Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django@3.1.12
Typepypi
Namespace
Namedjango
Version3.1.12
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.1.14
Latest_non_vulnerable_version6.0.5
Affected_by_vulnerabilities
0
url VCID-4pb2-tqru-uufs
vulnerability_id VCID-4pb2-tqru-uufs
summary insufficient validation
references
0
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security
1
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
2
reference_url https://github.com/advisories/GHSA-xpfp-f569-q3p2
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-xpfp-f569-q3p2
3
reference_url https://github.com/django/django
reference_id
reference_type
scores
url https://github.com/django/django
4
reference_url https://github.com/django/django/commit/0bd57a879a0d54920bb9038a732645fb917040e9
reference_id
reference_type
scores
url https://github.com/django/django/commit/0bd57a879a0d54920bb9038a732645fb917040e9
5
reference_url https://github.com/django/django/commit/a34a5f724c5d5adb2109374ba3989ebb7b11f81f
reference_id
reference_type
scores
url https://github.com/django/django/commit/a34a5f724c5d5adb2109374ba3989ebb7b11f81f
6
reference_url https://github.com/django/django/commit/dae83a24519d6f284c74414e0b81d64d9b5a0db4
reference_id
reference_type
scores
url https://github.com/django/django/commit/dae83a24519d6f284c74414e0b81d64d9b5a0db4
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-109.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-109.yaml
8
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
url https://groups.google.com/forum/#!forum/django-announce
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SS6NJTBYWOX6J7G4U3LUOILARJKWPQ5Y
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SS6NJTBYWOX6J7G4U3LUOILARJKWPQ5Y
10
reference_url https://security.netapp.com/advisory/ntap-20210805-0008
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210805-0008
11
reference_url https://www.djangoproject.com/weblog/2021/jul/01/security-releases
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/jul/01/security-releases
12
reference_url https://www.djangoproject.com/weblog/2021/jul/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/jul/01/security-releases/
13
reference_url https://www.openwall.com/lists/oss-security/2021/07/02/2
reference_id
reference_type
scores
url https://www.openwall.com/lists/oss-security/2021/07/02/2
14
reference_url https://security.archlinux.org/ASA-202107-11
reference_id ASA-202107-11
reference_type
scores
url https://security.archlinux.org/ASA-202107-11
15
reference_url https://security.archlinux.org/AVG-2123
reference_id AVG-2123
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2123
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-35042
reference_id CVE-2021-35042
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-35042
fixed_packages
0
url pkg:pypi/django@3.1.13
purl pkg:pypi/django@3.1.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n9vn-4uxr-hkau
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.13
1
url pkg:pypi/django@3.2.5
purl pkg:pypi/django@3.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-51tx-4tp9-kbcz
4
vulnerability VCID-6jpg-yrf8-cufy
5
vulnerability VCID-9end-mq19-rke5
6
vulnerability VCID-am3f-c5ex-8ff2
7
vulnerability VCID-attf-6gj8-ebaj
8
vulnerability VCID-au8h-vj9k-pufv
9
vulnerability VCID-drwp-htkk-bkfh
10
vulnerability VCID-f4a7-tcz5-byfj
11
vulnerability VCID-fksk-pr23-2yd8
12
vulnerability VCID-fsaw-3ta1-x3dw
13
vulnerability VCID-m1dr-sjmw-jfd2
14
vulnerability VCID-m33h-4p9q-63fb
15
vulnerability VCID-n9vn-4uxr-hkau
16
vulnerability VCID-nss9-1yrb-x7f2
17
vulnerability VCID-qgp1-4efd-6yg6
18
vulnerability VCID-yuda-1mur-8bbq
19
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.5
aliases CVE-2021-35042, GHSA-xpfp-f569-q3p2, PYSEC-2021-109
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4pb2-tqru-uufs
1
url VCID-n9vn-4uxr-hkau
vulnerability_id VCID-n9vn-4uxr-hkau
summary In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.
