Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django@3.2.20
Typepypi
Namespace
Namedjango
Version3.2.20
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.2.25
Latest_non_vulnerable_version6.0.5
Affected_by_vulnerabilities
0
url VCID-7u6e-a3ng-fude
vulnerability_id VCID-7u6e-a3ng-fude
summary In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43665.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43665.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-43665
reference_id
reference_type
scores
0
value 0.0279
scoring_system epss
scoring_elements 0.86341
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-43665
2
reference_url https://docs.djangoproject.com/en/4.2/releases/security
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.2/releases/security
3
reference_url https://docs.djangoproject.com/en/4.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.2/releases/security/
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/be9c27c4d18c2e6a5be8af4e53c0797440794473
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/be9c27c4d18c2e6a5be8af4e53c0797440794473
7
reference_url https://github.com/django/django/commit/c7b7024742250414e426ad49fb80db943e7ba4e8
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c7b7024742250414e426ad49fb80db943e7ba4e8
8
reference_url https://github.com/django/django/commit/ccdade1a0262537868d7ca64374de3d957ca50c5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/ccdade1a0262537868d7ca64374de3d957ca50c5
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-226.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-226.yaml
10
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21forum/django-announce
11
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
16
reference_url https://security.netapp.com/advisory/ntap-20231221-0001
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231221-0001
17
reference_url https://www.djangoproject.com/weblog/2023/oct/04/security-releases
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2023/oct/04/security-releases
18
reference_url https://www.djangoproject.com/weblog/2023/oct/04/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2023/oct/04/security-releases/
19
reference_url http://www.openwall.com/lists/oss-security/2024/03/04/1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/03/04/1
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053475
reference_id 1053475
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053475
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2241046
reference_id 2241046
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2241046
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-43665
reference_id CVE-2023-43665
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-43665
23
reference_url https://github.com/advisories/GHSA-h8gc-pgj2-vjm3
reference_id GHSA-h8gc-pgj2-vjm3
reference_type
scores
url https://github.com/advisories/GHSA-h8gc-pgj2-vjm3
24
reference_url https://access.redhat.com/errata/RHSA-2023:6158
reference_id RHSA-2023:6158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6158
25
reference_url https://access.redhat.com/errata/RHSA-2024:1878
reference_id RHSA-2024:1878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1878
26
reference_url https://usn.ubuntu.com/6414-1/
reference_id USN-6414-1
reference_type
scores
url https://usn.ubuntu.com/6414-1/
27
reference_url https://usn.ubuntu.com/6414-2/
reference_id USN-6414-2
reference_type
scores
url https://usn.ubuntu.com/6414-2/
fixed_packages
0
url pkg:pypi/django@3.2.22
purl pkg:pypi/django@3.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bjn5-qpmt-qffx
1
vulnerability VCID-e2p6-m8gu-jbfu
2
vulnerability VCID-x4s4-qav9-xbet
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.22
1
url pkg:pypi/django@4.1.12
purl pkg:pypi/django@4.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-e2p6-m8gu-jbfu
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.12
2
url pkg:pypi/django@4.2.6
purl pkg:pypi/django@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1c7j-evpp-53eb
1
vulnerability VCID-1umb-2rxg-bbdk
2
vulnerability VCID-32d1-b8f2-hud5
