Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django@2.2a1
Typepypi
Namespace
Namedjango
Version2.2a1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.2.29
Latest_non_vulnerable_version6.0.4
Affected_by_vulnerabilities
0
url VCID-1v22-g646-wbay
vulnerability_id VCID-1v22-g646-wbay
summary An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14235.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14235.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14235
reference_id
reference_type
scores
0
value 0.04511
scoring_system epss
scoring_elements 0.89115
published_at 2026-04-07T12:55:00Z
1
value 0.04511
scoring_system epss
scoring_elements 0.89112
published_at 2026-04-04T12:55:00Z
2
value 0.04511
scoring_system epss
scoring_elements 0.89098
published_at 2026-04-02T12:55:00Z
3
value 0.04511
scoring_system epss
scoring_elements 0.89089
published_at 2026-04-01T12:55:00Z
4
value 0.04511
scoring_system epss
scoring_elements 0.89143
published_at 2026-04-13T12:55:00Z
5
value 0.04511
scoring_system epss
scoring_elements 0.89145
published_at 2026-04-12T12:55:00Z
6
value 0.04511
scoring_system epss
scoring_elements 0.89148
published_at 2026-04-11T12:55:00Z
7
value 0.04511
scoring_system epss
scoring_elements 0.89138
published_at 2026-04-09T12:55:00Z
8
value 0.04511
scoring_system epss
scoring_elements 0.89132
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14235
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
8
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
9
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/advisories/GHSA-v9qg-3j8p-r63v
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-v9qg-3j8p-r63v
12
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-14.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-14.yaml
14
reference_url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14235
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14235
18
reference_url https://seclists.org/bugtraq/2019/Aug/15
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/15
19
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
20
reference_url https://security.netapp.com/advisory/ntap-20190828-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190828-0002
21
reference_url https://security.netapp.com/advisory/ntap-20190828-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190828-0002/
22
reference_url https://www.debian.org/security/2019/dsa-4498
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4498
23
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
24
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1734422
reference_id 1734422
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1734422
26
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
reference_id 934026
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
27
reference_url https://security.archlinux.org/ASA-201908-2
reference_id ASA-201908-2
reference_type
scores
url https://security.archlinux.org/ASA-201908-2
28
reference_url https://security.archlinux.org/AVG-1015
reference_id AVG-1015
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1015
29
reference_url https://access.redhat.com/errata/RHSA-2020:1324
reference_id RHSA-2020:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1324
30
reference_url https://access.redhat.com/errata/RHSA-2020:4390
reference_id RHSA-2020:4390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4390
31
reference_url https://usn.ubuntu.com/4084-1/
reference_id USN-4084-1
reference_type
scores
url https://usn.ubuntu.com/4084-1/
fixed_packages
0
url pkg:pypi/django@2.2.4
purl pkg:pypi/django@2.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-66w1-4zku-gyfp
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-8jaq-53td-wbeg
5
vulnerability VCID-9k9t-vp1a-z7bt
6
vulnerability VCID-9uzd-mmyv-mfh4
7
vulnerability VCID-b2ds-36xh-zfhp
8
vulnerability VCID-c2kc-1jh1-j3ha
9
vulnerability VCID-c8s7-3g9m-d3cw
10
vulnerability VCID-e2jd-yd4j-kqgt
11
vulnerability VCID-gp5e-nguh-5fdk
12
vulnerability VCID-hwa2-n7a2-pyg1
13
vulnerability VCID-j4br-4y39-s3gs
14
vulnerability VCID-kypj-ptb9-8qhz
15
vulnerability VCID-mmay-juu6-5ua9
16
vulnerability VCID-mzdk-m12w-q3fc
17
vulnerability VCID-pa75-6avj-duf7
18
vulnerability VCID-qm34-ec8s-tfd7
19
vulnerability VCID-th9v-dk98-3kea
20
vulnerability VCID-u7m5-tzv2-c7hn
21
vulnerability VCID-ume2-wt6y-jye7
22
vulnerability VCID-upy5-adtx-n7hg
23
vulnerability VCID-v4ad-xxy8-wfc9
24
vulnerability VCID-w2dv-u8h6-sbgs
25
vulnerability VCID-w4pr-k5nj-ckgy
26
vulnerability VCID-w6k8-js68-87g4
27
vulnerability VCID-wb34-g6xq-rkfx
28
vulnerability VCID-wkrc-62bd-bbgx
29
vulnerability VCID-x516-xwze-6ba3
30
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4
aliases CVE-2019-14235, GHSA-v9qg-3j8p-r63v, PYSEC-2019-14
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1v22-g646-wbay
1
url VCID-2zb9-27sm-3kgh
vulnerability_id VCID-2zb9-27sm-3kgh
summary An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14232.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14232.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14232
reference_id
reference_type
scores
0
value 0.03026
scoring_system epss
scoring_elements 0.86583
published_at 2026-04-01T12:55:00Z
1
value 0.03026
scoring_system epss
scoring_elements 0.86646
published_at 2026-04-13T12:55:00Z
2
value 0.03026
scoring_system epss
scoring_elements 0.86655
published_at 2026-04-11T12:55:00Z
3
value 0.03026
scoring_system epss
scoring_elements 0.86642
published_at 2026-04-09T12:55:00Z
4
value 0.03026
scoring_system epss
scoring_elements 0.86632
published_at 2026-04-08T12:55:00Z
5
value 0.03026
scoring_system epss
scoring_elements 0.86613
published_at 2026-04-07T12:55:00Z
6
value 0.03026
scoring_system epss
scoring_elements 0.86594
published_at 2026-04-02T12:55:00Z
7
value 0.03026
scoring_system epss
scoring_elements 0.86653
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14232
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
27
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
28
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
30
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
31
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://docs.djangoproject.com/en/dev/releases/security/
32
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
33
reference_url https://github.com/advisories/GHSA-c4qh-4vgv-qc6g
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-c4qh-4vgv-qc6g
34
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
35
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-11.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-11.yaml
36
reference_url https://github.com/pypa/advisory-db/tree/main/vulns/django/PYSEC-2019-11.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-db/tree/main/vulns/django/PYSEC-2019-11.yaml
37
reference_url https://groups.google.com/forum/#%21topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://groups.google.com/forum/#%21topic/django-announce/jIoju2-KLDs
38
reference_url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
41
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
42
reference_url https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ
43
reference_url https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW
44
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14232
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14232
45
reference_url https://seclists.org/bugtraq/2019/Aug/15
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://seclists.org/bugtraq/2019/Aug/15
46
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://security.gentoo.org/glsa/202004-17
47
reference_url https://security.netapp.com/advisory/ntap-20190828-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190828-0002
48
reference_url https://security.netapp.com/advisory/ntap-20190828-0002/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://security.netapp.com/advisory/ntap-20190828-0002/
49
reference_url https://www.debian.org/security/2019/dsa-4498
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://www.debian.org/security/2019/dsa-4498
50
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
51
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
52
reference_url https://www.openwall.com/lists/oss-security/2023/10/04/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2023/10/04/6
53
reference_url http://www.openwall.com/lists/oss-security/2023/10/04/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url http://www.openwall.com/lists/oss-security/2023/10/04/6
54
reference_url http://www.openwall.com/lists/oss-security/2024/03/04/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url http://www.openwall.com/lists/oss-security/2024/03/04/1
55
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1734405
reference_id 1734405
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1734405
56
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
reference_id 934026
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
57
reference_url https://security.archlinux.org/ASA-201908-2
reference_id ASA-201908-2
reference_type
scores
url https://security.archlinux.org/ASA-201908-2
58
reference_url https://security.archlinux.org/AVG-1015
reference_id AVG-1015
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1015
59
reference_url https://access.redhat.com/errata/RHSA-2020:1324
reference_id RHSA-2020:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1324
60
reference_url https://access.redhat.com/errata/RHSA-2020:4390
reference_id RHSA-2020:4390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4390
61
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
62
reference_url https://usn.ubuntu.com/4084-1/
reference_id USN-4084-1
reference_type
scores
url https://usn.ubuntu.com/4084-1/
fixed_packages
0
url pkg:pypi/django@2.2.4
purl pkg:pypi/django@2.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-66w1-4zku-gyfp
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-8jaq-53td-wbeg
5
vulnerability VCID-9k9t-vp1a-z7bt
6
vulnerability VCID-9uzd-mmyv-mfh4
7
vulnerability VCID-b2ds-36xh-zfhp
8
vulnerability VCID-c2kc-1jh1-j3ha
9
vulnerability VCID-c8s7-3g9m-d3cw
10
vulnerability VCID-e2jd-yd4j-kqgt
11
vulnerability VCID-gp5e-nguh-5fdk
12
vulnerability VCID-hwa2-n7a2-pyg1
13
vulnerability VCID-j4br-4y39-s3gs
14
vulnerability VCID-kypj-ptb9-8qhz
15
vulnerability VCID-mmay-juu6-5ua9
16
vulnerability VCID-mzdk-m12w-q3fc
17
vulnerability VCID-pa75-6avj-duf7
18
vulnerability VCID-qm34-ec8s-tfd7
19
vulnerability VCID-th9v-dk98-3kea
20
vulnerability VCID-u7m5-tzv2-c7hn
21
vulnerability VCID-ume2-wt6y-jye7
22
vulnerability VCID-upy5-adtx-n7hg
23
vulnerability VCID-v4ad-xxy8-wfc9
24
vulnerability VCID-w2dv-u8h6-sbgs
25
vulnerability VCID-w4pr-k5nj-ckgy
26
vulnerability VCID-w6k8-js68-87g4
27
vulnerability VCID-wb34-g6xq-rkfx
28
vulnerability VCID-wkrc-62bd-bbgx
29
vulnerability VCID-x516-xwze-6ba3
30
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4
aliases CVE-2019-14232, GHSA-c4qh-4vgv-qc6g, PYSEC-2019-11
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zb9-27sm-3kgh
2
url VCID-3s9f-prpy-hbcx
vulnerability_id VCID-3s9f-prpy-hbcx
summary 
Cross-site Scripting
The jQuery library, which is included in rdoc, mishandles `jQuery.extend(true, {}, ...)` because of Object.prototype pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype.`
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
2
reference_url http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html
3
reference_url http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html
4
reference_url http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html
5
reference_url https://access.redhat.com/errata/RHBA-2019:1570
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://access.redhat.com/errata/RHBA-2019:1570
6
reference_url https://access.redhat.com/errata/RHSA-2019:1456
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://access.redhat.com/errata/RHSA-2019:1456
7
reference_url https://access.redhat.com/errata/RHSA-2019:2587
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://access.redhat.com/errata/RHSA-2019:2587
8
reference_url https://access.redhat.com/errata/RHSA-2019:3023
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://access.redhat.com/errata/RHSA-2019:3023
9
reference_url https://access.redhat.com/errata/RHSA-2019:3024
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://access.redhat.com/errata/RHSA-2019:3024
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11358.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11358.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11358
reference_id
reference_type
scores
0
value 0.01856
scoring_system epss
scoring_elements 0.83035
published_at 2026-04-11T12:55:00Z
1
value 0.01856
scoring_system epss
scoring_elements 0.83024
published_at 2026-04-13T12:55:00Z
2
value 0.01856
scoring_system epss
scoring_elements 0.83028
published_at 2026-04-12T12:55:00Z
3
value 0.01856
scoring_system epss
scoring_elements 0.8302
published_at 2026-04-09T12:55:00Z
4
value 0.01856
scoring_system epss
scoring_elements 0.83012
published_at 2026-04-08T12:55:00Z
5
value 0.01856
scoring_system epss
scoring_elements 0.82988
published_at 2026-04-07T12:55:00Z
6
value 0.01856
scoring_system epss
scoring_elements 0.8299
published_at 2026-04-04T12:55:00Z
7
value 0.02717
scoring_system epss
scoring_elements 0.85871
published_at 2026-04-02T12:55:00Z
8
value 0.02717
scoring_system epss
scoring_elements 0.8586
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11358
12
reference_url https://backdropcms.org/security/backdrop-sa-core-2019-009
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://backdropcms.org/security/backdrop-sa-core-2019-009
13
reference_url https://blog.jquery.com/2019/04/10/jquery-3-4-0-released
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.jquery.com/2019/04/10/jquery-3-4-0-released
14
reference_url https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474
25
reference_url http://seclists.org/fulldisclosure/2019/May/10
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://seclists.org/fulldisclosure/2019/May/10
26
reference_url http://seclists.org/fulldisclosure/2019/May/11
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://seclists.org/fulldisclosure/2019/May/11
27
reference_url http://seclists.org/fulldisclosure/2019/May/13
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://seclists.org/fulldisclosure/2019/May/13
28
reference_url https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f
29
reference_url https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829
30
reference_url https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad
31
reference_url https://github.com/jquery/jquery
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery
32
reference_url https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
33
reference_url https://github.com/jquery/jquery/pull/4333
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://github.com/jquery/jquery/pull/4333
34
reference_url https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc
35
reference_url https://github.com/maximebf/php-debugbar/issues/447
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/maximebf/php-debugbar/issues/447
36
reference_url https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434
37
reference_url https://hackerone.com/reports/454365
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements
url https://hackerone.com/reports/454365
38
reference_url https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601
39
reference_url https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E
48
reference_url https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E
49
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
50
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
51
reference_url https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E
52
reference_url https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E
53
reference_url https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E
54
reference_url https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E
55
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
56
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
57
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
58
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
59
reference_url https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E
60
reference_url https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E
61
reference_url https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E
62
reference_url https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E
63
reference_url https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E
64
reference_url https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E
65
reference_url https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E
66
reference_url https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E
67
reference_url https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E
68
reference_url https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E
69
reference_url https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E
70
reference_url https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E
71
reference_url https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E
72
reference_url https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E
73
reference_url https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E
74
reference_url https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E
75
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
76
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
77
reference_url https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html
78
reference_url https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html
79
reference_url https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html
80
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
81
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA
82
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI
83
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO
84
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP
85
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F
86
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5
87
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA
88
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI
89
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO
90
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP
91
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F
92
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5
93
reference_url https://seclists.org/bugtraq/2019/Apr/32
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://seclists.org/bugtraq/2019/Apr/32
94
reference_url https://seclists.org/bugtraq/2019/Jun/12
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://seclists.org/bugtraq/2019/Jun/12
95
reference_url https://seclists.org/bugtraq/2019/May/18
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://seclists.org/bugtraq/2019/May/18
96
reference_url https://security.netapp.com/advisory/ntap-20190919-0001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190919-0001
97
reference_url https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226
98
reference_url https://snyk.io/vuln/SNYK-JS-JQUERY-174006
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://snyk.io/vuln/SNYK-JS-JQUERY-174006
99
reference_url https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1
100
reference_url https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023
101
reference_url https://www.debian.org/security/2019/dsa-4434
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.debian.org/security/2019/dsa-4434
102
reference_url https://www.debian.org/security/2019/dsa-4460
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.debian.org/security/2019/dsa-4460
103
reference_url https://www.djangoproject.com/weblog/2019/jun/03/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/jun/03/security-releases
104
reference_url https://www.drupal.org/sa-core-2019-006
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.drupal.org/sa-core-2019-006
105
