerability VCID-am3f-c5ex-8ff2
7
vulnerability VCID-attf-6gj8-ebaj
8
vulnerability VCID-au8h-vj9k-pufv
9
vulnerability VCID-drwp-htkk-bkfh
10
vulnerability VCID-f4a7-tcz5-byfj
11
vulnerability VCID-fksk-pr23-2yd8
12
vulnerability VCID-fsaw-3ta1-x3dw
13
vulnerability VCID-m1dr-sjmw-jfd2
14
vulnerability VCID-m33h-4p9q-63fb
15
vulnerability VCID-nss9-1yrb-x7f2
16
vulnerability VCID-qgp1-4efd-6yg6
17
vulnerability VCID-yuda-1mur-8bbq
18
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.10
aliases CVE-2021-44420, GHSA-v6rh-hp5x-86rv, PYSEC-2021-439
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n9vn-4uxr-hkau
15
url VCID-na9w-xkvx-cbhd
vulnerability_id VCID-na9w-xkvx-cbhd
summary An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13254.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13254.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13254
reference_id
reference_type
scores
0
value 0.04713
scoring_system epss
scoring_elements 0.89562
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13254
2
reference_url https://docs.djangoproject.com/en/3.0/releases/security
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.0/releases/security
3
reference_url https://docs.djangoproject.com/en/3.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.0/releases/security/
4
reference_url https://github.com/advisories/GHSA-wpjr-j57x-wxfw
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-wpjr-j57x-wxfw
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/07e59caa02831c4569bbebb9eb773bdd9cb4b206
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/07e59caa02831c4569bbebb9eb773bdd9cb4b206
7
reference_url https://github.com/django/django/commit/84b2da5552e100ae3294f564f6c862fef8d0e693
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/84b2da5552e100ae3294f564f6c862fef8d0e693
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-31.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-31.yaml
9
reference_url https://groups.google.com/d/msg/django-announce/pPEmb2ot4Fo/X-SMalYSBAAJ
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/d/msg/django-announce/pPEmb2ot4Fo/X-SMalYSBAAJ
10
reference_url https://lists.debian.org/debian-lts-announce/2020/06/msg00016.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/06/msg00016.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
13
reference_url https://security.netapp.com/advisory/ntap-20200611-0002
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200611-0002
14
reference_url https://security.netapp.com/advisory/ntap-20200611-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200611-0002/
15
reference_url https://usn.ubuntu.com/4381-1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4381-1
16
reference_url https://usn.ubuntu.com/4381-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4381-1/
17
reference_url https://usn.ubuntu.com/4381-2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4381-2
18
reference_url https://usn.ubuntu.com/4381-2/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4381-2/
19
reference_url https://www.debian.org/security/2020/dsa-4705
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4705
20
reference_url https://www.djangoproject.com/weblog/2020/jun/03/security-releases
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/jun/03/security-releases
21
reference_url https://www.djangoproject.com/weblog/2020/jun/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2020/jun/03/security-releases/
22
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1843614
reference_id 1843614
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1843614
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962323
reference_id 962323
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962323
25
reference_url https://security.archlinux.org/ASA-202006-8
reference_id ASA-202006-8
reference_type
scores
url https://security.archlinux.org/ASA-202006-8
26
reference_url https://security.archlinux.org/AVG-1176
reference_id AVG-1176
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1176
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13254
reference_id CVE-2020-13254
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13254
28
reference_url https://access.redhat.com/errata/RHSA-2021:0915
reference_id RHSA-2021:0915
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0915
29
reference_url https://access.redhat.com/errata/RHSA-2021:0933
reference_id RHSA-2021:0933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0933
fixed_packages
0
url pkg:pypi/django@2.2.13
purl pkg:pypi/django@2.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-attf-6gj8-ebaj
6
vulnerability VCID-drwp-htkk-bkfh
7
vulnerability VCID-fhp8-tck4-mye4
8
vulnerability VCID-fksk-pr23-2yd8
9
vulnerability VCID-hh9b-52xn-z7a9
10
vulnerability VCID-j81e-su1y-tqa6
11
vulnerability VCID-n9vn-4uxr-hkau
12
vulnerability VCID-nss9-1yrb-x7f2
13
vulnerability VCID-q8r2-m9s6-rbek
14
vulnerability VCID-qvfs-2v1h-p3h4
15
vulnerability VCID-u9q1-63gf-7feh
16
vulnerability VCID-wnxx-rc7w-cke4
17
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.13
1
url pkg:pypi/django@3.0.7
purl pkg:pypi/django@3.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-9mpt-zxaw-kkeg
2
vulnerability VCID-fhp8-tck4-mye4
3