3
vulnerability VCID-3d6k-rdsh-k7hm
4
vulnerability VCID-4vry-9jdm-nyg9
5
vulnerability VCID-5fbx-3yfb-fudx
6
vulnerability VCID-62jv-ab6d-sqdb
7
vulnerability VCID-63c7-mkxw-ufav
8
vulnerability VCID-68nb-696n-n3bf
9
vulnerability VCID-7jbt-5zw2-vff2
10
vulnerability VCID-92bp-6kte-tyfs
11
vulnerability VCID-9udu-eqvn-mqbj
12
vulnerability VCID-ape9-66ck-nfez
13
vulnerability VCID-ax7m-uv4s-zkc1
14
vulnerability VCID-bjn5-qpmt-qffx
15
vulnerability VCID-bq5s-uknu-z7cn
16
vulnerability VCID-cbsj-1qqg-1ba6
17
vulnerability VCID-cg44-thdw-cygg
18
vulnerability VCID-chey-b3c1-pbe5
19
vulnerability VCID-e2p6-m8gu-jbfu
20
vulnerability VCID-em3c-ceug-cubp
21
vulnerability VCID-enen-3w2h-g3b8
22
vulnerability VCID-fbee-vj2y-cfeb
23
vulnerability VCID-heum-8mwz-sbcw
24
vulnerability VCID-j2uz-w2ur-7ud4
25
vulnerability VCID-jma1-9ags-xbfm
26
vulnerability VCID-jt9m-kd3k-uqca
27
vulnerability VCID-kv5d-p5n4-r7dp
28
vulnerability VCID-nyc2-p1rp-xkb4
29
vulnerability VCID-q4cv-2m7d-3qd5
30
vulnerability VCID-sz4x-rr8f-a3hf
31
vulnerability VCID-u15a-4ste-43cy
32
vulnerability VCID-vm2w-caad-nyd3
33
vulnerability VCID-vpgq-jhzc-j7h2
34
vulnerability VCID-x4s4-qav9-xbet
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.6
aliases BIT-django-2023-43665, CVE-2023-43665, GHSA-h8gc-pgj2-vjm3, PYSEC-2023-226
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7u6e-a3ng-fude
1
url VCID-bjn5-qpmt-qffx
vulnerability_id VCID-bjn5-qpmt-qffx
summary In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27351.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27351.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-27351
reference_id
reference_type
scores
0
value 0.02611
scoring_system epss
scoring_elements 0.85903
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-27351
2
reference_url https://docs.djangoproject.com/en/5.0/releases/security
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/5.0/releases/security
3
reference_url https://docs.djangoproject.com/en/5.0/releases/security/
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/
url https://docs.djangoproject.com/en/5.0/releases/security/
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/072963e4c4d0b3a7a8c5412bc0c7d27d1a9c3521
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/072963e4c4d0b3a7a8c5412bc0c7d27d1a9c3521
7
reference_url https://github.com/django/django/commit/3394fc6132436eca89e997083bae9985fb7e761e
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/3394fc6132436eca89e997083bae9985fb7e761e
8
reference_url https://github.com/django/django/commit/3c9a2771cc80821e041b16eb36c1c37af5349d4a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/3c9a2771cc80821e041b16eb36c1c37af5349d4a
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-47.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-47.yaml
10
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/
url https://groups.google.com/forum/#%21forum/django-announce
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
17
reference_url https://www.djangoproject.com/weblog/2024/mar/04/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/mar/04/security-releases
18
reference_url https://www.djangoproject.com/weblog/2024/mar/04/security-releases/
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/
url https://www.djangoproject.com/weblog/2024/mar/04/security-releases/
19
reference_url http://www.openwall.com/lists/oss-security/2024/03/04/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/
url http://www.openwall.com/lists/oss-security/2024/03/04/1
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2266045
reference_id 2266045
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2266045
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-27351
reference_id CVE-2024-27351
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-27351
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/
reference_id D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/
23
reference_url https://github.com/advisories/GHSA-vm8q-m57g-pff3
reference_id GHSA-vm8q-m57g-pff3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vm8q-m57g-pff3
24