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
106
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpuApr2021.html
107
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
108
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpujan2021.html
109
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpujan2022.html
110
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
111
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com//security-alerts/cpujul2021.html
112
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpuoct2020.html
113
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/security-alerts/cpuoct2021.html
114
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
115
reference_url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
116
reference_url https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery
117
reference_url https://www.synology.com/security/advisory/Synology_SA_19_19
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.synology.com/security/advisory/Synology_SA_19_19
118
reference_url https://www.tenable.com/security/tns-2019-08
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.tenable.com/security/tns-2019-08
119
reference_url https://www.tenable.com/security/tns-2020-02
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.tenable.com/security/tns-2020-02
120
reference_url http://www.openwall.com/lists/oss-security/2019/06/03/2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://www.openwall.com/lists/oss-security/2019/06/03/2
121
reference_url http://www.securityfocus.com/bid/108023
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url http://www.securityfocus.com/bid/108023
122
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1701972
reference_id 1701972
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1701972
123
reference_url https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json
reference_id 496
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements
url https://github.com/nodejs/security-wg/blob/main/vuln/npm/496.json
124
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/
reference_id 4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/
125
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/
reference_id 5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/
126
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927466
reference_id 927466
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927466
127
reference_url https://security.archlinux.org/ASA-201906-2
reference_id ASA-201906-2
reference_type
scores
url https://security.archlinux.org/ASA-201906-2
128
reference_url https://security.archlinux.org/AVG-969
reference_id AVG-969
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-969
129
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11358
reference_id CVE-2019-11358
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-11358
130
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml
reference_id CVE-2019-11358.YML
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml
131
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52141.txt
reference_id CVE-2020-7656;CVE-2019-11358
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52141.txt
132
reference_url https://github.com/advisories/GHSA-6c3j-c64m-qhgq
reference_id GHSA-6c3j-c64m-qhgq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6c3j-c64m-qhgq
133
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/
reference_id KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/
134
reference_url https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/
reference_id mitigating-cve-2019-11358-in-old-versions-of-jquery
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/
135
reference_url https://security.netapp.com/advisory/ntap-20190919-0001/
reference_id ntap-20190919-0001
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://security.netapp.com/advisory/ntap-20190919-0001/
136
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/
reference_id QV3PKZC3PQCO3273HAT76PAQZFBEO4KP
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/
137
reference_url https://access.redhat.com/errata/RHSA-2020:1325
reference_id RHSA-2020:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1325
138
reference_url https://access.redhat.com/errata/RHSA-2020:2412
reference_id RHSA-2020:2412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2412
139
reference_url https://access.redhat.com/errata/RHSA-2020:3936
reference_id RHSA-2020:3936
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3936
140
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
141
reference_url https://access.redhat.com/errata/RHSA-2020:4670
reference_id RHSA-2020:4670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4670
142
reference_url https://access.redhat.com/errata/RHSA-2020:4847
reference_id RHSA-2020:4847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4847
143
reference_url https://access.redhat.com/errata/RHSA-2020:5581
reference_id RHSA-2020:5581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5581
144
reference_url https://access.redhat.com/errata/RHSA-2021:4142
reference_id RHSA-2021:4142
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4142
145
reference_url https://access.redhat.com/errata/RHSA-2022:7343
reference_id RHSA-2022:7343
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7343
146
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
147
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
148
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
149
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
150
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/
reference_id RLXRX23725JL366CNZGJZ7AQQB7LHQ6F
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/
151
reference_url https://usn.ubuntu.com/7622-1/
reference_id USN-7622-1
reference_type
scores
url https://usn.ubuntu.com/7622-1/
152
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/
reference_id WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:03:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/
fixed_packages
0
url pkg:pypi/django@2.2.2
purl pkg:pypi/django@2.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1v22-g646-wbay
1
vulnerability VCID-2zb9-27sm-3kgh
2
vulnerability VCID-66w1-4zku-gyfp
3
vulnerability VCID-6gss-ppm5-3yc9
4
vulnerability VCID-6xs7-fpvj-mbbw
5
vulnerability VCID-84mm-45p6-xkau
6
vulnerability VCID-896g-hqec-ryb9
7
vulnerability VCID-8jaq-53td-wbeg
8
vulnerability VCID-9k9t-vp1a-z7bt
9
vulnerability VCID-9uzd-mmyv-mfh4
10
vulnerability VCID-a8zx-jamf-cfcm
11
vulnerability VCID-b2ds-36xh-zfhp
12
vulnerability VCID-c2kc-1jh1-j3ha
13
vulnerability VCID-c8s7-3g9m-d3cw
14
vulnerability VCID-e2jd-yd4j-kqgt
15
vulnerability VCID-f7dh-ahya-hfar
16
vulnerability VCID-gp5e-nguh-5fdk
17
vulnerability VCID-hpg4-c6bk-s7c7
18
vulnerability VCID-hwa2-n7a2-pyg1
19
vulnerability VCID-j4br-4y39-s3gs
20
vulnerability VCID-jtru-9jmz-kkek
21
vulnerability VCID-k114-8z8u-2qh1
22
vulnerability VCID-kypj-ptb9-8qhz
23
vulnerability VCID-mjsc-w5v5-t7cg
24
vulnerability VCID-mmay-juu6-5ua9
25
vulnerability VCID-mzdk-m12w-q3fc
26
vulnerability VCID-pa75-6avj-duf7
27
vulnerability VCID-qjez-qe32-e3b6
28
vulnerability VCID-qm34-ec8s-tfd7
29
vulnerability VCID-th9v-dk98-3kea
30
vulnerability VCID-u7m5-tzv2-c7hn
31
vulnerability VCID-ume2-wt6y-jye7
32
vulnerability VCID-upy5-adtx-n7hg
33
vulnerability VCID-v4ad-xxy8-wfc9
34
vulnerability VCID-w2dv-u8h6-sbgs
35
vulnerability VCID-w4pr-k5nj-ckgy
36
vulnerability VCID-w6k8-js68-87g4
37
vulnerability VCID-wb34-g6xq-rkfx
38
vulnerability VCID-wkrc-62bd-bbgx
39
vulnerability VCID-x516-xwze-6ba3
40
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.2
aliases CVE-2019-11358, GHSA-6c3j-c64m-qhgq
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3s9f-prpy-hbcx
3
url VCID-56na-n4w5-8fak
vulnerability_id VCID-56na-n4w5-8fak
summary An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12308.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12308.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12308
reference_id
reference_type
scores
0
value 0.01454
scoring_system epss
scoring_elements 0.80773
published_at 2026-04-04T12:55:00Z
1
value 0.01454
scoring_system epss
scoring_elements 0.80752
published_at 2026-04-02T12:55:00Z
2
value 0.01454
scoring_system epss
scoring_elements 0.80743
published_at 2026-04-01T12:55:00Z
3
value 0.01454
scoring_system epss
scoring_elements 0.808
published_at 2026-04-13T12:55:00Z
4
value 0.01454
scoring_system epss
scoring_elements 0.80808
published_at 2026-04-12T12:55:00Z
5
value 0.01454
scoring_system epss
scoring_elements 0.80822
published_at 2026-04-11T12:55:00Z
6
value 0.01454
scoring_system epss
scoring_elements 0.80806
published_at 2026-04-09T12:55:00Z
7
value 0.01454
scoring_system epss
scoring_elements 0.80798
published_at 2026-04-08T12:55:00Z
8
value 0.01454
scoring_system epss
scoring_elements 0.8077
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12308
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12308
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12308
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12781
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12781
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6975
7
reference_url https://docs.djangoproject.com/en/dev/releases/1.11.21
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/1.11.21
8
reference_url https://docs.djangoproject.com/en/dev/releases/1.11.21/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/1.11.21/
9
reference_url https://docs.djangoproject.com/en/dev/releases/2.1.9
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/2.1.9
10
reference_url https://docs.djangoproject.com/en/dev/releases/2.1.9/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/2.1.9/
11
reference_url https://docs.djangoproject.com/en/dev/releases/2.2.2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/2.2.2
12
reference_url https://docs.djangoproject.com/en/dev/releases/2.2.2/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/2.2.2/
13
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
14
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://github.com/advisories/GHSA-7rp2-fm2h-wchj
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-7rp2-fm2h-wchj
17
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
18
reference_url https://github.com/django/django/commit/09186a13d975de6d049f8b3e05484f66b01ece62
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/09186a13d975de6d049f8b3e05484f66b01ece62
19
reference_url https://github.com/django/django/commit/afddabf8428ddc89a332f7a78d0d21eaf2b5a673
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/afddabf8428ddc89a332f7a78d0d21eaf2b5a673
20
reference_url https://github.com/django/django/commit/c238701859a52d584f349cce15d56c8e8137c52b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c238701859a52d584f349cce15d56c8e8137c52b
21
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-79.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-79.yaml
22
reference_url https://groups.google.com/forum/#!topic/django-announce/GEbHU7YoVz8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/GEbHU7YoVz8
23
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00001.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/06/msg00001.html
24
reference_url https://lists.debian.org/debian-lts-announce/2019/07/msg00001.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/07/msg00001.html
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G/
27
reference_url https://seclists.org/bugtraq/2019/Jul/10
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Jul/10
28
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
29
reference_url https://usn.ubuntu.com/4043-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4043-1
30
reference_url https://usn.ubuntu.com/4043-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4043-1/
31
reference_url https://www.debian.org/security/2019/dsa-4476
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4476
32
reference_url https://www.djangoproject.com/weblog/2019/jun/03/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/jun/03/security-releases
33
reference_url https://www.djangoproject.com/weblog/2019/jun/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/jun/03/security-releases/
34
reference_url http://www.openwall.com/lists/oss-security/2019/06/03/2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/06/03/2
35
reference_url http://www.securityfocus.com/bid/108559
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/108559
36
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1715915
reference_id 1715915
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1715915
37
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929927
reference_id 929927
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929927
38
reference_url https://security.archlinux.org/ASA-201906-2
reference_id ASA-201906-2
reference_type
scores
url https://security.archlinux.org/ASA-201906-2
39
reference_url https://security.archlinux.org/AVG-969
reference_id AVG-969
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-969
40
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12308
reference_id CVE-2019-12308
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12308
fixed_packages
0
url pkg:pypi/django@2.2.2
purl pkg:pypi/django@2.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1v22-g646-wbay
1
vulnerability VCID-2zb9-27sm-3kgh
2
vulnerability VCID-66w1-4zku-gyfp
3
vulnerability VCID-6gss-ppm5-3yc9
4
vulnerability VCID-6xs7-fpvj-mbbw
5
vulnerability VCID-84mm-45p6-xkau
6
vulnerability VCID-896g-hqec-ryb9
7
vulnerability VCID-8jaq-53td-wbeg
8
vulnerability VCID-9k9t-vp1a-z7bt
9
vulnerability VCID-9uzd-mmyv-mfh4
10
vulnerability VCID-a8zx-jamf-cfcm
11
vulnerability VCID-b2ds-36xh-zfhp
12
vulnerability VCID-c2kc-1jh1-j3ha
13
vulnerability VCID-c8s7-3g9m-d3cw
14
vulnerability VCID-e2jd-yd4j-kqgt
15
vulnerability VCID-f7dh-ahya-hfar
16
vulnerability VCID-gp5e-nguh-5fdk
17
vulnerability VCID-hpg4-c6bk-s7c7
18
vulnerability VCID-hwa2-n7a2-pyg1
19
vulnerability VCID-j4br-4y39-s3gs
20
vulnerability VCID-jtru-9jmz-kkek
21
vulnerability VCID-k114-8z8u-2qh1
22
vulnerability VCID-kypj-ptb9-8qhz
23
vulnerability VCID-mjsc-w5v5-t7cg
24
vulnerability VCID-mmay-juu6-5ua9
25
vulnerability VCID-mzdk-m12w-q3fc
26
vulnerability VCID-pa75-6avj-duf7
27
vulnerability VCID-qjez-qe32-e3b6
28
vulnerability VCID-qm34-ec8s-tfd7
29
vulnerability VCID-th9v-dk98-3kea
30
vulnerability VCID-u7m5-tzv2-c7hn
31
vulnerability VCID-ume2-wt6y-jye7
32
vulnerability VCID-upy5-adtx-n7hg
33
vulnerability VCID-v4ad-xxy8-wfc9
34
vulnerability VCID-w2dv-u8h6-sbgs
35
vulnerability VCID-w4pr-k5nj-ckgy
36
vulnerability VCID-w6k8-js68-87g4
37
vulnerability VCID-wb34-g6xq-rkfx
38
vulnerability VCID-wkrc-62bd-bbgx
39
vulnerability VCID-x516-xwze-6ba3
40
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.2
aliases CVE-2019-12308, GHSA-7rp2-fm2h-wchj, PYSEC-2019-79
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-56na-n4w5-8fak
4
url VCID-6gss-ppm5-3yc9
vulnerability_id VCID-6gss-ppm5-3yc9
summary An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36359
reference_id
reference_type
scores
0
value 0.00789
scoring_system epss
scoring_elements 0.73852
published_at 2026-04-04T12:55:00Z
1
value 0.00789
scoring_system epss
scoring_elements 0.73865
published_at 2026-04-13T12:55:00Z
2
value 0.00789
scoring_system epss
scoring_elements 0.73873
published_at 2026-04-12T12:55:00Z
3
value 0.00789
scoring_system epss
scoring_elements 0.73828
published_at 2026-04-02T12:55:00Z
4
value 0.00789
scoring_system epss
scoring_elements 0.73892
published_at 2026-04-11T12:55:00Z
5
value 0.00789
scoring_system epss
scoring_elements 0.7387
published_at 2026-04-09T12:55:00Z
6
value 0.00789
scoring_system epss
scoring_elements 0.73857
published_at 2026-04-08T12:55:00Z
7
value 0.00789
scoring_system epss
scoring_elements 0.73823
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36359
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22818
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22818
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23833
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28346
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28346
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28347
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28347
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34265
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34265
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36359
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36359
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41323
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41323
8
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
9
reference_url https://docs.djangoproject.com/en/4.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.0/releases/security/
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/advisories/GHSA-8x94-hmjh-97hq
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8x94-hmjh-97hq
12
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
13
reference_url https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80
14
reference_url https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3
15
reference_url https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173
16
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml
17
reference_url https://groups.google.com/g/django-announce/c/8cz--gvaJr4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/django-announce/c/8cz--gvaJr4
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36359
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36359
21
reference_url https://security.netapp.com/advisory/ntap-20220915-0008
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220915-0008
22
reference_url https://www.debian.org/security/2022/dsa-5254
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5254
23
reference_url https://www.djangoproject.com/weblog/2022/aug/03/security-releases
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/aug/03/security-releases
24
reference_url https://www.djangoproject.com/weblog/2022/aug/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/aug/03/security-releases/
25
reference_url http://www.openwall.com/lists/oss-security/2022/08/03/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/08/03/1
26
reference_url https://security.archlinux.org/AVG-2810
reference_id AVG-2810
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2810
27
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
28
reference_url https://usn.ubuntu.com/5549-1/
reference_id USN-5549-1
reference_type
scores
url https://usn.ubuntu.com/5549-1/
fixed_packages
0
url pkg:pypi/django@3.2.15
purl pkg:pypi/django@3.2.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-42x9-8c3c-bug1
1
vulnerability VCID-4ztz-fq98-5fh1
2
vulnerability VCID-78r4-85ms-63hm
3
vulnerability VCID-7tca-pgcs-cuhd
4
vulnerability VCID-84mm-45p6-xkau
5
vulnerability VCID-896g-hqec-ryb9
6
vulnerability VCID-8m4b-y4va-kqgm
7
vulnerability VCID-8xgs-8xjr-cber
8
vulnerability VCID-9uzd-mmyv-mfh4
9
vulnerability VCID-e2jd-yd4j-kqgt
10
vulnerability VCID-jh1e-72hp-fuf4
11
vulnerability VCID-nese-5485-hkbs
12
vulnerability VCID-w4pr-k5nj-ckgy
13
vulnerability VCID-wz1q-1tjp-4qhw
14
vulnerability VCID-ypub-ukuh-p3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.15
1
url pkg:pypi/django@4.0.7
purl pkg:pypi/django@4.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-42x9-8c3c-bug1
1
vulnerability VCID-7tca-pgcs-cuhd
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-e2jd-yd4j-kqgt
6
vulnerability VCID-nese-5485-hkbs
7
vulnerability VCID-w4pr-k5nj-ckgy
8
vulnerability VCID-wz1q-1tjp-4qhw
9
vulnerability VCID-ypub-ukuh-p3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.7
aliases BIT-django-2022-36359, CVE-2022-36359, GHSA-8x94-hmjh-97hq, PYSEC-2022-245
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6gss-ppm5-3yc9
5
url VCID-84mm-45p6-xkau
vulnerability_id VCID-84mm-45p6-xkau
summary 
Django has a denial-of-service vulnerability in HttpResponseRedirect and HttpResponsePermanentRedirect on Windows
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.