vulnerability VCID-hh9b-52xn-z7a9
4
vulnerability VCID-q8r2-m9s6-rbek
5
vulnerability VCID-qvfs-2v1h-p3h4
6
vulnerability VCID-wnxx-rc7w-cke4
7
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.7
aliases CVE-2020-13254, GHSA-wpjr-j57x-wxfw, PYSEC-2020-31
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-na9w-xkvx-cbhd
16
url VCID-nss9-1yrb-x7f2
vulnerability_id VCID-nss9-1yrb-x7f2
summary sql injection
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28346.json
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28346.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28346
reference_id
reference_type
scores
0
value 0.01971
scoring_system epss
scoring_elements 0.83862
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28346
2
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
3
reference_url https://docs.djangoproject.com/en/4.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.0/releases/security/
4
reference_url https://github.com/advisories/GHSA-2gwj-7jmv-h26r
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2gwj-7jmv-h26r
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/2044dac5c6968441be6f534c4139bcf48c5c7e48
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2044dac5c6968441be6f534c4139bcf48c5c7e48
7
reference_url https://github.com/django/django/commit/2c09e68ec911919360d5f8502cefc312f9e03c5d
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2c09e68ec911919360d5f8502cefc312f9e03c5d
8
reference_url https://github.com/django/django/commit/800828887a0509ad1162d6d407e94d8de7eafc60
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/800828887a0509ad1162d6d407e94d8de7eafc60
9
reference_url https://github.com/django/django/commit/93cae5cb2f9a4ef1514cf1a41f714fef08005200
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/93cae5cb2f9a4ef1514cf1a41f714fef08005200
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-190.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-190.yaml
11
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
12
reference_url https://lists.debian.org/debian-lts-announce/2022/04/msg00013.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/04/msg00013.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
15
reference_url https://security.netapp.com/advisory/ntap-20220609-0002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220609-0002
16
reference_url https://www.debian.org/security/2022/dsa-5254
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5254
17
reference_url https://www.djangoproject.com/weblog/2022/apr/11/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/apr/11/security-releases
18
reference_url https://www.djangoproject.com/weblog/2022/apr/11/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/apr/11/security-releases/
19
reference_url http://www.openwall.com/lists/oss-security/2022/04/11/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/04/11/1
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009677
reference_id 1009677
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009677
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2072447
reference_id 2072447
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2072447
22
reference_url https://security.archlinux.org/ASA-202204-9
reference_id ASA-202204-9
reference_type
scores
url https://security.archlinux.org/ASA-202204-9
23
reference_url https://security.archlinux.org/AVG-2667
reference_id AVG-2667
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2667
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-28346
reference_id CVE-2022-28346
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-28346
25
reference_url https://access.redhat.com/errata/RHSA-2022:5115
reference_id RHSA-2022:5115
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5115
26
reference_url https://access.redhat.com/errata/RHSA-2022:5498
reference_id RHSA-2022:5498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5498
27
reference_url https://access.redhat.com/errata/RHSA-2022:5602
reference_id RHSA-2022:5602
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5602
28
reference_url https://access.redhat.com/errata/RHSA-2022:5702
reference_id RHSA-2022:5702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5702
29
reference_url https://access.redhat.com/errata/RHSA-2022:5703
reference_id RHSA-2022:5703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5703
30
reference_url https://access.redhat.com/errata/RHSA-2022:8872
reference_id RHSA-2022:8872
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8872
fixed_packages
0
url pkg:pypi/django@2.2.28
purl pkg:pypi/django@2.2.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.28
1
url pkg:pypi/django@3.2.13
purl pkg:pypi/django@3.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-am3f-c5ex-8ff2
4
vulnerability VCID-au8h-vj9k-pufv
5
vulnerability VCID-f4a7-tcz5-byfj
6
vulnerability VCID-fsaw-3ta1-x3dw
7
vulnerability VCID-m1dr-sjmw-jfd2
8
vulnerability VCID-m33h-4p9q-63fb
9
vulnerability VCID-qgp1-4efd-6yg6
10
vulnerability VCID-yuda-1mur-8bbq
11
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.13
2
url pkg:pypi/django@4.0.4
purl pkg:pypi/django@4.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-au8h-vj9k-pufv
4
vulnerability VCID-f4a7-tcz5-byfj
5
vulnerability VCID-m1dr-sjmw-jfd2