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
25
reference_url https://access.redhat.com/errata/RHSA-2024:1640
reference_id RHSA-2024:1640
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1640
26
reference_url https://access.redhat.com/errata/RHSA-2024:1878
reference_id RHSA-2024:1878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1878
27
reference_url https://access.redhat.com/errata/RHSA-2024:3781
reference_id RHSA-2024:3781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3781
28
reference_url https://access.redhat.com/errata/RHSA-2024:5662
reference_id RHSA-2024:5662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5662
29
reference_url https://access.redhat.com/errata/RHSA-2025:4187
reference_id RHSA-2025:4187
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4187
30
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6/
reference_id SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6/
31
reference_url https://usn.ubuntu.com/6674-1/
reference_id USN-6674-1
reference_type
scores
url https://usn.ubuntu.com/6674-1/
32
reference_url https://usn.ubuntu.com/6674-2/
reference_id USN-6674-2
reference_type
scores
url https://usn.ubuntu.com/6674-2/
33
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/
reference_id ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/
fixed_packages
0
url pkg:pypi/django@3.2.25
purl pkg:pypi/django@3.2.25
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.25
1
url pkg:pypi/django@4.2.11
purl pkg:pypi/django@4.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1c7j-evpp-53eb
1
vulnerability VCID-1umb-2rxg-bbdk
2
vulnerability VCID-32d1-b8f2-hud5
3
vulnerability VCID-3d6k-rdsh-k7hm
4
vulnerability VCID-4vry-9jdm-nyg9
5
vulnerability VCID-5fbx-3yfb-fudx
6
vulnerability VCID-62jv-ab6d-sqdb
7
vulnerability VCID-63c7-mkxw-ufav
8
vulnerability VCID-68nb-696n-n3bf
9
vulnerability VCID-7jbt-5zw2-vff2
10
vulnerability VCID-92bp-6kte-tyfs
11
vulnerability VCID-9udu-eqvn-mqbj
12
vulnerability VCID-ape9-66ck-nfez
13
vulnerability VCID-ax7m-uv4s-zkc1
14
vulnerability VCID-bq5s-uknu-z7cn
15
vulnerability VCID-cbsj-1qqg-1ba6
16
vulnerability VCID-cg44-thdw-cygg
17
vulnerability VCID-chey-b3c1-pbe5
18
vulnerability VCID-em3c-ceug-cubp
19
vulnerability VCID-enen-3w2h-g3b8
20
vulnerability VCID-fbee-vj2y-cfeb
21
vulnerability VCID-heum-8mwz-sbcw
22
vulnerability VCID-j2uz-w2ur-7ud4
23
vulnerability VCID-jma1-9ags-xbfm
24
vulnerability VCID-jt9m-kd3k-uqca
25
vulnerability VCID-kv5d-p5n4-r7dp
26
vulnerability VCID-nyc2-p1rp-xkb4
27
vulnerability VCID-q4cv-2m7d-3qd5
28
vulnerability VCID-sz4x-rr8f-a3hf
29
vulnerability VCID-u15a-4ste-43cy
30
vulnerability VCID-vm2w-caad-nyd3
31
vulnerability VCID-vpgq-jhzc-j7h2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.11
2
url pkg:pypi/django@5.0.3
purl pkg:pypi/django@5.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1c7j-evpp-53eb
1
vulnerability VCID-1umb-2rxg-bbdk
2
vulnerability VCID-4vry-9jdm-nyg9
3
vulnerability VCID-68nb-696n-n3bf
4
vulnerability VCID-a3e2-se1v-2yb5
5
vulnerability VCID-ape9-66ck-nfez
6
vulnerability VCID-bq5s-uknu-z7cn
7
vulnerability VCID-chey-b3c1-pbe5
8
vulnerability VCID-jt9m-kd3k-uqca
9
vulnerability VCID-kv5d-p5n4-r7dp
10
vulnerability VCID-nyc2-p1rp-xkb4
11
vulnerability VCID-q4cv-2m7d-3qd5
12
vulnerability VCID-sz4x-rr8f-a3hf
13
vulnerability VCID-vm2w-caad-nyd3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.3
aliases BIT-django-2024-27351, CVE-2024-27351, GHSA-vm8q-m57g-pff3, PYSEC-2024-47
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bjn5-qpmt-qffx
2
url VCID-ctk2-ykg7-h7ag
vulnerability_id VCID-ctk2-ykg7-h7ag
summary In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41164.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41164.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-41164
reference_id
reference_type
scores
0
value 0.00406
scoring_system epss
scoring_elements 0.61354
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-41164
2
reference_url https://docs.djangoproject.com/en/4.2/releases/security
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.2/releases/security
3