NFKC normalization in Python is slow on Windows. As a consequence, `django.http.HttpResponseRedirect`, `django.http.HttpResponsePermanentRedirect`, and the shortcut `django.shortcuts.redirect`  were subject to a potential  denial-of-service attack via certain inputs with a very large number of Unicode characters.
Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.
Django would like to thank Seokchan Yoon for reporting this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64458.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64458.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-64458
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05432
published_at 2026-04-13T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05438
published_at 2026-04-12T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05452
published_at 2026-04-11T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.0548
published_at 2026-04-09T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05424
published_at 2026-04-07T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05417
published_at 2026-04-04T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05459
published_at 2026-04-08T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07235
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-64458
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
4
reference_url https://github.com/django/django/commit/3790593781d26168e7306b5b2f8ea0309de16242
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/3790593781d26168e7306b5b2f8ea0309de16242
5
reference_url https://github.com/django/django/commit/4f5d904b63751dea9ffc3b0e046404a7fa5881ac
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4f5d904b63751dea9ffc3b0e046404a7fa5881ac
6
reference_url https://github.com/django/django/commit/6e13348436fccf8f22982921d6a3a3e65c956a9f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6e13348436fccf8f22982921d6a3a3e65c956a9f
7
reference_url https://github.com/django/django/commit/770eea38d7a0e9ba9455140b5a9a9e33618226a7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/770eea38d7a0e9ba9455140b5a9a9e33618226a7
8
reference_url https://groups.google.com/g/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/
url https://groups.google.com/g/django-announce
9
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2412649
reference_id 2412649
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2412649
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-64458
reference_id CVE-2025-64458
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-64458
12
reference_url https://github.com/advisories/GHSA-qw25-v68c-qjf3
reference_id GHSA-qw25-v68c-qjf3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qw25-v68c-qjf3
13
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
reference_id security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
fixed_packages
0
url pkg:pypi/django@4.2.26
purl pkg:pypi/django@4.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28g3-ubx6-ebff
1
vulnerability VCID-2tfv-rtq7-2fg9
2
vulnerability VCID-8qu1-45n9-gyb1
3
vulnerability VCID-ac4c-321h-tqfk
4
vulnerability VCID-e9k9-1s9f-dbgv
5
vulnerability VCID-msge-1mfu-7qfa
6
vulnerability VCID-nda7-9219-6kce
7
vulnerability VCID-ukkt-wgau-t3et
8
vulnerability VCID-vwt9-q3dt-vbfg
9
vulnerability VCID-ysyp-h7ja-yff3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.26
1
url pkg:pypi/django@5.1.14
purl pkg:pypi/django@5.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ukkt-wgau-t3et
1
vulnerability VCID-vwt9-q3dt-vbfg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.14
2
url pkg:pypi/django@5.2.8
purl pkg:pypi/django@5.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28g3-ubx6-ebff
1
vulnerability VCID-2tfv-rtq7-2fg9
2
vulnerability VCID-8qu1-45n9-gyb1
3
vulnerability VCID-ac4c-321h-tqfk
4
vulnerability VCID-e9k9-1s9f-dbgv
5
vulnerability VCID-msge-1mfu-7qfa
6
vulnerability VCID-nda7-9219-6kce
7
vulnerability VCID-ukkt-wgau-t3et
8
vulnerability VCID-vwt9-q3dt-vbfg
9
vulnerability VCID-ysyp-h7ja-yff3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.8
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28g3-ubx6-ebff
1
vulnerability VCID-2tfv-rtq7-2fg9
2
vulnerability VCID-8qu1-45n9-gyb1
3
vulnerability VCID-e9k9-1s9f-dbgv
4
vulnerability VCID-msge-1mfu-7qfa
5
vulnerability VCID-ysyp-h7ja-yff3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
aliases CVE-2025-64458, GHSA-qw25-v68c-qjf3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-84mm-45p6-xkau
6
url VCID-896g-hqec-ryb9
vulnerability_id VCID-896g-hqec-ryb9
summary An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2.22. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are viewed in terminals or processed by external systems.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48432.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48432.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48432
reference_id
reference_type
scores
0
value 0.00411
scoring_system epss
scoring_elements 0.61428
published_at 2026-04-13T12:55:00Z
1
value 0.00411
scoring_system epss
scoring_elements 0.61446
published_at 2026-04-12T12:55:00Z
2
value 0.00411
scoring_system epss
scoring_elements 0.6146
published_at 2026-04-11T12:55:00Z
3
value 0.00411
scoring_system epss
scoring_elements 0.61439
published_at 2026-04-09T12:55:00Z
4
value 0.00411
scoring_system epss
scoring_elements 0.61423
published_at 2026-04-08T12:55:00Z
5
value 0.00411
scoring_system epss
scoring_elements 0.61377
published_at 2026-04-07T12:55:00Z
6
value 0.00411
scoring_system epss
scoring_elements 0.61407
published_at 2026-04-04T12:55:00Z
7
value 0.00411
scoring_system epss
scoring_elements 0.61378
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48432
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/
url https://docs.djangoproject.com/en/dev/releases/security/
27
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
28
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
29
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-47.yaml
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-47.yaml
30
reference_url https://groups.google.com/g/django-announce
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/
url https://groups.google.com/g/django-announce
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-48432
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-48432
32
reference_url https://www.djangoproject.com/weblog/2025/jun/04/security-releases
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/jun/04/security-releases
33
reference_url https://www.djangoproject.com/weblog/2025/jun/04/security-releases/
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/
url https://www.djangoproject.com/weblog/2025/jun/04/security-releases/
34
reference_url https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases
35
reference_url http://www.openwall.com/lists/oss-security/2025/06/04/5
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/04/5
36
reference_url http://www.openwall.com/lists/oss-security/2025/06/10/2
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/10/2
37
reference_url http://www.openwall.com/lists/oss-security/2025/06/10/3
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/10/3
38
reference_url http://www.openwall.com/lists/oss-security/2025/06/10/4
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/10/4
39
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107282
reference_id 1107282
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107282
40
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2370365
reference_id 2370365
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2370365
41
reference_url https://security.archlinux.org/ASA-202506-6
reference_id ASA-202506-6
reference_type
scores
url https://security.archlinux.org/ASA-202506-6
42
reference_url https://security.archlinux.org/AVG-2894
reference_id AVG-2894
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2894
43
reference_url https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/
reference_id bugfix-releases
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/
url https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/
44
reference_url https://github.com/advisories/GHSA-7xr5-9hcq-chf9
reference_id GHSA-7xr5-9hcq-chf9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7xr5-9hcq-chf9
45
reference_url https://access.redhat.com/errata/RHSA-2025:14686
reference_id RHSA-2025:14686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14686
46
reference_url https://access.redhat.com/errata/RHSA-2025:16487
reference_id RHSA-2025:16487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16487
47
reference_url https://usn.ubuntu.com/7555-1/
reference_id USN-7555-1
reference_type
scores
url https://usn.ubuntu.com/7555-1/
fixed_packages
0
url pkg:pypi/django@4.2.22
purl pkg:pypi/django@4.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28g3-ubx6-ebff
1
vulnerability VCID-2tfv-rtq7-2fg9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-8qu1-45n9-gyb1
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-ac4c-321h-tqfk
6
vulnerability VCID-c6xy-v4sf-u3hn
7
vulnerability VCID-e9k9-1s9f-dbgv
8
vulnerability VCID-msge-1mfu-7qfa
9
vulnerability VCID-mux4-uv98-hbbw
10
vulnerability VCID-nda7-9219-6kce
11
vulnerability VCID-ukkt-wgau-t3et
12
vulnerability VCID-vwt9-q3dt-vbfg
13
vulnerability VCID-w4pr-k5nj-ckgy
14
vulnerability VCID-ysyp-h7ja-yff3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.22
1
url pkg:pypi/django@5.1.10
purl pkg:pypi/django@5.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84mm-45p6-xkau
1
vulnerability VCID-9uzd-mmyv-mfh4
2
vulnerability VCID-c6xy-v4sf-u3hn
3
vulnerability VCID-mux4-uv98-hbbw
4
vulnerability VCID-ukkt-wgau-t3et
5
vulnerability VCID-vwt9-q3dt-vbfg
6
vulnerability VCID-w4pr-k5nj-ckgy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.10
2
url pkg:pypi/django@5.2.2
purl pkg:pypi/django@5.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28g3-ubx6-ebff
1
vulnerability VCID-2tfv-rtq7-2fg9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-8qu1-45n9-gyb1
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-ac4c-321h-tqfk
6
vulnerability VCID-c6xy-v4sf-u3hn
7
vulnerability VCID-e9k9-1s9f-dbgv
8
vulnerability VCID-msge-1mfu-7qfa
9
vulnerability VCID-mux4-uv98-hbbw
10
vulnerability VCID-nda7-9219-6kce
11
vulnerability VCID-ukkt-wgau-t3et
12
vulnerability VCID-vwt9-q3dt-vbfg
13
vulnerability VCID-w4pr-k5nj-ckgy
14
vulnerability VCID-ysyp-h7ja-yff3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.2
aliases BIT-django-2025-48432, CVE-2025-48432, GHSA-7xr5-9hcq-chf9, PYSEC-2025-47
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-896g-hqec-ryb9
7
url VCID-8jaq-53td-wbeg
vulnerability_id VCID-8jaq-53td-wbeg
summary Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)
references
0
reference_url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19844.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19844.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19844
reference_id
reference_type
scores
0
value 0.13973
scoring_system epss
scoring_elements 0.94298
published_at 2026-04-02T12:55:00Z
1
value 0.13973
scoring_system epss
scoring_elements 0.9433
published_at 2026-04-13T12:55:00Z
2
value 0.13973
scoring_system epss
scoring_elements 0.94329
published_at 2026-04-12T12:55:00Z
3
value 0.13973
scoring_system epss
scoring_elements 0.94328
published_at 2026-04-11T12:55:00Z
4
value 0.13973
scoring_system epss
scoring_elements 0.94289
published_at 2026-04-01T12:55:00Z
5
value 0.13973
scoring_system epss
scoring_elements 0.94324
published_at 2026-04-09T12:55:00Z
6
value 0.13973
scoring_system epss
scoring_elements 0.9432
published_at 2026-04-08T12:55:00Z
7
value 0.13973
scoring_system epss
scoring_elements 0.9431
published_at 2026-04-07T12:55:00Z
8
value 0.13973
scoring_system epss
scoring_elements 0.94309
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19844
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844
4
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
5
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/advisories/GHSA-vfq6-hq5r-27r6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-vfq6-hq5r-27r6
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26
10
reference_url https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e
11
reference_url https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
12
reference_url https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml
14
reference_url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19844
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19844
18
reference_url https://seclists.org/bugtraq/2020/Jan/9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2020/Jan/9
19
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
20
reference_url https://security.netapp.com/advisory/ntap-20200110-0003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200110-0003
21
reference_url https://security.netapp.com/advisory/ntap-20200110-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200110-0003/
22
reference_url https://usn.ubuntu.com/4224-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4224-1
23
reference_url https://usn.ubuntu.com/4224-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4224-1/
24
reference_url https://www.debian.org/security/2020/dsa-4598
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4598
25
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases
26
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1788425
reference_id 1788425
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1788425
28
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937
reference_id 946937
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937
29
reference_url https://security.archlinux.org/AVG-1080
reference_id AVG-1080
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1080
30
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md
reference_id CVE-2019-19844
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md
31
reference_url https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
reference_id CVE-2019-19844
reference_type exploit
scores
url https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
32
reference_url https://usn.ubuntu.com/6722-1/
reference_id USN-6722-1
reference_type
scores
url https://usn.ubuntu.com/6722-1/
fixed_packages
0
url pkg:pypi/django@2.2.9
purl pkg:pypi/django@2.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-66w1-4zku-gyfp
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-9k9t-vp1a-z7bt
5
vulnerability VCID-9uzd-mmyv-mfh4
6
vulnerability VCID-c8s7-3g9m-d3cw
7
vulnerability VCID-e2jd-yd4j-kqgt
8
vulnerability VCID-gp5e-nguh-5fdk
9
vulnerability VCID-hwa2-n7a2-pyg1
10
vulnerability VCID-j4br-4y39-s3gs
11
vulnerability VCID-kypj-ptb9-8qhz
12
vulnerability VCID-mmay-juu6-5ua9
13
vulnerability VCID-mzdk-m12w-q3fc
14
vulnerability VCID-pa75-6avj-duf7
15
vulnerability VCID-qm34-ec8s-tfd7
16
vulnerability VCID-th9v-dk98-3kea
17
vulnerability VCID-u7m5-tzv2-c7hn
18
vulnerability VCID-ume2-wt6y-jye7
19
vulnerability VCID-upy5-adtx-n7hg
20
vulnerability VCID-v4ad-xxy8-wfc9
21
vulnerability VCID-w2dv-u8h6-sbgs
22
vulnerability VCID-w4pr-k5nj-ckgy
23
vulnerability VCID-w6k8-js68-87g4
24
vulnerability VCID-wb34-g6xq-rkfx
25
vulnerability VCID-wkrc-62bd-bbgx
26
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9
1
url pkg:pypi/django@3.0.1
purl pkg:pypi/django@3.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6gss-ppm5-3yc9
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9k9t-vp1a-z7bt
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-c8s7-3g9m-d3cw
6
vulnerability VCID-e2jd-yd4j-kqgt
7
vulnerability VCID-gan1-9gwu-63d2
8
vulnerability VCID-j4br-4y39-s3gs
9
vulnerability VCID-kypj-ptb9-8qhz
10
vulnerability VCID-mmay-juu6-5ua9
11
vulnerability VCID-mzdk-m12w-q3fc
12
vulnerability VCID-qm34-ec8s-tfd7
13
vulnerability VCID-u7m5-tzv2-c7hn
14
vulnerability VCID-upy5-adtx-n7hg
15
vulnerability VCID-w2dv-u8h6-sbgs
16
vulnerability VCID-w4pr-k5nj-ckgy
17
vulnerability VCID-w6k8-js68-87g4
18
vulnerability VCID-wb34-g6xq-rkfx
19
vulnerability VCID-wkrc-62bd-bbgx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.1
aliases CVE-2019-19844, GHSA-vfq6-hq5r-27r6, PYSEC-2019-16
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8jaq-53td-wbeg
8
url VCID-9uzd-mmyv-mfh4
vulnerability_id VCID-9uzd-mmyv-mfh4
summary 
Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects.
