Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/26586?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/26586?format=api", "purl": "pkg:pypi/django@2.2.27", "type": "pypi", "namespace": "", "name": "django", "version": "2.2.27", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.2.28", "latest_non_vulnerable_version": "6.0.5", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4991?format=api", "vulnerability_id": "VCID-drwp-htkk-bkfh", "summary": "sql injection", "references": [ { "reference_url": "https://docs.djangoproject.com/en/4.0/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/4.0/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/4.0/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/4.0/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-w24h-v9qh-8gxj", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-w24h-v9qh-8gxj" }, { "reference_url": "https://github.com/django/django", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django" }, { "reference_url": "https://github.com/django/django/commit/00b0fc50e1738c7174c495464a5ef069408a4402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/00b0fc50e1738c7174c495464a5ef069408a4402" }, { "reference_url": "https://github.com/django/django/commit/29a6c98b4c13af82064f993f0acc6e8fafa4d3f5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/29a6c98b4c13af82064f993f0acc6e8fafa4d3f5" }, { "reference_url": "https://github.com/django/django/commit/6723a26e59b0b5429a0c5873941e01a2e1bdbb81", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/6723a26e59b0b5429a0c5873941e01a2e1bdbb81" }, { "reference_url": "https://github.com/django/django/commit/9e19accb6e0a00ba77d5a95a91675bf18877c72d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/9e19accb6e0a00ba77d5a95a91675bf18877c72d" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-191.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-191.yaml" }, { "reference_url": "https://groups.google.com/forum/#!forum/django-announce", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!forum/django-announce" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2022/dsa-5254" }, { "reference_url": "https://www.djangoproject.com/weblog/2022/apr/11/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2022/apr/11/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2022/apr/11/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2022/apr/11/security-releases/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/11/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2022/04/11/1" }, { "reference_url": "https://security.archlinux.org/ASA-202204-9", "reference_id": "ASA-202204-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202204-9" }, { "reference_url": "https://security.archlinux.org/AVG-2667", "reference_id": "AVG-2667", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2667" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28347", "reference_id": "CVE-2022-28347", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28347" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27462?format=api", "purl": "pkg:pypi/django@2.2.28", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/27461?format=api", "purl": "pkg:pypi/django@3.2.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29qk-rv5n-efbm" }, { "vulnerability": "VCID-2n2n-1fq2-7bbs" }, { "vulnerability": "VCID-4z4e-8ttu-tyd6" }, { "vulnerability": "VCID-am3f-c5ex-8ff2" }, { "vulnerability": "VCID-au8h-vj9k-pufv" }, { "vulnerability": "VCID-f4a7-tcz5-byfj" }, { "vulnerability": "VCID-fsaw-3ta1-x3dw" }, { "vulnerability": "VCID-m1dr-sjmw-jfd2" }, { "vulnerability": "VCID-m33h-4p9q-63fb" }, { "vulnerability": "VCID-qgp1-4efd-6yg6" }, { "vulnerability": "VCID-yuda-1mur-8bbq" }, { "vulnerability": "VCID-z6tf-z1y9-cydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/27460?format=api", "purl": "pkg:pypi/django@4.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29qk-rv5n-efbm" }, { "vulnerability": "VCID-2n2n-1fq2-7bbs" }, { "vulnerability": "VCID-4z4e-8ttu-tyd6" }, { "vulnerability": "VCID-au8h-vj9k-pufv" }, { "vulnerability": "VCID-f4a7-tcz5-byfj" }, { "vulnerability": "VCID-m1dr-sjmw-jfd2" }, { "vulnerability": "VCID-z6tf-z1y9-cydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.4" } ], "aliases": [ "CVE-2022-28347", "GHSA-w24h-v9qh-8gxj", "PYSEC-2022-191" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-drwp-htkk-bkfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4992?format=api", "vulnerability_id": "VCID-nss9-1yrb-x7f2", "summary": "sql injection", "references": [ { "reference_url": "https://docs.djangoproject.com/en/4.0/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/4.0/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/4.0/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/4.0/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-2gwj-7jmv-h26r", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2gwj-7jmv-h26r" }, { "reference_url": "https://github.com/django/django", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django" }, { "reference_url": "https://github.com/django/django/commit/2044dac5c6968441be6f534c4139bcf48c5c7e48", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/2044dac5c6968441be6f534c4139bcf48c5c7e48" }, { "reference_url": "https://github.com/django/django/commit/2c09e68ec911919360d5f8502cefc312f9e03c5d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/2c09e68ec911919360d5f8502cefc312f9e03c5d" }, { "reference_url": "https://github.com/django/django/commit/800828887a0509ad1162d6d407e94d8de7eafc60", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/800828887a0509ad1162d6d407e94d8de7eafc60" }, { "reference_url": "https://github.com/django/django/commit/93cae5cb2f9a4ef1514cf1a41f714fef08005200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/93cae5cb2f9a4ef1514cf1a41f714fef08005200" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-190.