6
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.4
aliases CVE-2022-28346, GHSA-2gwj-7jmv-h26r, PYSEC-2022-190
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nss9-1yrb-x7f2
17
url VCID-q8r2-m9s6-rbek
vulnerability_id VCID-q8r2-m9s6-rbek
summary In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths with dot segments.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3281.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3281.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3281
reference_id
reference_type
scores
0
value 0.41482
scoring_system epss
scoring_elements 0.97482
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3281
2
reference_url https://docs.djangoproject.com/en/3.1/releases/3.0.12
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.1/releases/3.0.12
3
reference_url https://docs.djangoproject.com/en/3.1/releases/security
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.1/releases/security
4
reference_url https://docs.djangoproject.com/en/3.1/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.1/releases/security/
5
reference_url https://github.com/advisories/GHSA-fvgf-6h6h-3322
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-fvgf-6h6h-3322
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/02e6592835b4559909aa3aaaf67988fef435f624
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/02e6592835b4559909aa3aaaf67988fef435f624
8
reference_url https://github.com/django/django/commit/05413afa8c18cdb978fcdf470e09f7a12b234a23
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/05413afa8c18cdb978fcdf470e09f7a12b234a23
9
reference_url https://github.com/django/django/commit/21e7622dec1f8612c85c2fc37fe8efbfd3311e37
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/21e7622dec1f8612c85c2fc37fe8efbfd3311e37
10
reference_url https://github.com/django/django/commit/52e409ed17287e9aabda847b6afe58be2fa9f86a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/52e409ed17287e9aabda847b6afe58be2fa9f86a
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-9.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-9.yaml
12
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YF52FKEH5S2P5CM4X7IXSYG67YY2CDOO
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YF52FKEH5S2P5CM4X7IXSYG67YY2CDOO
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YF52FKEH5S2P5CM4X7IXSYG67YY2CDOO/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YF52FKEH5S2P5CM4X7IXSYG67YY2CDOO/
15
reference_url https://security.netapp.com/advisory/ntap-20210226-0004
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210226-0004
16
reference_url https://security.netapp.com/advisory/ntap-20210226-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210226-0004/
17
reference_url https://www.djangoproject.com/weblog/2021/feb/01/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/feb/01/security-releases
18
reference_url https://www.djangoproject.com/weblog/2021/feb/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/feb/01/security-releases/
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1919969
reference_id 1919969
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1919969
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981562
reference_id 981562
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981562
21
reference_url https://security.archlinux.org/ASA-202102-18
reference_id ASA-202102-18
reference_type
scores
url https://security.archlinux.org/ASA-202102-18
22
reference_url https://security.archlinux.org/AVG-1518
reference_id AVG-1518
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1518
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3281
reference_id CVE-2021-3281
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3281
24
reference_url https://access.redhat.com/errata/RHSA-2021:0780
reference_id RHSA-2021:0780
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0780
25
reference_url https://access.redhat.com/errata/RHSA-2021:0781
reference_id RHSA-2021:0781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0781
26
reference_url https://access.redhat.com/errata/RHSA-2021:3490
reference_id RHSA-2021:3490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3490
27
reference_url https://access.redhat.com/errata/RHSA-2021:5070
reference_id RHSA-2021:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5070
fixed_packages
0
url pkg:pypi/django@2.2.18
purl pkg:pypi/django@2.2.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-attf-6gj8-ebaj
6
vulnerability VCID-drwp-htkk-bkfh
7
vulnerability VCID-fhp8-tck4-mye4
8
vulnerability VCID-fksk-pr23-2yd8
9
vulnerability VCID-j81e-su1y-tqa6
10
vulnerability VCID-n9vn-4uxr-hkau
11
vulnerability VCID-nss9-1yrb-x7f2
12
vulnerability VCID-u9q1-63gf-7feh
13
vulnerability VCID-wnxx-rc7w-cke4
14
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.18
1
url pkg:pypi/django@3.0.12
purl pkg:pypi/django@3.0.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-9mpt-zxaw-kkeg
2
vulnerability VCID-fhp8-tck4-mye4
3
vulnerability VCID-wnxx-rc7w-cke4
4
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.12
2
url pkg:pypi/django@3.1.6
purl pkg:pypi/django@3.1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4pb2-tqru-uufs
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-fhp8-tck4-mye4