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.
The methods `QuerySet.filter()`, `QuerySet.exclude()`, and `QuerySet.get()`, and the class `Q()`, are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the `_connector` argument.
Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.
Django would like to thank cyberstan for reporting this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64459.json
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64459.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-64459
reference_id
reference_type
scores
0
value 0.00191
scoring_system epss
scoring_elements 0.41087
published_at 2026-04-02T12:55:00Z
1
value 0.00576
scoring_system epss
scoring_elements 0.68804
published_at 2026-04-12T12:55:00Z
2
value 0.00576
scoring_system epss
scoring_elements 0.68818
published_at 2026-04-11T12:55:00Z
3
value 0.00576
scoring_system epss
scoring_elements 0.68795
published_at 2026-04-09T12:55:00Z
4
value 0.00576
scoring_system epss
scoring_elements 0.68776
published_at 2026-04-08T12:55:00Z
5
value 0.00576
scoring_system epss
scoring_elements 0.68724
published_at 2026-04-07T12:55:00Z
6
value 0.00576
scoring_system epss
scoring_elements 0.68747
published_at 2026-04-04T12:55:00Z
7
value 0.00576
scoring_system epss
scoring_elements 0.68774
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-64459
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
27
reference_url https://github.com/django/django/commit/06dd38324ac3d60d83d9f3adabf0dcdf423d2a85
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/06dd38324ac3d60d83d9f3adabf0dcdf423d2a85
28
reference_url https://github.com/django/django/commit/59ae82e67053d281ff4562a24bbba21299f0a7d4
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/59ae82e67053d281ff4562a24bbba21299f0a7d4
29
reference_url https://github.com/django/django/commit/6703f364d767e949c5b0e4016433ef75063b4f9b
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6703f364d767e949c5b0e4016433ef75063b4f9b
30
reference_url https://github.com/django/django/commit/72d2c87431f2ae0431d65d0ec792047f078c8241
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/72d2c87431f2ae0431d65d0ec792047f078c8241
31
reference_url https://github.com/omarkurt/django-connector-CVE-2025-64459-testbed
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/omarkurt/django-connector-CVE-2025-64459-testbed
32
reference_url https://groups.google.com/g/django-announce
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/
url https://groups.google.com/g/django-announce
33
reference_url https://shivasurya.me/security/django/2025/11/07/django-sql-injection-CVE-2025-64459.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://shivasurya.me/security/django/2025/11/07/django-sql-injection-CVE-2025-64459.html
34
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
35
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120139
reference_id 1120139
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120139
36
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2412651
reference_id 2412651
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2412651
37
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52456.py
reference_id CVE-2025-64459
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52456.py
38
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-64459
reference_id CVE-2025-64459
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-64459
39
reference_url https://github.com/advisories/GHSA-frmv-pr5f-9mcr
reference_id GHSA-frmv-pr5f-9mcr
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-frmv-pr5f-9mcr
40
reference_url https://access.redhat.com/errata/RHSA-2025:23069
reference_id RHSA-2025:23069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23069
41
reference_url https://access.redhat.com/errata/RHSA-2025:23070
reference_id RHSA-2025:23070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23070
42
reference_url https://access.redhat.com/errata/RHSA-2025:23130
reference_id RHSA-2025:23130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23130
43
reference_url https://access.redhat.com/errata/RHSA-2025:23131
reference_id RHSA-2025:23131
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23131
44
reference_url https://access.redhat.com/errata/RHSA-2025:23133
reference_id RHSA-2025:23133
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23133
45
reference_url https://access.redhat.com/errata/RHSA-2025:23196
reference_id RHSA-2025:23196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23196
46
reference_url https://access.redhat.com/errata/RHSA-2026:1596
reference_id RHSA-2026:1596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1596
47
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
reference_id security-releases
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
48
reference_url https://usn.ubuntu.com/7859-1/
reference_id USN-7859-1
reference_type
scores
url https://usn.ubuntu.com/7859-1/
fixed_packages
0
url pkg:pypi/django@4.2.26
purl pkg:pypi/django@4.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28g3-ubx6-ebff
1
vulnerability VCID-2tfv-rtq7-2fg9
2
vulnerability VCID-8qu1-45n9-gyb1
3
vulnerability VCID-ac4c-321h-tqfk
4
vulnerability VCID-e9k9-1s9f-dbgv
5
vulnerability VCID-msge-1mfu-7qfa
6
vulnerability VCID-nda7-9219-6kce
7
vulnerability VCID-ukkt-wgau-t3et
8
vulnerability VCID-vwt9-q3dt-vbfg
9
vulnerability VCID-ysyp-h7ja-yff3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.26
1
url pkg:pypi/django@5.1.14
purl pkg:pypi/django@5.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ukkt-wgau-t3et
1
vulnerability VCID-vwt9-q3dt-vbfg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.14
2
url pkg:pypi/django@5.2.8
purl pkg:pypi/django@5.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28g3-ubx6-ebff
1
vulnerability VCID-2tfv-rtq7-2fg9
2
vulnerability VCID-8qu1-45n9-gyb1
3
vulnerability VCID-ac4c-321h-tqfk
4
vulnerability VCID-e9k9-1s9f-dbgv
5
vulnerability VCID-msge-1mfu-7qfa
6
vulnerability VCID-nda7-9219-6kce
7
vulnerability VCID-ukkt-wgau-t3et
8
vulnerability VCID-vwt9-q3dt-vbfg
9
vulnerability VCID-ysyp-h7ja-yff3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.8
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28g3-ubx6-ebff
1
vulnerability VCID-2tfv-rtq7-2fg9
2
vulnerability VCID-8qu1-45n9-gyb1
3
vulnerability VCID-e9k9-1s9f-dbgv
4
vulnerability VCID-msge-1mfu-7qfa
5
vulnerability VCID-ysyp-h7ja-yff3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
aliases CVE-2025-64459, GHSA-frmv-pr5f-9mcr
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9uzd-mmyv-mfh4
9
url VCID-a8zx-jamf-cfcm
vulnerability_id VCID-a8zx-jamf-cfcm
summary An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14234.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14234.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14234
reference_id
reference_type
scores
0
value 0.19114
scoring_system epss
scoring_elements 0.95344
published_at 2026-04-12T12:55:00Z
1
value 0.19114
scoring_system epss
scoring_elements 0.95346
published_at 2026-04-13T12:55:00Z
2
value 0.19114
scoring_system epss
scoring_elements 0.95339
published_at 2026-04-09T12:55:00Z
3
value 0.19114
scoring_system epss
scoring_elements 0.95335
published_at 2026-04-08T12:55:00Z
4
value 0.19114
scoring_system epss
scoring_elements 0.95328
published_at 2026-04-07T12:55:00Z
5
value 0.1952
scoring_system epss
scoring_elements 0.95382
published_at 2026-04-04T12:55:00Z
6
value 0.1952
scoring_system epss
scoring_elements 0.95376
published_at 2026-04-02T12:55:00Z
7
value 0.1952
scoring_system epss
scoring_elements 0.95367
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14234
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
7
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
8
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/advisories/GHSA-6r97-cj55-9hrq
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-6r97-cj55-9hrq
11
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
12
reference_url https://github.com/django/django/commit/4f5b58f5cd3c57fee9972ab074f8dc6895d8f387
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4f5b58f5cd3c57fee9972ab074f8dc6895d8f387
13
reference_url https://github.com/django/django/commit/ed682a24fca774818542757651bfba576c3fc3ef
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/ed682a24fca774818542757651bfba576c3fc3ef
14
reference_url https://github.com/django/django/commit/f74b3ae3628c26e1b4f8db3d13a91d52a833a975
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f74b3ae3628c26e1b4f8db3d13a91d52a833a975
15
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-13.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-13.yaml
16
reference_url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14234
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14234
20
reference_url https://seclists.org/bugtraq/2019/Aug/15
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/15
21
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
22
reference_url https://security.netapp.com/advisory/ntap-20190828-0002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190828-0002
23
reference_url https://security.netapp.com/advisory/ntap-20190828-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190828-0002/
24
reference_url https://www.debian.org/security/2019/dsa-4498
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4498
25
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
26
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1734417
reference_id 1734417
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1734417
28
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
reference_id 934026
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
29
reference_url https://security.archlinux.org/ASA-201908-2
reference_id ASA-201908-2
reference_type
scores
url https://security.archlinux.org/ASA-201908-2
30
reference_url https://security.archlinux.org/AVG-1015
reference_id AVG-1015
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1015
31
reference_url https://access.redhat.com/errata/RHSA-2020:1324
reference_id RHSA-2020:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1324
32
reference_url https://access.redhat.com/errata/RHSA-2020:4390
reference_id RHSA-2020:4390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4390
33
reference_url https://usn.ubuntu.com/4084-1/
reference_id USN-4084-1
reference_type
scores
url https://usn.ubuntu.com/4084-1/
fixed_packages
0
url pkg:pypi/django@2.2.4
purl pkg:pypi/django@2.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-66w1-4zku-gyfp
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-8jaq-53td-wbeg
5
vulnerability VCID-9k9t-vp1a-z7bt
6
vulnerability VCID-9uzd-mmyv-mfh4
7
vulnerability VCID-b2ds-36xh-zfhp
8
vulnerability VCID-c2kc-1jh1-j3ha
9
vulnerability VCID-c8s7-3g9m-d3cw
10
vulnerability VCID-e2jd-yd4j-kqgt
11
vulnerability VCID-gp5e-nguh-5fdk
12
vulnerability VCID-hwa2-n7a2-pyg1
13
vulnerability VCID-j4br-4y39-s3gs
14
vulnerability VCID-kypj-ptb9-8qhz
15
vulnerability VCID-mmay-juu6-5ua9
16
vulnerability VCID-mzdk-m12w-q3fc
17
vulnerability VCID-pa75-6avj-duf7
18
vulnerability VCID-qm34-ec8s-tfd7
19
vulnerability VCID-th9v-dk98-3kea
20
vulnerability VCID-u7m5-tzv2-c7hn
21
vulnerability VCID-ume2-wt6y-jye7
22
vulnerability VCID-upy5-adtx-n7hg
23
vulnerability VCID-v4ad-xxy8-wfc9
24
vulnerability VCID-w2dv-u8h6-sbgs
25
vulnerability VCID-w4pr-k5nj-ckgy
26
vulnerability VCID-w6k8-js68-87g4
27
vulnerability VCID-wb34-g6xq-rkfx
28
vulnerability VCID-wkrc-62bd-bbgx
29
vulnerability VCID-x516-xwze-6ba3
30
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4
aliases CVE-2019-14234, GHSA-6r97-cj55-9hrq, PYSEC-2019-13
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a8zx-jamf-cfcm
10
url VCID-c8s7-3g9m-d3cw
vulnerability_id VCID-c8s7-3g9m-d3cw
summary In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4_address and validate_ipv46_address are unaffected with Python 3.9.5+..) .