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-190.yaml" }, { "reference_url": "https://groups.google.com/forum/#!forum/django-announce", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!forum/django-announce" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00013.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00013.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220609-0002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220609-0002" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2022/dsa-5254" }, { "reference_url": "https://www.djangoproject.com/weblog/2022/apr/11/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2022/apr/11/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2022/apr/11/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2022/apr/11/security-releases/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/11/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2022/04/11/1" }, { "reference_url": "https://security.archlinux.org/ASA-202204-9", "reference_id": "ASA-202204-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202204-9" }, { "reference_url": "https://security.archlinux.org/AVG-2667", "reference_id": "AVG-2667", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2667" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28346", "reference_id": "CVE-2022-28346", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28346" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27462?format=api", "purl": "pkg:pypi/django@2.2.28", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/27461?format=api", "purl": "pkg:pypi/django@3.2.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29qk-rv5n-efbm" }, { "vulnerability": "VCID-2n2n-1fq2-7bbs" }, { "vulnerability": "VCID-4z4e-8ttu-tyd6" }, { "vulnerability": "VCID-am3f-c5ex-8ff2" }, { "vulnerability": "VCID-au8h-vj9k-pufv" }, { "vulnerability": "VCID-f4a7-tcz5-byfj" }, { "vulnerability": "VCID-fsaw-3ta1-x3dw" }, { "vulnerability": "VCID-m1dr-sjmw-jfd2" }, { "vulnerability": "VCID-m33h-4p9q-63fb" }, { "vulnerability": "VCID-qgp1-4efd-6yg6" }, { "vulnerability": "VCID-yuda-1mur-8bbq" }, { "vulnerability": "VCID-z6tf-z1y9-cydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/27460?format=api", "purl": "pkg:pypi/django@4.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29qk-rv5n-efbm" }, { "vulnerability": "VCID-2n2n-1fq2-7bbs" }, { "vulnerability": "VCID-4z4e-8ttu-tyd6" }, { "vulnerability": "VCID-au8h-vj9k-pufv" }, { "vulnerability": "VCID-f4a7-tcz5-byfj" }, { "vulnerability": "VCID-m1dr-sjmw-jfd2" }, { "vulnerability": "VCID-z6tf-z1y9-cydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.4" } ], "aliases": [ "CVE-2022-28346", "GHSA-2gwj-7jmv-h26r", "PYSEC-2022-190" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nss9-1yrb-x7f2" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3561?format=api", "vulnerability_id": "VCID-51tx-4tp9-kbcz", "summary": "", "references": [ { "reference_url": "https://docs.djangoproject.com/en/4.0/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/4.0/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/4.0/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/4.0/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-6cw3-g6wv-c2xv", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-6cw3-g6wv-c2xv" }, { "reference_url": "https://github.com/django/django", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django" }, { "reference_url": "https://github.com/django/django/commit/c477b761804984c932704554ad35f78a2e230c6a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/c477b761804984c932704554ad35f78a2e230c6a" }, { "reference_url": "https://github.com/django/django/commit/d16133568ef9c9b42cb7a08bdf9ff3feec2e5468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/d16133568ef9c9b42cb7a08bdf9ff3feec2e5468" }, { "reference_url": "https://github.com/django/django/commit/f9c7d48fdd6f198a6494a9202f90242f176e4fc9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/f9c7d48fdd6f198a6494a9202f90242f176e4fc9" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-20.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-20.yaml" }, { "reference_url": "https://groups.google.com/forum/#!forum/django-announce", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!forum/django-announce" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220221-0003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220221-0003" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2022/dsa-5254" }, { "reference_url": "https://www.djangoproject.com/weblog/2022/feb/01/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2022/feb/01/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2022/feb/01/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2022/feb/01/security-releases/" }, { "reference_url": "https://security.archlinux.org/AVG-2808", "reference_id": "AVG-2808", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2808" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23833", "reference_id": "CVE-2022-23833", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23833" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/26586?format=api", "purl": "pkg:pypi/django@2.2.