4
vulnerability VCID-j81e-su1y-tqa6
5
vulnerability VCID-n9vn-4uxr-hkau
6
vulnerability VCID-u9q1-63gf-7feh
7
vulnerability VCID-wnxx-rc7w-cke4
8
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.6
aliases CVE-2021-3281, GHSA-fvgf-6h6h-3322, PYSEC-2021-9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q8r2-m9s6-rbek
18
url VCID-qvfs-2v1h-p3h4
vulnerability_id VCID-qvfs-2v1h-p3h4
summary An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24583.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24583.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-24583
reference_id
reference_type
scores
0
value 0.02869
scoring_system epss
scoring_elements 0.86537
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-24583
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
4
reference_url https://github.com/advisories/GHSA-m6gj-h9gm-gw44
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-m6gj-h9gm-gw44
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/8d7271578d7b153435b40fe40236ebec43cbf1b9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/8d7271578d7b153435b40fe40236ebec43cbf1b9
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-33.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-33.yaml
8
reference_url https://groups.google.com/forum/#!topic/django-announce/Gdqn58RqIDM
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/Gdqn58RqIDM
9
reference_url https://groups.google.com/forum/#!topic/django-announce/zFCMdgUnutU
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/zFCMdgUnutU
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI/
16
reference_url https://security.netapp.com/advisory/ntap-20200918-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200918-0004
17
reference_url https://security.netapp.com/advisory/ntap-20200918-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200918-0004/
18
reference_url https://usn.ubuntu.com/4479-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4479-1
19
reference_url https://usn.ubuntu.com/4479-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4479-1/
20
reference_url https://www.djangoproject.com/weblog/2020/sep/01/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/sep/01/security-releases
21
reference_url https://www.djangoproject.com/weblog/2020/sep/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2020/sep/01/security-releases/
22
reference_url https://www.openwall.com/lists/oss-security/2020/09/01/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/09/01/2
23
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1874485
reference_id 1874485
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1874485
25
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969367
reference_id 969367
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969367
26
reference_url https://security.archlinux.org/ASA-202009-4
reference_id ASA-202009-4
reference_type
scores
url https://security.archlinux.org/ASA-202009-4
27
reference_url https://security.archlinux.org/AVG-1217
reference_id AVG-1217
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1217
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-24583
reference_id CVE-2020-24583
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-24583
fixed_packages
0
url pkg:pypi/django@2.2.16
purl pkg:pypi/django@2.2.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-attf-6gj8-ebaj
6
vulnerability VCID-drwp-htkk-bkfh
7
vulnerability VCID-fhp8-tck4-mye4
8
vulnerability VCID-fksk-pr23-2yd8
9
vulnerability VCID-j81e-su1y-tqa6
10
vulnerability VCID-n9vn-4uxr-hkau
11
vulnerability VCID-nss9-1yrb-x7f2
12
vulnerability VCID-q8r2-m9s6-rbek
13
vulnerability VCID-u9q1-63gf-7feh
14
vulnerability VCID-wnxx-rc7w-cke4
15
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.16
1
url pkg:pypi/django@3.0.10
purl pkg:pypi/django@3.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-9mpt-zxaw-kkeg
2
vulnerability VCID-fhp8-tck4-mye4
3
vulnerability VCID-q8r2-m9s6-rbek
4
vulnerability VCID-wnxx-rc7w-cke4
5
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.10
2
url pkg:pypi/django@3.1.1
purl pkg:pypi/django@3.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4pb2-tqru-uufs
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-fhp8-tck4-mye4
4
vulnerability VCID-j81e-su1y-tqa6
5
vulnerability VCID-n9vn-4uxr-hkau
6
vulnerability VCID-q8r2-m9s6-rbek
7
vulnerability VCID-u9q1-63gf-7feh
8
vulnerability VCID-wnxx-rc7w-cke4
9
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.1
aliases CVE-2020-24583, GHSA-m6gj-h9gm-gw44, PYSEC-2020-33
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qvfs-2v1h-p3h4
19
url VCID-u9q1-63gf-7feh
vulnerability_id VCID-u9q1-63gf-7feh
summary In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffected because HttpResponse prohibits newlines in HTTP headers.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32052.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32052.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32052
reference_id
reference_type
scores
0
value 0.01859
scoring_system epss
scoring_elements 0.83402
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32052
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1944801
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1944801
3