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33571.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33571.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33571
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.09841
published_at 2026-04-13T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.09857
published_at 2026-04-12T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.09893
published_at 2026-04-11T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.09741
published_at 2026-04-01T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.09887
published_at 2026-04-09T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.09834
published_at 2026-04-08T12:55:00Z
6
value 0.00034
scoring_system epss
scoring_elements 0.09762
published_at 2026-04-07T12:55:00Z
7
value 0.00034
scoring_system epss
scoring_elements 0.09862
published_at 2026-04-04T12:55:00Z
8
value 0.00034
scoring_system epss
scoring_elements 0.09812
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33571
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33571
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33571
3
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.2/releases/security
4
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-p99v-5w3c-jqq9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-p99v-5w3c-jqq9
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/203d4ab9ebcd72fc4d6eb7398e66ed9e474e118e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/203d4ab9ebcd72fc4d6eb7398e66ed9e474e118e
9
reference_url https://github.com/django/django/commit/9f75e2e562fa0c0482f3dde6fc7399a9070b4a3d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/9f75e2e562fa0c0482f3dde6fc7399a9070b4a3d
10
reference_url https://github.com/django/django/commit/f27c38ab5d90f68c9dd60cabef248a570c0be8fc
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f27c38ab5d90f68c9dd60cabef248a570c0be8fc
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-99.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-99.yaml
12
reference_url https://groups.google.com/g/django-announce/c/sPyjSKMi8Eo
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/django-announce/c/sPyjSKMi8Eo
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33571
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33571
16
reference_url https://security.netapp.com/advisory/ntap-20210727-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210727-0004
17
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
18
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966253
reference_id 1966253
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966253
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
reference_id 989394
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
21
reference_url https://security.archlinux.org/ASA-202106-41
reference_id ASA-202106-41
reference_type
scores
url https://security.archlinux.org/ASA-202106-41
22
reference_url https://security.archlinux.org/AVG-2026
reference_id AVG-2026
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2026
23
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
24
reference_url https://access.redhat.com/errata/RHSA-2021:3490
reference_id RHSA-2021:3490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3490
25
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
26
reference_url https://access.redhat.com/errata/RHSA-2021:5070
reference_id RHSA-2021:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5070
27
reference_url https://usn.ubuntu.com/4975-1/
reference_id USN-4975-1
reference_type
scores
url https://usn.ubuntu.com/4975-1/
fixed_packages
0
url pkg:pypi/django@2.2.24
purl pkg:pypi/django@2.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-66w1-4zku-gyfp
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-e2jd-yd4j-kqgt
6
vulnerability VCID-gp5e-nguh-5fdk
7
vulnerability VCID-hwa2-n7a2-pyg1
8
vulnerability VCID-mzdk-m12w-q3fc
9
vulnerability VCID-pa75-6avj-duf7
10
vulnerability VCID-th9v-dk98-3kea
11
vulnerability VCID-ume2-wt6y-jye7
12
vulnerability VCID-w4pr-k5nj-ckgy
13
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24
1
url pkg:pypi/django@3.1.12
purl pkg:pypi/django@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6gss-ppm5-3yc9
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9uzd-mmyv-mfh4
4
vulnerability VCID-e2jd-yd4j-kqgt
5
vulnerability VCID-gan1-9gwu-63d2
6
vulnerability VCID-mzdk-m12w-q3fc
7
vulnerability VCID-w4pr-k5nj-ckgy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12
2
url pkg:pypi/django@3.2.4
purl pkg:pypi/django@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-42x9-8c3c-bug1
1
vulnerability VCID-4ztz-fq98-5fh1
2
vulnerability VCID-66w1-4zku-gyfp
3
vulnerability VCID-6gss-ppm5-3yc9
4
vulnerability VCID-78r4-85ms-63hm
5
vulnerability VCID-7tca-pgcs-cuhd
6
vulnerability VCID-84mm-45p6-xkau
7
vulnerability VCID-896g-hqec-ryb9
8
vulnerability VCID-8m4b-y4va-kqgm
9
vulnerability VCID-8xgs-8xjr-cber
10
vulnerability VCID-9uzd-mmyv-mfh4
11
vulnerability VCID-e2jd-yd4j-kqgt
12
vulnerability VCID-gan1-9gwu-63d2
13
vulnerability VCID-gp5e-nguh-5fdk
14
vulnerability VCID-hwa2-n7a2-pyg1
15
vulnerability VCID-jh1e-72hp-fuf4
16
vulnerability VCID-mzdk-m12w-q3fc
17
vulnerability VCID-nese-5485-hkbs
18
vulnerability VCID-pa75-6avj-duf7
19
vulnerability VCID-t6uc-dfrd-jyfg
20
vulnerability VCID-th9v-dk98-3kea
21
vulnerability VCID-ume2-wt6y-jye7
22
vulnerability VCID-w4pr-k5nj-ckgy
23
vulnerability VCID-wz1q-1tjp-4qhw
24
vulnerability VCID-ypub-ukuh-p3aw
25
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4
aliases BIT-django-2021-33571, CVE-2021-33571, GHSA-p99v-5w3c-jqq9, PYSEC-2021-99
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c8s7-3g9m-d3cw
11
url VCID-e2jd-yd4j-kqgt
vulnerability_id VCID-e2jd-yd4j-kqgt
summary 
Django allows enumeration of user e-mail addresses
An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers to enumerate user e-mail addresses by sending password reset requests and observing the outcome (only when e-mail sending is consistently failing).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45231.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45231.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-45231
reference_id
reference_type
scores
0
value 0.00235
scoring_system epss
scoring_elements 0.46361
published_at 2026-04-13T12:55:00Z
1
value 0.00235
scoring_system epss
scoring_elements 0.4635
published_at 2026-04-12T12:55:00Z
2
value 0.00235
scoring_system epss
scoring_elements 0.46331
published_at 2026-04-02T12:55:00Z
3
value 0.00235
scoring_system epss
scoring_elements 0.46379
published_at 2026-04-11T12:55:00Z
4
value 0.00235
scoring_system epss
scoring_elements 0.46355
published_at 2026-04-09T12:55:00Z
5
value 0.00235
scoring_system epss
scoring_elements 0.46299
published_at 2026-04-07T12:55:00Z
6
value 0.00235
scoring_system epss
scoring_elements 0.46351
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-45231
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
28
reference_url https://github.com/django/django/commit/3c733c78d6f8e50296d6e248968b6516c92a53ca
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/3c733c78d6f8e50296d6e248968b6516c92a53ca
29
reference_url https://github.com/django/django/commit/96d84047715ea1715b4bd1594e46122b8a77b9e2
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/96d84047715ea1715b4bd1594e46122b8a77b9e2
30
reference_url https://github.com/django/django/commit/bf4888d317ba4506d091eeac6e8b4f1fcc731199
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/bf4888d317ba4506d091eeac6e8b4f1fcc731199
31
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:35:34Z/
url https://groups.google.com/forum/#%21forum/django-announce
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-45231
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-45231
33
reference_url https://www.djangoproject.com/weblog/2024/sep/03/security-releases
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/sep/03/security-releases
34
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2314496
reference_id 2314496
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2314496
35
reference_url https://github.com/advisories/GHSA-rrqc-c2jx-6jgv
reference_id GHSA-rrqc-c2jx-6jgv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rrqc-c2jx-6jgv
36
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
37
reference_url https://usn.ubuntu.com/6987-1/
reference_id USN-6987-1
reference_type
scores
url https://usn.ubuntu.com/6987-1/
fixed_packages
0
url pkg:pypi/django@4.2.16
purl pkg:pypi/django@4.2.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28g3-ubx6-ebff
1
vulnerability VCID-2tfv-rtq7-2fg9
2
vulnerability VCID-3sac-ah8j-pucd
3
vulnerability VCID-84mm-45p6-xkau
4
vulnerability VCID-896g-hqec-ryb9
5
vulnerability VCID-8qu1-45n9-gyb1
6
vulnerability VCID-9abh-apwm-ebab
7
vulnerability VCID-9uzd-mmyv-mfh4
8
vulnerability VCID-ac4c-321h-tqfk
9
vulnerability VCID-c6xy-v4sf-u3hn
10
vulnerability VCID-e87q-1j8h-93hh
11
vulnerability VCID-e9k9-1s9f-dbgv
12
vulnerability VCID-msge-1mfu-7qfa
13
vulnerability VCID-mux4-uv98-hbbw
14
vulnerability VCID-nda7-9219-6kce
15
vulnerability VCID-rmdp-bnjj-zuf2
16
vulnerability VCID-ukkt-wgau-t3et
17
vulnerability VCID-vwt9-q3dt-vbfg
18
vulnerability VCID-w4pr-k5nj-ckgy
19
vulnerability VCID-wwa5-mhgu-9khz
20
vulnerability VCID-xgv1-s2ek-q3dp
21
vulnerability VCID-ysyp-h7ja-yff3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.16
1
url pkg:pypi/django@5.0.9
purl pkg:pypi/django@5.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3sac-ah8j-pucd
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9uzd-mmyv-mfh4
4
vulnerability VCID-e87q-1j8h-93hh
5
vulnerability VCID-p9fd-1qx2-8ubc
6
vulnerability VCID-rmdp-bnjj-zuf2
7
vulnerability VCID-w4pr-k5nj-ckgy
8
vulnerability VCID-wwa5-mhgu-9khz
9
vulnerability VCID-xgv1-s2ek-q3dp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.9
2
url pkg:pypi/django@5.1.1
purl pkg:pypi/django@5.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3sac-ah8j-pucd
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9abh-apwm-ebab
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-c6xy-v4sf-u3hn
6
vulnerability VCID-e87q-1j8h-93hh
7
vulnerability VCID-mux4-uv98-hbbw
8
vulnerability VCID-p9fd-1qx2-8ubc
9
vulnerability VCID-rmdp-bnjj-zuf2
10
vulnerability VCID-ukkt-wgau-t3et
11
vulnerability VCID-vwt9-q3dt-vbfg
12
vulnerability VCID-w4pr-k5nj-ckgy
13
vulnerability VCID-wwa5-mhgu-9khz
14
vulnerability VCID-xgv1-s2ek-q3dp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.1
aliases CVE-2024-45231, GHSA-rrqc-c2jx-6jgv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e2jd-yd4j-kqgt
12
url VCID-j4br-4y39-s3gs
vulnerability_id VCID-j4br-4y39-s3gs
summary An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13596.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13596.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13596
reference_id
reference_type
scores
0
value 0.00992
scoring_system epss
scoring_elements 0.76898
published_at 2026-04-13T12:55:00Z
1
value 0.00992
scoring_system epss
scoring_elements 0.76903
published_at 2026-04-12T12:55:00Z
2
value 0.00992
scoring_system epss
scoring_elements 0.76923
published_at 2026-04-11T12:55:00Z
3
value 0.00992
scoring_system epss
scoring_elements 0.76896
published_at 2026-04-09T12:55:00Z
4
value 0.00992
scoring_system epss
scoring_elements 0.76885
published_at 2026-04-08T12:55:00Z
5
value 0.00992
scoring_system epss
scoring_elements 0.76854
published_at 2026-04-07T12:55:00Z
6
value 0.00992
scoring_system epss
scoring_elements 0.76872
published_at 2026-04-04T12:55:00Z
7
value 0.00992
scoring_system epss
scoring_elements 0.76843
published_at 2026-04-02T12:55:00Z
8
value 0.00992
scoring_system epss
scoring_elements 0.76836
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13596
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13254
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13254
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13596
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13596
4
reference_url https://docs.djangoproject.com/en/3.0/releases/security
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.0/releases/security
5
reference_url https://docs.djangoproject.com/en/3.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.0/releases/security/
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/advisories/GHSA-2m34-jcjv-45xf
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2m34-jcjv-45xf
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/django/django/commit/1f2dd37f6fcefdd10ed44cb233b2e62b520afb38
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/1f2dd37f6fcefdd10ed44cb233b2e62b520afb38
10
reference_url https://github.com/django/django/commit/6d61860b22875f358fac83d903dc629897934815
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6d61860b22875f358fac83d903dc629897934815
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-32.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-32.yaml
12
reference_url https://groups.google.com/forum/#!msg/django-announce/pPEmb2ot4Fo/X-SMalYSBAAJ
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!msg/django-announce/pPEmb2ot4Fo/X-SMalYSBAAJ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13596
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13596
16
reference_url https://security.netapp.com/advisory/ntap-20200611-0002
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200611-0002
17
reference_url https://security.netapp.com/advisory/ntap-20200611-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200611-0002/
18
reference_url https://usn.ubuntu.com/4381-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4381-1
19
reference_url https://usn.ubuntu.com/4381-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4381-1/
20
reference_url https://usn.ubuntu.com/4381-2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4381-2
21
reference_url https://usn.ubuntu.com/4381-2/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4381-2/
22
reference_url https://www.debian.org/security/2020/dsa-4705
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4705
23
reference_url https://www.djangoproject.com/weblog/2020/jun/03/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/jun/03/security-releases
24
reference_url https://www.djangoproject.com/weblog/2020/jun/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2020/jun/03/security-releases/
25
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1843625
reference_id 1843625
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1843625
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962323
reference_id 962323
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962323
28
reference_url https://security.archlinux.org/ASA-202006-8
reference_id ASA-202006-8
reference_type
scores
url https://security.archlinux.org/ASA-202006-8
29
reference_url https://security.archlinux.org/AVG-1176
reference_id AVG-1176
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1176
fixed_packages
0
url pkg:pypi/django@2.2.13
purl pkg:pypi/django@2.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-66w1-4zku-gyfp
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-9k9t-vp1a-z7bt
5
vulnerability VCID-9uzd-mmyv-mfh4
6
vulnerability VCID-c8s7-3g9m-d3cw
7
vulnerability VCID-e2jd-yd4j-kqgt
8
vulnerability VCID-gp5e-nguh-5fdk
9
vulnerability VCID-hwa2-n7a2-pyg1
10
vulnerability VCID-kypj-ptb9-8qhz
11
vulnerability VCID-mmay-juu6-5ua9
12
vulnerability VCID-mzdk-m12w-q3fc
13
vulnerability VCID-pa75-6avj-duf7
14
vulnerability VCID-qm34-ec8s-tfd7
15
vulnerability VCID-th9v-dk98-3kea
16
vulnerability VCID-u7m5-tzv2-c7hn
17
vulnerability VCID-ume2-wt6y-jye7
18
vulnerability VCID-upy5-adtx-n7hg
19
vulnerability VCID-v4ad-xxy8-wfc9
20
vulnerability VCID-w4pr-k5nj-ckgy
21
vulnerability VCID-w6k8-js68-87g4
22
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.13
1
url pkg:pypi/django@3.0.7
purl pkg:pypi/django@3.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6gss-ppm5-3yc9
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9k9t-vp1a-z7bt
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-c8s7-3g9m-d3cw
6
vulnerability VCID-e2jd-yd4j-kqgt
7
vulnerability VCID-gan1-9gwu-63d2
8
vulnerability VCID-kypj-ptb9-8qhz
9
vulnerability VCID-mmay-juu6-5ua9
10
vulnerability VCID-mzdk-m12w-q3fc
11
vulnerability VCID-qm34-ec8s-tfd7
12
vulnerability VCID-u7m5-tzv2-c7hn
13
vulnerability VCID-upy5-adtx-n7hg
14