reference_url https://docs.djangoproject.com/en/4.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.2/releases/security/
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/6f030b1149bd8fa4ba90452e77cb3edc095ce54e
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6f030b1149bd8fa4ba90452e77cb3edc095ce54e
7
reference_url https://github.com/django/django/commit/9c51b4dcfa0cefcb48231f4d71cafa80821f87b9
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/9c51b4dcfa0cefcb48231f4d71cafa80821f87b9
8
reference_url https://github.com/django/django/commit/ba00bc5ec6a7eff5e08be438f7b5b0e9574e8ff0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/ba00bc5ec6a7eff5e08be438f7b5b0e9574e8ff0
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-225.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-225.yaml
10
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21forum/django-announce
11
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
16
reference_url https://security.netapp.com/advisory/ntap-20231214-0002
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231214-0002
17
reference_url https://www.djangoproject.com/weblog/2023/sep/04/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2023/sep/04/security-releases
18
reference_url https://www.djangoproject.com/weblog/2023/sep/04/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2023/sep/04/security-releases/
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051226
reference_id 1051226
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051226
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2237258
reference_id 2237258
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2237258
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-41164
reference_id CVE-2023-41164
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-41164
22
reference_url https://github.com/advisories/GHSA-7h4p-27mh-hmrw
reference_id GHSA-7h4p-27mh-hmrw
reference_type
scores
url https://github.com/advisories/GHSA-7h4p-27mh-hmrw
23
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
24
reference_url https://access.redhat.com/errata/RHSA-2023:5208
reference_id RHSA-2023:5208
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5208
25
reference_url https://access.redhat.com/errata/RHSA-2024:1878
reference_id RHSA-2024:1878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1878
26
reference_url https://usn.ubuntu.com/6378-1/
reference_id USN-6378-1
reference_type
scores
url https://usn.ubuntu.com/6378-1/
27
reference_url https://usn.ubuntu.com/6414-2/
reference_id USN-6414-2
reference_type
scores
url https://usn.ubuntu.com/6414-2/
fixed_packages
0
url pkg:pypi/django@3.2.21
purl pkg:pypi/django@3.2.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7u6e-a3ng-fude
1
vulnerability VCID-bjn5-qpmt-qffx
2
vulnerability VCID-e2p6-m8gu-jbfu
3
vulnerability VCID-x4s4-qav9-xbet
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.21
1
url pkg:pypi/django@4.1.11
purl pkg:pypi/django@4.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7u6e-a3ng-fude
1
vulnerability VCID-e2p6-m8gu-jbfu
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.11
2
url pkg:pypi/django@4.2.5
purl pkg:pypi/django@4.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1c7j-evpp-53eb
1
vulnerability VCID-1umb-2rxg-bbdk
2
vulnerability VCID-32d1-b8f2-hud5
3
vulnerability VCID-3d6k-rdsh-k7hm
4
vulnerability VCID-4vry-9jdm-nyg9
5
vulnerability VCID-5fbx-3yfb-fudx
6
vulnerability VCID-62jv-ab6d-sqdb
7
vulnerability VCID-63c7-mkxw-ufav
8
vulnerability VCID-68nb-696n-n3bf
9
vulnerability VCID-7jbt-5zw2-vff2
10
vulnerability VCID-7u6e-a3ng-fude
11
vulnerability VCID-92bp-6kte-tyfs
12
vulnerability VCID-9udu-eqvn-mqbj
13
vulnerability VCID-ape9-66ck-nfez
14
vulnerability VCID-ax7m-uv4s-zkc1
15
vulnerability VCID-bjn5-qpmt-qffx
16
vulnerability VCID-bq5s-uknu-z7cn
17
vulnerability VCID-cbsj-1qqg-1ba6
18
vulnerability VCID-cg44-thdw-cygg
19
vulnerability VCID-chey-b3c1-pbe5
20
vulnerability VCID-e2p6-m8gu-jbfu
21
vulnerability VCID-em3c-ceug-cubp
22
vulnerability VCID-enen-3w2h-g3b8
23
vulnerability VCID-fbee-vj2y-cfeb
24
vulnerability VCID-heum-8mwz-sbcw
25