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.2/releases/security
4
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
5
reference_url https://github.com/advisories/GHSA-qm57-vhq3-3fwf
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-qm57-vhq3-3fwf
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/e1e81aa1c4427411e3c68facdd761229ffea6f6f
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/e1e81aa1c4427411e3c68facdd761229ffea6f6f
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-8.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-8.yaml
9
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE/
12
reference_url https://security.netapp.com/advisory/ntap-20210611-0002
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210611-0002
13
reference_url https://www.djangoproject.com/weblog/2021/may/06/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/may/06/security-releases
14
reference_url https://www.djangoproject.com/weblog/2021/may/06/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/may/06/security-releases/
15
reference_url http://www.openwall.com/lists/oss-security/2021/05/06/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/06/1
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1957455
reference_id 1957455
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1957455
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988136
reference_id 988136
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988136
18
reference_url https://security.archlinux.org/AVG-1924
reference_id AVG-1924
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1924
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-32052
reference_id CVE-2021-32052
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-32052
fixed_packages
0
url pkg:pypi/django@2.2.22
purl pkg:pypi/django@2.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-attf-6gj8-ebaj
6
vulnerability VCID-drwp-htkk-bkfh
7
vulnerability VCID-fksk-pr23-2yd8
8
vulnerability VCID-n9vn-4uxr-hkau
9
vulnerability VCID-nss9-1yrb-x7f2
10
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.22
1
url pkg:pypi/django@3.1.10
purl pkg:pypi/django@3.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4pb2-tqru-uufs
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-n9vn-4uxr-hkau
4
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.10
2
url pkg:pypi/django@3.2.2
purl pkg:pypi/django@3.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4pb2-tqru-uufs
3
vulnerability VCID-4z4e-8ttu-tyd6
4
vulnerability VCID-51tx-4tp9-kbcz
5
vulnerability VCID-6jpg-yrf8-cufy
6
vulnerability VCID-9end-mq19-rke5
7
vulnerability VCID-9mpt-zxaw-kkeg
8
vulnerability VCID-am3f-c5ex-8ff2
9
vulnerability VCID-attf-6gj8-ebaj
10
vulnerability VCID-au8h-vj9k-pufv
11
vulnerability VCID-drwp-htkk-bkfh
12
vulnerability VCID-f4a7-tcz5-byfj
13
vulnerability VCID-fksk-pr23-2yd8
14
vulnerability VCID-fsaw-3ta1-x3dw
15
vulnerability VCID-m1dr-sjmw-jfd2
16
vulnerability VCID-m33h-4p9q-63fb
17
vulnerability VCID-n9vn-4uxr-hkau
18
vulnerability VCID-nss9-1yrb-x7f2
19
vulnerability VCID-qgp1-4efd-6yg6
20
vulnerability VCID-yuda-1mur-8bbq
21
vulnerability VCID-z4x1-e7tp-rqhz
22
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.2
aliases CVE-2021-32052, GHSA-qm57-vhq3-3fwf, PYSEC-2021-8
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u9q1-63gf-7feh
20
url VCID-vdpf-jddk-syda
vulnerability_id VCID-vdpf-jddk-syda
summary insufficient validation
references
0
reference_url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19844.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19844.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19844
reference_id
reference_type
scores
0
value 0.15418
scoring_system epss
scoring_elements 0.94771
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19844
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844
4
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
5
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
6
reference_url https://github.com/advisories/GHSA-vfq6-hq5r-27r6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-vfq6-hq5r-27r6
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26
9
reference_url https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e
10
reference_url https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
11
reference_url https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml
13
reference_url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
16
reference_url https://seclists.org/bugtraq/2020/Jan/9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2020/Jan/9
17
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
18
reference_url https://security.netapp.com/advisory/ntap-20200110-0003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200110-0003
19
reference_url https://security.netapp.com/advisory/ntap-20200110-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200110-0003/
20
reference_url https://usn.ubuntu.com/4224-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4224-1
21
reference_url https://usn.ubuntu.com/4224-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4224-1/
22
reference_url https://www.debian.org/security/2020/dsa-4598
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4598
23