vulnerability VCID-w4pr-k5nj-ckgy
15
vulnerability VCID-w6k8-js68-87g4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.7
aliases BIT-django-2020-13596, CVE-2020-13596, GHSA-2m34-jcjv-45xf, PYSEC-2020-32
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j4br-4y39-s3gs
13
url VCID-jtru-9jmz-kkek
vulnerability_id VCID-jtru-9jmz-kkek
summary An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14233.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14233.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14233
reference_id
reference_type
scores
0
value 0.04511
scoring_system epss
scoring_elements 0.89115
published_at 2026-04-07T12:55:00Z
1
value 0.04511
scoring_system epss
scoring_elements 0.89112
published_at 2026-04-04T12:55:00Z
2
value 0.04511
scoring_system epss
scoring_elements 0.89098
published_at 2026-04-02T12:55:00Z
3
value 0.04511
scoring_system epss
scoring_elements 0.89089
published_at 2026-04-01T12:55:00Z
4
value 0.04511
scoring_system epss
scoring_elements 0.89143
published_at 2026-04-13T12:55:00Z
5
value 0.04511
scoring_system epss
scoring_elements 0.89145
published_at 2026-04-12T12:55:00Z
6
value 0.04511
scoring_system epss
scoring_elements 0.89148
published_at 2026-04-11T12:55:00Z
7
value 0.04511
scoring_system epss
scoring_elements 0.89138
published_at 2026-04-09T12:55:00Z
8
value 0.04511
scoring_system epss
scoring_elements 0.89132
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14233
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
8
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
9
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://github.com/advisories/GHSA-h5jv-4p7w-64jg
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-h5jv-4p7w-64jg
12
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-12.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-12.yaml
14
reference_url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14233
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14233
18
reference_url https://seclists.org/bugtraq/2019/Aug/15
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/15
19
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
20
reference_url https://security.netapp.com/advisory/ntap-20190828-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190828-0002
21
reference_url https://security.netapp.com/advisory/ntap-20190828-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190828-0002/
22
reference_url https://www.debian.org/security/2019/dsa-4498
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4498
23
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
24
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1734410
reference_id 1734410
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1734410
26
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
reference_id 934026
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
27
reference_url https://security.archlinux.org/ASA-201908-2
reference_id ASA-201908-2
reference_type
scores
url https://security.archlinux.org/ASA-201908-2
28
reference_url https://security.archlinux.org/AVG-1015
reference_id AVG-1015
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1015
29
reference_url https://access.redhat.com/errata/RHSA-2020:1324
reference_id RHSA-2020:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1324
30
reference_url https://access.redhat.com/errata/RHSA-2020:4390
reference_id RHSA-2020:4390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4390
31
reference_url https://usn.ubuntu.com/4084-1/
reference_id USN-4084-1
reference_type
scores
url https://usn.ubuntu.com/4084-1/
fixed_packages
0
url pkg:pypi/django@2.2.4
purl pkg:pypi/django@2.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-66w1-4zku-gyfp
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-8jaq-53td-wbeg
5
vulnerability VCID-9k9t-vp1a-z7bt
6
vulnerability VCID-9uzd-mmyv-mfh4
7
vulnerability VCID-b2ds-36xh-zfhp
8
vulnerability VCID-c2kc-1jh1-j3ha
9
vulnerability VCID-c8s7-3g9m-d3cw
10
vulnerability VCID-e2jd-yd4j-kqgt
11
vulnerability VCID-gp5e-nguh-5fdk
12
vulnerability VCID-hwa2-n7a2-pyg1
13
vulnerability VCID-j4br-4y39-s3gs
14
vulnerability VCID-kypj-ptb9-8qhz
15
vulnerability VCID-mmay-juu6-5ua9
16
vulnerability VCID-mzdk-m12w-q3fc
17
vulnerability VCID-pa75-6avj-duf7
18
vulnerability VCID-qm34-ec8s-tfd7
19
vulnerability VCID-th9v-dk98-3kea
20
vulnerability VCID-u7m5-tzv2-c7hn
21
vulnerability VCID-ume2-wt6y-jye7
22
vulnerability VCID-upy5-adtx-n7hg
23
vulnerability VCID-v4ad-xxy8-wfc9
24
vulnerability VCID-w2dv-u8h6-sbgs
25
vulnerability VCID-w4pr-k5nj-ckgy
26
vulnerability VCID-w6k8-js68-87g4
27
vulnerability VCID-wb34-g6xq-rkfx
28
vulnerability VCID-wkrc-62bd-bbgx
29
vulnerability VCID-x516-xwze-6ba3
30
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4
aliases CVE-2019-14233, GHSA-h5jv-4p7w-64jg, PYSEC-2019-12
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtru-9jmz-kkek
14
url VCID-mzdk-m12w-q3fc
vulnerability_id VCID-mzdk-m12w-q3fc
summary In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44420.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44420.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44420
reference_id
reference_type
scores
0
value 0.0012
scoring_system epss
scoring_elements 0.30919
published_at 2026-04-13T12:55:00Z
1
value 0.0012
scoring_system epss
scoring_elements 0.30964
published_at 2026-04-12T12:55:00Z
2
value 0.0012
scoring_system epss
scoring_elements 0.31007
published_at 2026-04-11T12:55:00Z
3
value 0.0012
scoring_system epss
scoring_elements 0.31002
published_at 2026-04-09T12:55:00Z
4
value 0.0012
scoring_system epss
scoring_elements 0.30973
published_at 2026-04-08T12:55:00Z
5
value 0.0012
scoring_system epss
scoring_elements 0.30915
published_at 2026-04-07T12:55:00Z
6
value 0.0012
scoring_system epss
scoring_elements 0.31097
published_at 2026-04-04T12:55:00Z
7
value 0.0012
scoring_system epss
scoring_elements 0.30921
published_at 2026-04-01T12:55:00Z
8
value 0.0012
scoring_system epss
scoring_elements 0.3105
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44420
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44420
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44420
3
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.2/releases/security
4
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-v6rh-hp5x-86rv
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-v6rh-hp5x-86rv
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/d4dcd5b9dd9e462fec8220e33e3e6c822b7e88a6
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d4dcd5b9dd9e462fec8220e33e3e6c822b7e88a6
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-439.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-439.yaml
10
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
12
reference_url https://security.netapp.com/advisory/ntap-20211229-0006
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211229-0006
13
reference_url https://www.djangoproject.com/weblog/2021/dec/07/security-releases
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/dec/07/security-releases
14
reference_url https://www.djangoproject.com/weblog/2021/dec/07/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/dec/07/security-releases/
15
reference_url https://www.openwall.com/lists/oss-security/2021/12/07/1
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2021/12/07/1
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2028178
reference_id 2028178
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2028178
17
reference_url https://security.archlinux.org/AVG-2605
reference_id AVG-2605
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2605
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44420
reference_id CVE-2021-44420
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44420
19
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
20
reference_url https://access.redhat.com/errata/RHSA-2022:5498
reference_id RHSA-2022:5498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5498
21
reference_url https://access.redhat.com/errata/RHSA-2023:0742
reference_id RHSA-2023:0742
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0742
22
reference_url https://usn.ubuntu.com/5178-1/
reference_id USN-5178-1
reference_type
scores
url https://usn.ubuntu.com/5178-1/
fixed_packages
0
url pkg:pypi/django@2.2.25
purl pkg:pypi/django@2.2.25
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-66w1-4zku-gyfp
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-e2jd-yd4j-kqgt
6
vulnerability VCID-gp5e-nguh-5fdk
7
vulnerability VCID-hwa2-n7a2-pyg1
8
vulnerability VCID-pa75-6avj-duf7
9
vulnerability VCID-th9v-dk98-3kea
10
vulnerability VCID-ume2-wt6y-jye7
11
vulnerability VCID-w4pr-k5nj-ckgy
12
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.25
1
url pkg:pypi/django@3.1.14
purl pkg:pypi/django@3.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6gss-ppm5-3yc9
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9uzd-mmyv-mfh4
4
vulnerability VCID-e2jd-yd4j-kqgt
5
vulnerability VCID-w4pr-k5nj-ckgy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.14
2
url pkg:pypi/django@3.2.10
purl pkg:pypi/django@3.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-42x9-8c3c-bug1
1
vulnerability VCID-4ztz-fq98-5fh1
2
vulnerability VCID-66w1-4zku-gyfp
3
vulnerability VCID-6gss-ppm5-3yc9
4
vulnerability VCID-78r4-85ms-63hm
5
vulnerability VCID-7tca-pgcs-cuhd
6
vulnerability VCID-84mm-45p6-xkau
7
vulnerability VCID-896g-hqec-ryb9
8
vulnerability VCID-8m4b-y4va-kqgm
9
vulnerability VCID-8xgs-8xjr-cber
10
vulnerability VCID-9uzd-mmyv-mfh4
11
vulnerability VCID-e2jd-yd4j-kqgt
12
vulnerability VCID-gp5e-nguh-5fdk
13
vulnerability VCID-hwa2-n7a2-pyg1
14
vulnerability VCID-jh1e-72hp-fuf4
15
vulnerability VCID-nese-5485-hkbs
16
vulnerability VCID-pa75-6avj-duf7
17
vulnerability VCID-t6uc-dfrd-jyfg
18
vulnerability VCID-th9v-dk98-3kea
19
vulnerability VCID-ume2-wt6y-jye7
20
vulnerability VCID-w4pr-k5nj-ckgy
21
vulnerability VCID-wz1q-1tjp-4qhw
22
vulnerability VCID-ypub-ukuh-p3aw
23
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.10
aliases BIT-django-2021-44420, CVE-2021-44420, GHSA-v6rh-hp5x-86rv, PYSEC-2021-439
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mzdk-m12w-q3fc
15
url VCID-qm34-ec8s-tfd7
vulnerability_id VCID-qm34-ec8s-tfd7
summary Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template root directories.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33203.json
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33203.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33203
reference_id
reference_type
scores
0
value 0.00327
scoring_system epss
scoring_elements 0.55629
published_at 2026-04-13T12:55:00Z
1
value 0.00327
scoring_system epss
scoring_elements 0.55646
published_at 2026-04-12T12:55:00Z
2
value 0.00327
scoring_system epss
scoring_elements 0.55666
published_at 2026-04-11T12:55:00Z
3
value 0.00327
scoring_system epss
scoring_elements 0.55657
published_at 2026-04-09T12:55:00Z
4
value 0.00327
scoring_system epss
scoring_elements 0.55654
published_at 2026-04-08T12:55:00Z
5
value 0.00327
scoring_system epss
scoring_elements 0.55489
published_at 2026-04-01T12:55:00Z
6
value 0.00327
scoring_system epss
scoring_elements 0.55603
published_at 2026-04-07T12:55:00Z
7
value 0.00327
scoring_system epss
scoring_elements 0.55625
published_at 2026-04-04T12:55:00Z
8
value 0.00327
scoring_system epss
scoring_elements 0.556
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33203
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33203
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33203
3
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.2/releases/security
4
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90
9
reference_url https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f
10
reference_url https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml
12
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33203
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33203
15
reference_url https://security.netapp.com/advisory/ntap-20210727-0004
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210727-0004
16
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
17
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966251
reference_id 1966251
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966251
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
reference_id 989394
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
20
reference_url https://security.archlinux.org/ASA-202106-41
reference_id ASA-202106-41
reference_type
scores
url https://security.archlinux.org/ASA-202106-41
21
reference_url https://security.archlinux.org/AVG-2026
reference_id AVG-2026
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2026
22
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
23
reference_url https://access.redhat.com/errata/RHSA-2021:3490
reference_id RHSA-2021:3490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3490
24
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
25
reference_url https://access.redhat.com/errata/RHSA-2021:5070
reference_id RHSA-2021:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5070
26
reference_url https://usn.ubuntu.com/4975-1/
reference_id USN-4975-1
reference_type
scores
url https://usn.ubuntu.com/4975-1/
27
reference_url https://usn.ubuntu.com/4975-2/
reference_id USN-4975-2
reference_type
scores
url https://usn.ubuntu.com/4975-2/
fixed_packages
0
url pkg:pypi/django@2.2.24
purl pkg:pypi/django@2.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-66w1-4zku-gyfp
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-e2jd-yd4j-kqgt
6
vulnerability VCID-gp5e-nguh-5fdk
7
vulnerability VCID-hwa2-n7a2-pyg1
8
vulnerability VCID-mzdk-m12w-q3fc
9
vulnerability VCID-pa75-6avj-duf7
10
vulnerability VCID-th9v-dk98-3kea
11
vulnerability VCID-ume2-wt6y-jye7
12
vulnerability VCID-w4pr-k5nj-ckgy
13
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24
1
url pkg:pypi/django@3.1.12
purl pkg:pypi/django@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6gss-ppm5-3yc9
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9uzd-mmyv-mfh4
4
vulnerability VCID-e2jd-yd4j-kqgt
5
vulnerability VCID-gan1-9gwu-63d2
6
vulnerability VCID-mzdk-m12w-q3fc
7
vulnerability VCID-w4pr-k5nj-ckgy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12
2
url pkg:pypi/django@3.2.4
purl pkg:pypi/django@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-42x9-8c3c-bug1
1
vulnerability VCID-4ztz-fq98-5fh1
2
vulnerability VCID-66w1-4zku-gyfp
3
vulnerability VCID-6gss-ppm5-3yc9
4
vulnerability VCID-78r4-85ms-63hm
5
vulnerability VCID-7tca-pgcs-cuhd
6
vulnerability VCID-84mm-45p6-xkau
7
vulnerability VCID-896g-hqec-ryb9
8
vulnerability VCID-8m4b-y4va-kqgm
9
vulnerability VCID-8xgs-8xjr-cber
10
vulnerability VCID-9uzd-mmyv-mfh4
11
vulnerability VCID-e2jd-yd4j-kqgt
12
vulnerability VCID-gan1-9gwu-63d2
13
vulnerability VCID-gp5e-nguh-5fdk
14
vulnerability VCID-hwa2-n7a2-pyg1
15
vulnerability VCID-jh1e-72hp-fuf4
16
vulnerability VCID-mzdk-m12w-q3fc
17
vulnerability VCID-nese-5485-hkbs
18
vulnerability VCID-pa75-6avj-duf7
19
vulnerability VCID-t6uc-dfrd-jyfg
20
vulnerability VCID-th9v-dk98-3kea
21
vulnerability VCID-ume2-wt6y-jye7
22
vulnerability VCID-w4pr-k5nj-ckgy
23
vulnerability VCID-wz1q-1tjp-4qhw
24
vulnerability VCID-ypub-ukuh-p3aw
25
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4
aliases BIT-django-2021-33203, CVE-2021-33203, GHSA-68w8-qjq3-2gfm, PYSEC-2021-98
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qm34-ec8s-tfd7
16
url VCID-u7m5-tzv2-c7hn
vulnerability_id VCID-u7m5-tzv2-c7hn
summary In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28658.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28658.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-28658
reference_id
reference_type
scores
0
value 0.01505
scoring_system epss
scoring_elements 0.81101
published_at 2026-04-01T12:55:00Z
1
value 0.01505
scoring_system epss
scoring_elements 0.81165
published_at 2026-04-13T12:55:00Z
2
value 0.01505
scoring_system epss
scoring_elements 0.81172
published_at 2026-04-12T12:55:00Z
3
value 0.01505
scoring_system epss
scoring_elements 0.81185
published_at 2026-04-11T12:55:00Z
4
value 0.01505
scoring_system epss
scoring_elements 0.81166
published_at 2026-04-09T12:55:00Z
5
value 0.01505
scoring_system epss
scoring_elements 0.8116
published_at 2026-04-08T12:55:00Z
6
value 0.01505
scoring_system epss
scoring_elements 0.81133
published_at 2026-04-07T12:55:00Z