references
0
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security
1
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
2
reference_url https://github.com/advisories/GHSA-v6rh-hp5x-86rv
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-v6rh-hp5x-86rv
3
reference_url https://github.com/django/django
reference_id
reference_type
scores
url https://github.com/django/django
4
reference_url https://github.com/django/django/commit/d4dcd5b9dd9e462fec8220e33e3e6c822b7e88a6
reference_id
reference_type
scores
url https://github.com/django/django/commit/d4dcd5b9dd9e462fec8220e33e3e6c822b7e88a6
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-439.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-439.yaml
6
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
url https://groups.google.com/forum/#!forum/django-announce
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
8
reference_url https://security.netapp.com/advisory/ntap-20211229-0006
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20211229-0006
9
reference_url https://www.djangoproject.com/weblog/2021/dec/07/security-releases
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/dec/07/security-releases
10
reference_url https://www.djangoproject.com/weblog/2021/dec/07/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/dec/07/security-releases/
11
reference_url https://www.openwall.com/lists/oss-security/2021/12/07/1
reference_id
reference_type
scores
url https://www.openwall.com/lists/oss-security/2021/12/07/1
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44420
reference_id CVE-2021-44420
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-44420
fixed_packages
0
url pkg:pypi/django@3.1.14
purl pkg:pypi/django@3.1.14
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.14
1
url pkg:pypi/django@3.2.10
purl pkg:pypi/django@3.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4z4e-8ttu-tyd6
3
vulnerability VCID-51tx-4tp9-kbcz
4
vulnerability VCID-6jpg-yrf8-cufy
5
vulnerability VCID-9end-mq19-rke5
6
vulnerability VCID-am3f-c5ex-8ff2
7
vulnerability VCID-attf-6gj8-ebaj
8
vulnerability VCID-au8h-vj9k-pufv
9
vulnerability VCID-drwp-htkk-bkfh
10
vulnerability VCID-f4a7-tcz5-byfj
11
vulnerability VCID-fksk-pr23-2yd8
12
vulnerability VCID-fsaw-3ta1-x3dw
13
vulnerability VCID-m1dr-sjmw-jfd2
14
vulnerability VCID-m33h-4p9q-63fb
15
vulnerability VCID-nss9-1yrb-x7f2
16
vulnerability VCID-qgp1-4efd-6yg6
17
vulnerability VCID-yuda-1mur-8bbq
18
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.10
aliases CVE-2021-44420, GHSA-v6rh-hp5x-86rv, PYSEC-2021-439
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n9vn-4uxr-hkau
Fixing_vulnerabilities
0
url VCID-9mpt-zxaw-kkeg
vulnerability_id VCID-9mpt-zxaw-kkeg
summary multiple issues
references
0
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
1
reference_url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
2
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
url https://groups.google.com/forum/#!forum/django-announce
3
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
4
reference_url https://security.archlinux.org/ASA-202106-41
reference_id ASA-202106-41
reference_type
scores
url https://security.archlinux.org/ASA-202106-41
5
reference_url https://security.archlinux.org/AVG-2026
reference_id AVG-2026
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2026
fixed_packages
0
url pkg:pypi/django@2.2.24
purl pkg:pypi/django@2.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-51tx-4tp9-kbcz
1
vulnerability VCID-6jpg-yrf8-cufy
2
vulnerability VCID-9end-mq19-rke5
3
vulnerability VCID-attf-6gj8-ebaj
4
vulnerability VCID-drwp-htkk-bkfh
5
vulnerability VCID-fksk-pr23-2yd8
6