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases
24
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1788425
reference_id 1788425
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1788425
26
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937
reference_id 946937
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937
27
reference_url https://security.archlinux.org/AVG-1080
reference_id AVG-1080
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1080
28
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md
reference_id CVE-2019-19844
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19844
reference_id CVE-2019-19844
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19844
30
reference_url https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
reference_id CVE-2019-19844
reference_type exploit
scores
url https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
fixed_packages
0
url pkg:pypi/django@2.2.9
purl pkg:pypi/django@2.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4cp2-k4mn-8ffj
2
vulnerability VCID-51tx-4tp9-kbcz
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6jpg-yrf8-cufy
5
vulnerability VCID-9end-mq19-rke5
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-attf-6gj8-ebaj
8
vulnerability VCID-drwp-htkk-bkfh
9
vulnerability VCID-fhp8-tck4-mye4
10
vulnerability VCID-fksk-pr23-2yd8
11
vulnerability VCID-hh9b-52xn-z7a9
12
vulnerability VCID-j81e-su1y-tqa6
13
vulnerability VCID-m4wa-xv9b-q7ce
14
vulnerability VCID-n9vn-4uxr-hkau
15
vulnerability VCID-na9w-xkvx-cbhd
16
vulnerability VCID-nss9-1yrb-x7f2
17
vulnerability VCID-q8r2-m9s6-rbek
18
vulnerability VCID-qvfs-2v1h-p3h4
19
vulnerability VCID-u9q1-63gf-7feh
20
vulnerability VCID-wnxx-rc7w-cke4
21
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9
1
url pkg:pypi/django@3.0.1
purl pkg:pypi/django@3.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4cp2-k4mn-8ffj
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-9mpt-zxaw-kkeg
4
vulnerability VCID-fhp8-tck4-mye4
5
vulnerability VCID-hh9b-52xn-z7a9
6
vulnerability VCID-m4wa-xv9b-q7ce
7
vulnerability VCID-na9w-xkvx-cbhd
8
vulnerability VCID-q8r2-m9s6-rbek
9
vulnerability VCID-qvfs-2v1h-p3h4
10
vulnerability VCID-wnxx-rc7w-cke4
11
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.1
aliases CVE-2019-19844, GHSA-vfq6-hq5r-27r6, PYSEC-2019-16
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vdpf-jddk-syda
21
url VCID-wnxx-rc7w-cke4
vulnerability_id VCID-wnxx-rc7w-cke4
summary 
Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)
When the attacker can separate query parameters using a semicolon (`;`), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23336.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23336.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-23336
reference_id
reference_type
scores
0
value 0.003
scoring_system epss
scoring_elements 0.53624
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-23336
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1928904
reference_id 1928904
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1928904
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983090
reference_id 983090
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983090
4
reference_url https://security.archlinux.org/ASA-202102-28
reference_id ASA-202102-28
reference_type
scores
url https://security.archlinux.org/ASA-202102-28
5
reference_url https://security.archlinux.org/ASA-202102-37
reference_id ASA-202102-37
reference_type
scores
url https://security.archlinux.org/ASA-202102-37
6
reference_url https://security.archlinux.org/AVG-1465
reference_id AVG-1465
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1465
7
reference_url https://security.archlinux.org/AVG-1593
reference_id AVG-1593
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1593
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-23336
reference_id CVE-2021-23336
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-23336
9
reference_url https://security.gentoo.org/glsa/202104-04
reference_id GLSA-202104-04
reference_type
scores
url https://security.gentoo.org/glsa/202104-04
10
reference_url https://access.redhat.com/errata/RHSA-2021:1633
reference_id RHSA-2021:1633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1633
11
reference_url https://access.redhat.com/errata/RHSA-2021:3252
reference_id RHSA-2021:3252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3252
12
reference_url https://access.redhat.com/errata/RHSA-2021:4151
reference_id RHSA-2021:4151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4151
13
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
fixed_packages
0
url pkg:pypi/django@2.2.19
purl pkg:pypi/django@2.2.19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-attf-6gj8-ebaj
6
vulnerability VCID-drwp-htkk-bkfh
7
vulnerability VCID-fhp8-tck4-mye4
8
vulnerability VCID-fksk-pr23-2yd8
9
vulnerability VCID-j81e-su1y-tqa6
10
vulnerability VCID-n9vn-4uxr-hkau
11
vulnerability VCID-nss9-1yrb-x7f2
12
vulnerability VCID-u9q1-63gf-7feh
13
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.19
1
url pkg:pypi/django@3.0a1
purl pkg:pypi/django@3.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4cp2-k4mn-8ffj
2
vulnerability VCID-4pb2-tqru-uufs
3
vulnerability VCID-fhp8-tck4-mye4