7
value 0.01505
scoring_system epss
scoring_elements 0.81134
published_at 2026-04-04T12:55:00Z
8
value 0.01505
scoring_system epss
scoring_elements 0.81109
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-28658
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28658
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28658
3
reference_url https://docs.djangoproject.com/en/3.1/releases/security
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.1/releases/security
4
reference_url https://docs.djangoproject.com/en/3.1/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.1/releases/security/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-xgxc-v2qg-chmh
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-xgxc-v2qg-chmh
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-6.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-6.yaml
9
reference_url https://groups.google.com/g/django-announce/c/ePr5j-ngdPU
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/django-announce/c/ePr5j-ngdPU
10
reference_url https://lists.debian.org/debian-lts-announce/2021/04/msg00008.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/04/msg00008.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE/
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-28658
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-28658
14
reference_url https://pypi.org/project/Django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/Django
15
reference_url https://security.netapp.com/advisory/ntap-20210528-0001
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210528-0001
16
reference_url https://www.djangoproject.com/weblog/2021/apr/06/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/apr/06/security-releases
17
reference_url https://www.djangoproject.com/weblog/2021/apr/06/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/apr/06/security-releases/
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986447
reference_id 986447
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986447
19
reference_url https://security.archlinux.org/AVG-1776
reference_id AVG-1776
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1776
20
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
21
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
22
reference_url https://access.redhat.com/errata/RHSA-2021:5070
reference_id RHSA-2021:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5070
23
reference_url https://usn.ubuntu.com/4902-1/
reference_id USN-4902-1
reference_type
scores
url https://usn.ubuntu.com/4902-1/
fixed_packages
0
url pkg:pypi/django@2.2.20
purl pkg:pypi/django@2.2.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-66w1-4zku-gyfp
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-c8s7-3g9m-d3cw
6
vulnerability VCID-e2jd-yd4j-kqgt
7
vulnerability VCID-gp5e-nguh-5fdk
8
vulnerability VCID-hwa2-n7a2-pyg1
9
vulnerability VCID-kypj-ptb9-8qhz
10
vulnerability VCID-mzdk-m12w-q3fc
11
vulnerability VCID-pa75-6avj-duf7
12
vulnerability VCID-qm34-ec8s-tfd7
13
vulnerability VCID-th9v-dk98-3kea
14
vulnerability VCID-ume2-wt6y-jye7
15
vulnerability VCID-v4ad-xxy8-wfc9
16
vulnerability VCID-w4pr-k5nj-ckgy
17
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.20
1
url pkg:pypi/django@3.0.14
purl pkg:pypi/django@3.0.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6gss-ppm5-3yc9
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9uzd-mmyv-mfh4
4
vulnerability VCID-c8s7-3g9m-d3cw
5
vulnerability VCID-e2jd-yd4j-kqgt
6
vulnerability VCID-gan1-9gwu-63d2
7
vulnerability VCID-kypj-ptb9-8qhz
8
vulnerability VCID-mzdk-m12w-q3fc
9
vulnerability VCID-qm34-ec8s-tfd7
10
vulnerability VCID-w4pr-k5nj-ckgy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.14
2
url pkg:pypi/django@3.1.8
purl pkg:pypi/django@3.1.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6gss-ppm5-3yc9
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9uzd-mmyv-mfh4
4
vulnerability VCID-c8s7-3g9m-d3cw
5
vulnerability VCID-e2jd-yd4j-kqgt
6
vulnerability VCID-gan1-9gwu-63d2
7
vulnerability VCID-kypj-ptb9-8qhz
8
vulnerability VCID-mzdk-m12w-q3fc
9
vulnerability VCID-qm34-ec8s-tfd7
10
vulnerability VCID-v4ad-xxy8-wfc9
11
vulnerability VCID-w4pr-k5nj-ckgy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.8
aliases BIT-django-2021-28658, CVE-2021-28658, GHSA-xgxc-v2qg-chmh, PYSEC-2021-6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u7m5-tzv2-c7hn
17
url VCID-upy5-adtx-n7hg
vulnerability_id VCID-upy5-adtx-n7hg
summary An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24583.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24583.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-24583
reference_id
reference_type
scores
0
value 0.03426
scoring_system epss
scoring_elements 0.87471
published_at 2026-04-11T12:55:00Z
1
value 0.03426
scoring_system epss
scoring_elements 0.87466
published_at 2026-04-12T12:55:00Z
2
value 0.03426
scoring_system epss
scoring_elements 0.87409
published_at 2026-04-01T12:55:00Z
3
value 0.03426
scoring_system epss
scoring_elements 0.87459
published_at 2026-04-09T12:55:00Z
4
value 0.03426
scoring_system epss
scoring_elements 0.87453
published_at 2026-04-08T12:55:00Z
5
value 0.03426
scoring_system epss
scoring_elements 0.87434
published_at 2026-04-07T12:55:00Z
6
value 0.03426
scoring_system epss
scoring_elements 0.87433
published_at 2026-04-04T12:55:00Z
7
value 0.03426
scoring_system epss
scoring_elements 0.87419
published_at 2026-04-02T12:55:00Z
8
value 0.03426
scoring_system epss
scoring_elements 0.87463
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-24583
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24583
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24583
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-m6gj-h9gm-gw44
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-m6gj-h9gm-gw44
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/8d7271578d7b153435b40fe40236ebec43cbf1b9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/8d7271578d7b153435b40fe40236ebec43cbf1b9
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-33.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-33.yaml
10
reference_url https://groups.google.com/forum/#!topic/django-announce/Gdqn58RqIDM
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/Gdqn58RqIDM
11
reference_url https://groups.google.com/forum/#!topic/django-announce/zFCMdgUnutU
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/zFCMdgUnutU
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI/
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-24583
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-24583
19
reference_url https://security.netapp.com/advisory/ntap-20200918-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200918-0004
20
reference_url https://security.netapp.com/advisory/ntap-20200918-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200918-0004/
21
reference_url https://usn.ubuntu.com/4479-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4479-1
22
reference_url https://usn.ubuntu.com/4479-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4479-1/
23
reference_url https://www.djangoproject.com/weblog/2020/sep/01/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/sep/01/security-releases
24
reference_url https://www.djangoproject.com/weblog/2020/sep/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2020/sep/01/security-releases/
25
reference_url https://www.openwall.com/lists/oss-security/2020/09/01/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/09/01/2
26
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2021.html
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1874485
reference_id 1874485
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1874485
28
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969367
reference_id 969367
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969367
29
reference_url https://security.archlinux.org/ASA-202009-4
reference_id ASA-202009-4
reference_type
scores
url https://security.archlinux.org/ASA-202009-4
30
reference_url https://security.archlinux.org/AVG-1217
reference_id AVG-1217
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1217
fixed_packages
0
url pkg:pypi/django@2.2.16
purl pkg:pypi/django@2.2.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-66w1-4zku-gyfp
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-9k9t-vp1a-z7bt
5
vulnerability VCID-9uzd-mmyv-mfh4
6
vulnerability VCID-c8s7-3g9m-d3cw
7
vulnerability VCID-e2jd-yd4j-kqgt
8
vulnerability VCID-gp5e-nguh-5fdk
9
vulnerability VCID-hwa2-n7a2-pyg1
10
vulnerability VCID-kypj-ptb9-8qhz
11
vulnerability VCID-mzdk-m12w-q3fc
12
vulnerability VCID-pa75-6avj-duf7
13
vulnerability VCID-qm34-ec8s-tfd7
14
vulnerability VCID-th9v-dk98-3kea
15
vulnerability VCID-u7m5-tzv2-c7hn
16
vulnerability VCID-ume2-wt6y-jye7
17
vulnerability VCID-v4ad-xxy8-wfc9
18
vulnerability VCID-w4pr-k5nj-ckgy
19
vulnerability VCID-w6k8-js68-87g4
20
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.16
1
url pkg:pypi/django@3.0.10
purl pkg:pypi/django@3.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6gss-ppm5-3yc9
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9k9t-vp1a-z7bt
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-c8s7-3g9m-d3cw
6
vulnerability VCID-e2jd-yd4j-kqgt
7
vulnerability VCID-gan1-9gwu-63d2
8
vulnerability VCID-kypj-ptb9-8qhz
9
vulnerability VCID-mzdk-m12w-q3fc
10
vulnerability VCID-qm34-ec8s-tfd7
11
vulnerability VCID-u7m5-tzv2-c7hn
12
vulnerability VCID-w4pr-k5nj-ckgy
13
vulnerability VCID-w6k8-js68-87g4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.10
2
url pkg:pypi/django@3.1.1
purl pkg:pypi/django@3.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6gss-ppm5-3yc9
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9k9t-vp1a-z7bt
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-c8s7-3g9m-d3cw
6
vulnerability VCID-e2jd-yd4j-kqgt
7
vulnerability VCID-gan1-9gwu-63d2
8
vulnerability VCID-kypj-ptb9-8qhz
9
vulnerability VCID-mzdk-m12w-q3fc
10
vulnerability VCID-qm34-ec8s-tfd7
11
vulnerability VCID-u7m5-tzv2-c7hn
12
vulnerability VCID-v4ad-xxy8-wfc9
13
vulnerability VCID-w4pr-k5nj-ckgy
14
vulnerability VCID-w6k8-js68-87g4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.1
aliases BIT-django-2020-24583, CVE-2020-24583, GHSA-m6gj-h9gm-gw44, PYSEC-2020-33
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-upy5-adtx-n7hg
18
url VCID-w2dv-u8h6-sbgs
vulnerability_id VCID-w2dv-u8h6-sbgs
summary Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7471.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7471.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7471
reference_id
reference_type
scores
0
value 0.09442
scoring_system epss
scoring_elements 0.92785
published_at 2026-04-02T12:55:00Z
1
value 0.09442
scoring_system epss
scoring_elements 0.92805
published_at 2026-04-11T12:55:00Z
2
value 0.09442
scoring_system epss
scoring_elements 0.928
published_at 2026-04-09T12:55:00Z
3
value 0.09442
scoring_system epss
scoring_elements 0.92796
published_at 2026-04-08T12:55:00Z
4
value 0.09442
scoring_system epss
scoring_elements 0.92786
published_at 2026-04-07T12:55:00Z
5
value 0.09442
scoring_system epss
scoring_elements 0.9279
published_at 2026-04-04T12:55:00Z
6
value 0.09442
scoring_system epss
scoring_elements 0.92778
published_at 2026-04-01T12:55:00Z
7
value 0.09442
scoring_system epss
scoring_elements 0.92804
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7471
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7471
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7471
3
reference_url https://docs.djangoproject.com/en/3.0/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.0/releases/security
4
reference_url https://docs.djangoproject.com/en/3.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.0/releases/security/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-hmr4-m2h5-33qx
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hmr4-m2h5-33qx
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd
9
reference_url https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b
10
reference_url https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147
11
reference_url https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml
13
reference_url https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7471
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7471
17
reference_url https://seclists.org/bugtraq/2020/Feb/30
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2020/Feb/30
18
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
19
reference_url https://security.netapp.com/advisory/ntap-20200221-0006
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200221-0006
20
reference_url https://security.netapp.com/advisory/ntap-20200221-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200221-0006/
21
reference_url https://usn.ubuntu.com/4264-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4264-1
22
reference_url https://usn.ubuntu.com/4264-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4264-1/
23
reference_url https://www.debian.org/security/2020/dsa-4629
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4629
24
reference_url https://www.djangoproject.com/weblog/2020/feb/03/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/feb/03/security-releases
25
reference_url https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
26
reference_url https://www.openwall.com/lists/oss-security/2020/02/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/02/03/1
27
reference_url http://www.openwall.com/lists/oss-security/2020/02/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/02/03/1
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1798515
reference_id 1798515
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1798515
29
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581
reference_id 950581
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581
30
reference_url https://security.archlinux.org/ASA-202002-1
reference_id ASA-202002-1
reference_type
scores
url https://security.archlinux.org/ASA-202002-1
31
reference_url https://security.archlinux.org/AVG-1091
reference_id AVG-1091
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1091
fixed_packages
0
url pkg:pypi/django@2.2.10
purl pkg:pypi/django@2.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-66w1-4zku-gyfp
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-896g-hqec-ryb9
4
vulnerability VCID-9k9t-vp1a-z7bt
5
vulnerability VCID-9uzd-mmyv-mfh4
6
vulnerability VCID-c8s7-3g9m-d3cw
7
vulnerability VCID-e2jd-yd4j-kqgt
8
vulnerability VCID-gp5e-nguh-5fdk
9
vulnerability VCID-hwa2-n7a2-pyg1
10
vulnerability VCID-j4br-4y39-s3gs
11
vulnerability VCID-kypj-ptb9-8qhz
12
vulnerability VCID-mmay-juu6-5ua9
13
vulnerability VCID-mzdk-m12w-q3fc
14
vulnerability VCID-pa75-6avj-duf7
15
vulnerability VCID-qm34-ec8s-tfd7
16
vulnerability VCID-th9v-dk98-3kea
17
vulnerability VCID-u7m5-tzv2-c7hn
18
vulnerability VCID-ume2-wt6y-jye7
19
vulnerability VCID-upy5-adtx-n7hg
20
vulnerability VCID-v4ad-xxy8-wfc9
21
vulnerability VCID-w4pr-k5nj-ckgy
22
vulnerability VCID-w6k8-js68-87g4
23
vulnerability VCID-wb34-g6xq-rkfx
24
vulnerability VCID-wkrc-62bd-bbgx
25
vulnerability VCID-z8z1-cjee-kfeg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.10
1
url pkg:pypi/django@3.0.3
purl pkg:pypi/django@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6gss-ppm5-3yc9
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9k9t-vp1a-z7bt
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-c8s7-3g9m-d3cw
6
vulnerability VCID-e2jd-yd4j-kqgt
7
vulnerability VCID-gan1-9gwu-63d2
8
vulnerability VCID-j4br-4y39-s3gs
9
vulnerability VCID-kypj-ptb9-8qhz
10
vulnerability VCID-mmay-juu6-5ua9
11
vulnerability VCID-mzdk-m12w-q3fc
12
vulnerability VCID-qm34-ec8s-tfd7
13
vulnerability VCID-u7m5-tzv2-c7hn
14
vulnerability VCID-upy5-adtx-n7hg
15
vulnerability VCID-w4pr-k5nj-ckgy
16
vulnerability VCID-w6k8-js68-87g4
17
vulnerability VCID-wb34-g6xq-rkfx
18
vulnerability VCID-wkrc-62bd-bbgx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.3
aliases BIT-django-2020-7471, CVE-2020-7471, GHSA-hmr4-m2h5-33qx, PYSEC-2020-35
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w2dv-u8h6-sbgs
19
url VCID-w4pr-k5nj-ckgy
vulnerability_id VCID-w4pr-k5nj-ckgy
summary 
Django is subject to SQL injection through its column aliases
An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed QuerySet.annotate() or QuerySet.alias().