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-drwp-htkk-bkfh" }, { "vulnerability": "VCID-nss9-1yrb-x7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/26587?format=api", "purl": "pkg:pypi/django@3.2.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29qk-rv5n-efbm" }, { "vulnerability": "VCID-2n2n-1fq2-7bbs" }, { "vulnerability": "VCID-4z4e-8ttu-tyd6" }, { "vulnerability": "VCID-am3f-c5ex-8ff2" }, { "vulnerability": "VCID-au8h-vj9k-pufv" }, { "vulnerability": "VCID-drwp-htkk-bkfh" }, { "vulnerability": "VCID-f4a7-tcz5-byfj" }, { "vulnerability": "VCID-fsaw-3ta1-x3dw" }, { "vulnerability": "VCID-m1dr-sjmw-jfd2" }, { "vulnerability": "VCID-m33h-4p9q-63fb" }, { "vulnerability": "VCID-nss9-1yrb-x7f2" }, { "vulnerability": "VCID-qgp1-4efd-6yg6" }, { "vulnerability": "VCID-yuda-1mur-8bbq" }, { "vulnerability": "VCID-z6tf-z1y9-cydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/26588?format=api", "purl": "pkg:pypi/django@4.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29qk-rv5n-efbm" }, { "vulnerability": "VCID-2n2n-1fq2-7bbs" }, { "vulnerability": "VCID-4z4e-8ttu-tyd6" }, { "vulnerability": "VCID-au8h-vj9k-pufv" }, { "vulnerability": "VCID-drwp-htkk-bkfh" }, { "vulnerability": "VCID-f4a7-tcz5-byfj" }, { "vulnerability": "VCID-m1dr-sjmw-jfd2" }, { "vulnerability": "VCID-nss9-1yrb-x7f2" }, { "vulnerability": "VCID-z6tf-z1y9-cydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.2" } ], "aliases": [ "CVE-2022-23833", "GHSA-6cw3-g6wv-c2xv", "PYSEC-2022-20" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-51tx-4tp9-kbcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3562?format=api", "vulnerability_id": "VCID-attf-6gj8-ebaj", "summary": "", "references": [ { "reference_url": "https://docs.djangoproject.com/en/4.0/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/4.0/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/4.0/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/4.0/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-95rw-fx8r-36v6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-95rw-fx8r-36v6" }, { "reference_url": "https://github.com/django/django", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django" }, { "reference_url": "https://github.com/django/django/commit/01422046065d2b51f8f613409cad2c81b39487e5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/01422046065d2b51f8f613409cad2c81b39487e5" }, { "reference_url": "https://github.com/django/django/commit/1a1e8278c46418bde24c86a65443b0674bae65e2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/1a1e8278c46418bde24c86a65443b0674bae65e2" }, { "reference_url": "https://github.com/django/django/commit/c27a7eb9f40b64990398978152e62b6ff839c2e6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/c27a7eb9f40b64990398978152e62b6ff839c2e6" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-19.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-19.yaml" }, { "reference_url": "https://groups.google.com/forum/#!forum/django-announce", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!forum/django-announce" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220221-0003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220221-0003" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2022/dsa-5254" }, { "reference_url": "https://www.djangoproject.com/weblog/2022/feb/01/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2022/feb/01/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2022/feb/01/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2022/feb/01/security-releases/" }, { "reference_url": "https://security.archlinux.org/AVG-2808", "reference_id": "AVG-2808", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2808" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22818", "reference_id": "CVE-2022-22818", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22818" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/26586?format=api", "purl": "pkg:pypi/django@2.2.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-drwp-htkk-bkfh" }, { "vulnerability": "VCID-nss9-1yrb-x7f2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/26587?format=api", "purl": "pkg:pypi/django@3.2.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29qk-rv5n-efbm" }, { "vulnerability": "VCID-2n2n-1fq2-7bbs" }, { "vulnerability": "VCID-4z4e-8ttu-tyd6" }, { "vulnerability": "VCID-am3f-c5ex-8ff2" }, { "vulnerability": "VCID-au8h-vj9k-pufv" }, { "vulnerability": "VCID-drwp-htkk-bkfh" }, { "vulnerability": "VCID-f4a7-tcz5-byfj" }, { "vulnerability": "VCID-fsaw-3ta1-x3dw" }, { "vulnerability": "VCID-m1dr-sjmw-jfd2" }, { "vulnerability": "VCID-m33h-4p9q-63fb" }, { "vulnerability": "VCID-nss9-1yrb-x7f2" }, { "vulnerability": "VCID-qgp1-4efd-6yg6" }, { "vulnerability": "VCID-yuda-1mur-8bbq" }, { "vulnerability": "VCID-z6tf-z1y9-cydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/26588?format=api", "purl": "pkg:pypi/django@4.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29qk-rv5n-efbm" }, { "vulnerability": "VCID-2n2n-1fq2-7bbs" }, { "vulnerability": "VCID-4z4e-8ttu-tyd6" }, { "vulnerability": "VCID-au8h-vj9k-pufv" }, { "vulnerability": "VCID-drwp-htkk-bkfh" }, { "vulnerability": "VCID-f4a7-tcz5-byfj" }, { "vulnerability": "VCID-m1dr-sjmw-jfd2" }, { "vulnerability": "VCID-nss9-1yrb-x7f2" }, { "vulnerability": "VCID-z6tf-z1y9-cydq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.2" } ], "aliases": [ "CVE-2022-22818", "GHSA-95rw-fx8r-36v6", "PYSEC-2022-19" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-attf-6gj8-ebaj" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.27" }