4
vulnerability VCID-n9vn-4uxr-hkau
5
vulnerability VCID-qvfs-2v1h-p3h4
6
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0a1
2
url pkg:pypi/django@3.0.13
purl pkg:pypi/django@3.0.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-9mpt-zxaw-kkeg
2
vulnerability VCID-fhp8-tck4-mye4
3
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.13
3
url pkg:pypi/django@3.1a1
purl pkg:pypi/django@3.1a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-9mpt-zxaw-kkeg
2
vulnerability VCID-fhp8-tck4-mye4
3
vulnerability VCID-qvfs-2v1h-p3h4
4
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1a1
4
url pkg:pypi/django@3.1.7
purl pkg:pypi/django@3.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4pb2-tqru-uufs
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-fhp8-tck4-mye4
4
vulnerability VCID-j81e-su1y-tqa6
5
vulnerability VCID-n9vn-4uxr-hkau
6
vulnerability VCID-u9q1-63gf-7feh
7
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.7
5
url pkg:pypi/django@3.2a1
purl pkg:pypi/django@3.2a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4pb2-tqru-uufs
3
vulnerability VCID-4z4e-8ttu-tyd6
4
vulnerability VCID-6jpg-yrf8-cufy
5
vulnerability VCID-am3f-c5ex-8ff2
6
vulnerability VCID-au8h-vj9k-pufv
7
vulnerability VCID-f4a7-tcz5-byfj
8
vulnerability VCID-m33h-4p9q-63fb
9
vulnerability VCID-n9vn-4uxr-hkau
10
vulnerability VCID-z4x1-e7tp-rqhz
11
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2a1
aliases CVE-2021-23336
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wnxx-rc7w-cke4
22
url VCID-z4x1-e7tp-rqhz
vulnerability_id VCID-z4x1-e7tp-rqhz
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33571.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33571.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33571
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03132
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33571
2
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.2/releases/security
3
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
4
reference_url https://github.com/advisories/GHSA-p99v-5w3c-jqq9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-p99v-5w3c-jqq9
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/203d4ab9ebcd72fc4d6eb7398e66ed9e474e118e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/203d4ab9ebcd72fc4d6eb7398e66ed9e474e118e
7
reference_url https://github.com/django/django/commit/9f75e2e562fa0c0482f3dde6fc7399a9070b4a3d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/9f75e2e562fa0c0482f3dde6fc7399a9070b4a3d
8
reference_url https://github.com/django/django/commit/f27c38ab5d90f68c9dd60cabef248a570c0be8fc
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f27c38ab5d90f68c9dd60cabef248a570c0be8fc
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-99.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-99.yaml
10
reference_url https://groups.google.com/g/django-announce/c/sPyjSKMi8Eo
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/django-announce/c/sPyjSKMi8Eo
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
13
reference_url https://security.netapp.com/advisory/ntap-20210727-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210727-0004
14
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
15
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966253
reference_id 1966253
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966253
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
reference_id 989394
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
18
reference_url https://security.archlinux.org/ASA-202106-41
reference_id ASA-202106-41
reference_type
scores
url https://security.archlinux.org/ASA-202106-41
19
reference_url https://security.archlinux.org/AVG-2026
reference_id AVG-2026
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2026
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33571
reference_id CVE-2021-33571
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33571
21
reference_url https://access.redhat.com/errata/RHSA-2021:3490
reference_id RHSA-2021:3490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3490
22
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
23
reference_url https://access.redhat.com/errata/RHSA-2021:5070
reference_id RHSA-2021:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5070
fixed_packages
0
url pkg:pypi/django@2.2.24
purl pkg:pypi/django@2.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-attf-6gj8-ebaj
5
vulnerability VCID-drwp-htkk-bkfh
6
vulnerability VCID-fksk-pr23-2yd8
7
vulnerability VCID-n9vn-4uxr-hkau
8
vulnerability VCID-nss9-1yrb-x7f2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24
1
url pkg:pypi/django@3.1.12
purl pkg:pypi/django@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4pb2-tqru-uufs
2
vulnerability VCID-n9vn-4uxr-hkau
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12
2
url pkg:pypi/django@3.2.4
purl pkg:pypi/django@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4pb2-tqru-uufs
3
vulnerability VCID-4z4e-8ttu-tyd6
4
vulnerability VCID-51tx-4tp9-kbcz
5
vulnerability VCID-6jpg-yrf8-cufy
6
vulnerability VCID-9end-mq19-rke5
7
vulnerability VCID-am3f-c5ex-8ff2
8
vulnerability VCID-attf-6gj8-ebaj
9
vulnerability VCID-au8h-vj9k-pufv
10
vulnerability VCID-drwp-htkk-bkfh