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57833.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57833.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-57833
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05586
published_at 2026-04-13T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05593
published_at 2026-04-12T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05603
published_at 2026-04-11T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05631
published_at 2026-04-09T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05868
published_at 2026-04-08T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05828
published_at 2026-04-07T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05834
published_at 2026-04-04T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05798
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-57833
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
28
reference_url https://github.com/django/django/commit/102965ea93072fe3c39a30be437c683ec1106ef5
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/102965ea93072fe3c39a30be437c683ec1106ef5
29
reference_url https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92
30
reference_url https://github.com/django/django/commit/4c044fcc866ec226f612c475950b690b0139d243
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4c044fcc866ec226f612c475950b690b0139d243
31
reference_url https://groups.google.com/g/django-announce
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/
url https://groups.google.com/g/django-announce
32
reference_url https://lists.debian.org/debian-lts-announce/2025/09/msg00017.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/09/msg00017.html
33
reference_url https://medium.com/@EyalSec/django-unauthenticated-0-click-rce-and-sql-injection-using-default-configuration-059964f3f898
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/
url https://medium.com/@EyalSec/django-unauthenticated-0-click-rce-and-sql-injection-using-default-configuration-059964f3f898
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-57833
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-57833
35
reference_url https://www.djangoproject.com/weblog/2025/sep/03/security-releases
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/sep/03/security-releases
36
reference_url http://www.openwall.com/lists/oss-security/2025/09/03/3
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/09/03/3
37
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113865
reference_id 1113865
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113865
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2392990
reference_id 2392990
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2392990
39
reference_url https://github.com/advisories/GHSA-6w2r-r2m5-xq5w
reference_id GHSA-6w2r-r2m5-xq5w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6w2r-r2m5-xq5w
40
reference_url https://access.redhat.com/errata/RHSA-2025:16403
reference_id RHSA-2025:16403
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16403
41
reference_url https://access.redhat.com/errata/RHSA-2025:16404
reference_id RHSA-2025:16404
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16404
42
reference_url https://access.redhat.com/errata/RHSA-2025:16487
reference_id RHSA-2025:16487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16487
43
reference_url https://access.redhat.com/errata/RHSA-2025:16514
reference_id RHSA-2025:16514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16514
44
reference_url https://access.redhat.com/errata/RHSA-2025:17498
reference_id RHSA-2025:17498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17498
45
reference_url https://access.redhat.com/errata/RHSA-2025:17499
reference_id RHSA-2025:17499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17499
46
reference_url https://access.redhat.com/errata/RHSA-2025:17500
reference_id RHSA-2025:17500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17500
47
reference_url https://access.redhat.com/errata/RHSA-2025:17606
reference_id RHSA-2025:17606
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17606
48
reference_url https://access.redhat.com/errata/RHSA-2025:17613
reference_id RHSA-2025:17613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17613
49
reference_url https://access.redhat.com/errata/RHSA-2025:17614
reference_id RHSA-2025:17614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17614
50
reference_url https://www.djangoproject.com/weblog/2025/sep/03/security-releases/
reference_id security-releases
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/
url https://www.djangoproject.com/weblog/2025/sep/03/security-releases/
51
reference_url https://usn.ubuntu.com/7736-1/
reference_id USN-7736-1
reference_type
scores
url https://usn.ubuntu.com/7736-1/
fixed_packages
0
url pkg:pypi/django@4.2.24
purl pkg:pypi/django@4.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28g3-ubx6-ebff
1
vulnerability VCID-2tfv-rtq7-2fg9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-8qu1-45n9-gyb1
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-ac4c-321h-tqfk
6
vulnerability VCID-c6xy-v4sf-u3hn
7
vulnerability VCID-e9k9-1s9f-dbgv
8
vulnerability VCID-msge-1mfu-7qfa
9
vulnerability VCID-mux4-uv98-hbbw
10
vulnerability VCID-nda7-9219-6kce
11
vulnerability VCID-ukkt-wgau-t3et
12
vulnerability VCID-vwt9-q3dt-vbfg
13
vulnerability VCID-ysyp-h7ja-yff3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.24
1
url pkg:pypi/django@5.1.12
purl pkg:pypi/django@5.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-84mm-45p6-xkau
1
vulnerability VCID-9uzd-mmyv-mfh4
2
vulnerability VCID-c6xy-v4sf-u3hn
3
vulnerability VCID-mux4-uv98-hbbw
4
vulnerability VCID-ukkt-wgau-t3et
5
vulnerability VCID-vwt9-q3dt-vbfg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.12
2
url pkg:pypi/django@5.2.6
purl pkg:pypi/django@5.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28g3-ubx6-ebff
1
vulnerability VCID-2tfv-rtq7-2fg9
2
vulnerability VCID-84mm-45p6-xkau
3
vulnerability VCID-8qu1-45n9-gyb1
4
vulnerability VCID-9uzd-mmyv-mfh4
5
vulnerability VCID-ac4c-321h-tqfk
6
vulnerability VCID-c6xy-v4sf-u3hn
7
vulnerability VCID-e9k9-1s9f-dbgv
8
vulnerability VCID-msge-1mfu-7qfa
9
vulnerability VCID-mux4-uv98-hbbw
10
vulnerability VCID-nda7-9219-6kce
11
vulnerability VCID-ukkt-wgau-t3et
12
vulnerability VCID-vwt9-q3dt-vbfg
13
vulnerability VCID-ysyp-h7ja-yff3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.6
aliases CVE-2025-57833, GHSA-6w2r-r2m5-xq5w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w4pr-k5nj-ckgy
20
url VCID-z8z1-cjee-kfeg
vulnerability_id VCID-z8z1-cjee-kfeg
summary An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45115.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45115.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-45115
reference_id
reference_type
scores
0
value 0.00428
scoring_system epss
scoring_elements 0.62355
published_at 2026-04-01T12:55:00Z
1
value 0.00428
scoring_system epss
scoring_elements 0.62461
published_at 2026-04-13T12:55:00Z
2
value 0.00428
scoring_system epss
scoring_elements 0.62483
published_at 2026-04-12T12:55:00Z
3
value 0.00428
scoring_system epss
scoring_elements 0.62494
published_at 2026-04-11T12:55:00Z
4
value 0.00428
scoring_system epss
scoring_elements 0.62475
published_at 2026-04-09T12:55:00Z
5
value 0.00428
scoring_system epss
scoring_elements 0.62413
published_at 2026-04-02T12:55:00Z
6
value 0.00428
scoring_system epss
scoring_elements 0.62444
published_at 2026-04-04T12:55:00Z
7
value 0.00428
scoring_system epss
scoring_elements 0.62459
published_at 2026-04-08T12:55:00Z
8
value 0.00428
scoring_system epss
scoring_elements 0.62411
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-45115
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45115
3
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
4
reference_url https://docs.djangoproject.com/en/4.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.0/releases/security/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-53qw-q765-4fww
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-53qw-q765-4fww
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/2135637fdd5ce994de110affef9e67dffdf77277
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2135637fdd5ce994de110affef9e67dffdf77277
9
reference_url https://github.com/django/django/commit/a8b32fe13bcaed1c0b772fdc53de84abc224fb20
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/a8b32fe13bcaed1c0b772fdc53de84abc224fb20
10
reference_url https://github.com/django/django/commit/df79ef03ac867c93caaa6be56bc69e66abfeef8f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/df79ef03ac867c93caaa6be56bc69e66abfeef8f
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-1.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-1.yaml
12
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
14
reference_url https://security.netapp.com/advisory/ntap-20220121-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220121-0005
15
reference_url https://www.djangoproject.com/weblog/2022/jan/04/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/jan/04/security-releases
16
reference_url https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003113
reference_id 1003113
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003113
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2037024
reference_id 2037024
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2037024
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-45115
reference_id CVE-2021-45115
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-45115
20
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
21
reference_url https://access.redhat.com/errata/RHSA-2022:5498
reference_id RHSA-2022:5498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5498
22
reference_url https://usn.ubuntu.com/5204-1/
reference_id USN-5204-1
reference_type
scores
url https://usn.ubuntu.com/5204-1/
fixed_packages
0
url pkg:pypi/django@2.2.26
purl pkg:pypi/django@2.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6gss-ppm5-3yc9
1
vulnerability VCID-84mm-45p6-xkau
2
vulnerability VCID-896g-hqec-ryb9
3
vulnerability VCID-9uzd-mmyv-mfh4
4
vulnerability VCID-e2jd-yd4j-kqgt
5
vulnerability VCID-gp5e-nguh-5fdk
6
vulnerability VCID-pa75-6avj-duf7
7
vulnerability VCID-th9v-dk98-3kea
8
vulnerability VCID-ume2-wt6y-jye7
9
vulnerability VCID-w4pr-k5nj-ckgy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.26
1
url pkg:pypi/django@3.2.11
purl pkg:pypi/django@3.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-42x9-8c3c-bug1
1
vulnerability VCID-4ztz-fq98-5fh1
2
vulnerability VCID-6gss-ppm5-3yc9
3
vulnerability VCID-78r4-85ms-63hm
4
vulnerability VCID-7tca-pgcs-cuhd
5
vulnerability VCID-84mm-45p6-xkau
6
vulnerability VCID-896g-hqec-ryb9
7
vulnerability VCID-8m4b-y4va-kqgm
8
vulnerability VCID-8xgs-8xjr-cber
9
vulnerability VCID-9uzd-mmyv-mfh4
10
vulnerability VCID-e2jd-yd4j-kqgt
11
vulnerability VCID-gp5e-nguh-5fdk
12
vulnerability VCID-jh1e-72hp-fuf4
13
vulnerability VCID-nese-5485-hkbs
14
vulnerability VCID-pa75-6avj-duf7
15
vulnerability VCID-t6uc-dfrd-jyfg
16
vulnerability VCID-th9v-dk98-3kea
17
vulnerability VCID-ume2-wt6y-jye7
18
vulnerability VCID-w4pr-k5nj-ckgy
19
vulnerability VCID-wz1q-1tjp-4qhw
20
vulnerability VCID-ypub-ukuh-p3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.11
2
url pkg:pypi/django@4.0.1
purl pkg:pypi/django@4.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-42x9-8c3c-bug1
1
vulnerability VCID-6gss-ppm5-3yc9
2
vulnerability VCID-7tca-pgcs-cuhd
3
vulnerability VCID-84mm-45p6-xkau
4
vulnerability VCID-896g-hqec-ryb9
5
vulnerability VCID-9uzd-mmyv-mfh4
6
vulnerability VCID-e2jd-yd4j-kqgt
7
vulnerability VCID-gp5e-nguh-5fdk
8
vulnerability VCID-nese-5485-hkbs
9
vulnerability VCID-pa75-6avj-duf7
10
vulnerability VCID-t6uc-dfrd-jyfg
11
vulnerability VCID-th9v-dk98-3kea
12
vulnerability VCID-ume2-wt6y-jye7
13
vulnerability VCID-w4pr-k5nj-ckgy
14
vulnerability VCID-wz1q-1tjp-4qhw
15
vulnerability VCID-ypub-ukuh-p3aw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.1
aliases BIT-django-2021-45115, CVE-2021-45115, GHSA-53qw-q765-4fww, PYSEC-2022-1
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z8z1-cjee-kfeg
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2a1