vulnerability VCID-n9vn-4uxr-hkau
7
vulnerability VCID-nss9-1yrb-x7f2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24
1
url pkg:pypi/django@3.1.12
purl pkg:pypi/django@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4pb2-tqru-uufs
1
vulnerability VCID-n9vn-4uxr-hkau
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12
2
url pkg:pypi/django@3.2.4
purl pkg:pypi/django@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4pb2-tqru-uufs
3
vulnerability VCID-4z4e-8ttu-tyd6
4
vulnerability VCID-51tx-4tp9-kbcz
5
vulnerability VCID-6jpg-yrf8-cufy
6
vulnerability VCID-9end-mq19-rke5
7
vulnerability VCID-am3f-c5ex-8ff2
8
vulnerability VCID-attf-6gj8-ebaj
9
vulnerability VCID-au8h-vj9k-pufv
10
vulnerability VCID-drwp-htkk-bkfh
11
vulnerability VCID-f4a7-tcz5-byfj
12
vulnerability VCID-fksk-pr23-2yd8
13
vulnerability VCID-fsaw-3ta1-x3dw
14
vulnerability VCID-m1dr-sjmw-jfd2
15
vulnerability VCID-m33h-4p9q-63fb
16
vulnerability VCID-n9vn-4uxr-hkau
17
vulnerability VCID-nss9-1yrb-x7f2
18
vulnerability VCID-qgp1-4efd-6yg6
19
vulnerability VCID-yuda-1mur-8bbq
20
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4
aliases CVE-2021-33203, GHSA-68w8-qjq3-2gfm, PYSEC-2021-98
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9mpt-zxaw-kkeg
1
url VCID-z4x1-e7tp-rqhz
vulnerability_id VCID-z4x1-e7tp-rqhz
summary multiple issues
references
0
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
1
reference_url https://github.com/advisories/GHSA-p99v-5w3c-jqq9
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-p99v-5w3c-jqq9
2
reference_url https://groups.google.com/g/django-announce/c/sPyjSKMi8Eo
reference_id
reference_type
scores
url https://groups.google.com/g/django-announce/c/sPyjSKMi8Eo
3
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
4
reference_url https://security.archlinux.org/ASA-202106-41
reference_id ASA-202106-41
reference_type
scores
url https://security.archlinux.org/ASA-202106-41
5
reference_url https://security.archlinux.org/AVG-2026
reference_id AVG-2026
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2026
fixed_packages
0
url pkg:pypi/django@2.2.24
purl pkg:pypi/django@2.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-51tx-4tp9-kbcz
1
vulnerability VCID-6jpg-yrf8-cufy
2
vulnerability VCID-9end-mq19-rke5
3
vulnerability VCID-attf-6gj8-ebaj
4
vulnerability VCID-drwp-htkk-bkfh
5
vulnerability VCID-fksk-pr23-2yd8
6
vulnerability VCID-n9vn-4uxr-hkau
7
vulnerability VCID-nss9-1yrb-x7f2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24
1
url pkg:pypi/django@3.1.12
purl pkg:pypi/django@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4pb2-tqru-uufs
1
vulnerability VCID-n9vn-4uxr-hkau
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12
2
url pkg:pypi/django@3.2.4
purl pkg:pypi/django@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4pb2-tqru-uufs
3
vulnerability VCID-4z4e-8ttu-tyd6
4
vulnerability VCID-51tx-4tp9-kbcz
5
vulnerability VCID-6jpg-yrf8-cufy
6
vulnerability VCID-9end-mq19-rke5
7
vulnerability VCID-am3f-c5ex-8ff2
8
vulnerability VCID-attf-6gj8-ebaj
9
vulnerability VCID-au8h-vj9k-pufv
10
vulnerability VCID-drwp-htkk-bkfh
11
vulnerability VCID-f4a7-tcz5-byfj
12
vulnerability VCID-fksk-pr23-2yd8
13
vulnerability VCID-fsaw-3ta1-x3dw
14
vulnerability VCID-m1dr-sjmw-jfd2
15
vulnerability VCID-m33h-4p9q-63fb
16
vulnerability VCID-n9vn-4uxr-hkau
17
vulnerability VCID-nss9-1yrb-x7f2
18
vulnerability VCID-qgp1-4efd-6yg6
19
vulnerability VCID-yuda-1mur-8bbq
20
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4
aliases CVE-2021-33571, GHSA-p99v-5w3c-jqq9, PYSEC-2021-99
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z4x1-e7tp-rqhz
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12