11
vulnerability VCID-f4a7-tcz5-byfj
12
vulnerability VCID-fksk-pr23-2yd8
13
vulnerability VCID-fsaw-3ta1-x3dw
14
vulnerability VCID-m1dr-sjmw-jfd2
15
vulnerability VCID-m33h-4p9q-63fb
16
vulnerability VCID-n9vn-4uxr-hkau
17
vulnerability VCID-nss9-1yrb-x7f2
18
vulnerability VCID-qgp1-4efd-6yg6
19
vulnerability VCID-yuda-1mur-8bbq
20
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4
aliases CVE-2021-33571, GHSA-p99v-5w3c-jqq9, PYSEC-2021-99
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z4x1-e7tp-rqhz
Fixing_vulnerabilities
0
url VCID-pgtx-cdua-kfb4
vulnerability_id VCID-pgtx-cdua-kfb4
summary Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests, for updating the inline model. Directly editing the view-only parent model was not possible, but the parent model's save() method was called, triggering potential side effects, and causing pre and post-save signal handlers to be invoked. (To resolve this, the Django admin is adjusted to require edit permissions on the parent model in order for inline models to be editable.)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19118.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19118.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19118
reference_id
reference_type
scores
0
value 0.00354
scoring_system epss
scoring_elements 0.57984
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19118
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
4
reference_url https://github.com/advisories/GHSA-hvmf-r92r-27hr
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hvmf-r92r-27hr
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/103ebe2b5ff1b2614b85a52c239f471904d26244
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/103ebe2b5ff1b2614b85a52c239f471904d26244
7
reference_url https://github.com/django/django/commit/36f580a17f0b3cb087deadf3b65eea024f479c21
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/36f580a17f0b3cb087deadf3b65eea024f479c21
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-15.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-15.yaml
9
reference_url https://groups.google.com/forum/#!topic/django-announce/GjGqDvtNmWQ
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/GjGqDvtNmWQ
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R4HD22PVEVQ45H2JA2NXH443AYJOPL5
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R4HD22PVEVQ45H2JA2NXH443AYJOPL5
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R4HD22PVEVQ45H2JA2NXH443AYJOPL5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6R4HD22PVEVQ45H2JA2NXH443AYJOPL5/
12
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
13
reference_url https://security.netapp.com/advisory/ntap-20191217-0003
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20191217-0003
14
reference_url https://security.netapp.com/advisory/ntap-20191217-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20191217-0003/
15
reference_url https://www.djangoproject.com/weblog/2019/dec/02/security-releases
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/dec/02/security-releases
16
reference_url https://www.djangoproject.com/weblog/2019/dec/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/dec/02/security-releases/
17
reference_url http://www.openwall.com/lists/oss-security/2019/12/02/1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/12/02/1
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781269
reference_id 1781269
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781269
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946011
reference_id 946011
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946011
20
reference_url https://security.archlinux.org/AVG-1070
reference_id AVG-1070
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1070
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19118
reference_id CVE-2019-19118
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19118
fixed_packages
0
url pkg:pypi/django@2.1.15
purl pkg:pypi/django@2.1.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-5q58-pzt4-8uey
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-vdpf-jddk-syda
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.15
1
url pkg:pypi/django@2.2.8
purl pkg:pypi/django@2.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4cp2-k4mn-8ffj
2
vulnerability VCID-51tx-4tp9-kbcz
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6jpg-yrf8-cufy
5
vulnerability VCID-9end-mq19-rke5
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-attf-6gj8-ebaj
8
vulnerability VCID-drwp-htkk-bkfh
9
vulnerability VCID-fhp8-tck4-mye4
10
vulnerability VCID-fksk-pr23-2yd8
11
vulnerability VCID-hh9b-52xn-z7a9
12
vulnerability VCID-j81e-su1y-tqa6
13
vulnerability VCID-m4wa-xv9b-q7ce
14
vulnerability VCID-n9vn-4uxr-hkau
15
vulnerability VCID-na9w-xkvx-cbhd
16
vulnerability VCID-nss9-1yrb-x7f2
17
vulnerability VCID-q8r2-m9s6-rbek
18
vulnerability VCID-qvfs-2v1h-p3h4
19
vulnerability VCID-u9q1-63gf-7feh
20
vulnerability VCID-vdpf-jddk-syda
21
vulnerability VCID-wnxx-rc7w-cke4
22
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.8
aliases CVE-2019-19118, GHSA-hvmf-r92r-27hr, PYSEC-2019-15
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pgtx-cdua-kfb4
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.8