vulnerability VCID-j2uz-w2ur-7ud4
26
vulnerability VCID-jma1-9ags-xbfm
27
vulnerability VCID-jt9m-kd3k-uqca
28
vulnerability VCID-kv5d-p5n4-r7dp
29
vulnerability VCID-nyc2-p1rp-xkb4
30
vulnerability VCID-q4cv-2m7d-3qd5
31
vulnerability VCID-sz4x-rr8f-a3hf
32
vulnerability VCID-u15a-4ste-43cy
33
vulnerability VCID-vm2w-caad-nyd3
34
vulnerability VCID-vpgq-jhzc-j7h2
35
vulnerability VCID-x4s4-qav9-xbet
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.5
aliases BIT-django-2023-41164, CVE-2023-41164, GHSA-7h4p-27mh-hmrw, PYSEC-2023-225
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ctk2-ykg7-h7ag
3
url VCID-e2p6-m8gu-jbfu
vulnerability_id VCID-e2p6-m8gu-jbfu
summary An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46695.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46695.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46695
reference_id
reference_type
scores
0
value 0.03582
scoring_system epss
scoring_elements 0.87943
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46695
2
reference_url https://docs.djangoproject.com/en/4.2/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.2/releases/security
3
reference_url https://docs.djangoproject.com/en/4.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.2/releases/security/
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/048a9ebb6ea468426cb4e57c71572cbbd975517f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/048a9ebb6ea468426cb4e57c71572cbbd975517f
7
reference_url https://github.com/django/django/commit/4965bfdde2e5a5c883685019e57d123a3368a75e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4965bfdde2e5a5c883685019e57d123a3368a75e
8
reference_url https://github.com/django/django/commit/f9a7fb8466a7ba4857eaf930099b5258f3eafb2b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f9a7fb8466a7ba4857eaf930099b5258f3eafb2b
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-222.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-222.yaml
10
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21forum/django-announce
11
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
12
reference_url https://security.netapp.com/advisory/ntap-20231214-0001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231214-0001
13
reference_url https://www.djangoproject.com/weblog/2023/nov/01/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2023/nov/01/security-releases
14
reference_url https://www.djangoproject.com/weblog/2023/nov/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2023/nov/01/security-releases/
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2247097
reference_id 2247097
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2247097
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-46695
reference_id CVE-2023-46695
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-46695
17
reference_url https://github.com/advisories/GHSA-qmf9-6jqf-j8fq
reference_id GHSA-qmf9-6jqf-j8fq
reference_type
scores
url https://github.com/advisories/GHSA-qmf9-6jqf-j8fq
fixed_packages
0
url pkg:pypi/django@3.2.23
purl pkg:pypi/django@3.2.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bjn5-qpmt-qffx
1
vulnerability VCID-x4s4-qav9-xbet
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.23
1
url pkg:pypi/django@4.1.13
purl pkg:pypi/django@4.1.13
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.13
2
url pkg:pypi/django@4.2.7
purl pkg:pypi/django@4.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1c7j-evpp-53eb
1
vulnerability VCID-1umb-2rxg-bbdk
2
vulnerability VCID-32d1-b8f2-hud5
3
vulnerability VCID-3d6k-rdsh-k7hm
4
vulnerability VCID-4vry-9jdm-nyg9
5
vulnerability VCID-5fbx-3yfb-fudx
6
vulnerability VCID-62jv-ab6d-sqdb
7
vulnerability VCID-63c7-mkxw-ufav
8
vulnerability VCID-68nb-696n-n3bf
9
vulnerability VCID-7jbt-5zw2-vff2
10
vulnerability VCID-92bp-6kte-tyfs
11
vulnerability VCID-9udu-eqvn-mqbj
12
vulnerability VCID-ape9-66ck-nfez
13
vulnerability VCID-ax7m-uv4s-zkc1
14
vulnerability VCID-bjn5-qpmt-qffx
15
vulnerability VCID-bq5s-uknu-z7cn
16
vulnerability VCID-cbsj-1qqg-1ba6
17
vulnerability VCID-cg44-thdw-cygg
18
vulnerability VCID-chey-b3c1-pbe5
19
vulnerability VCID-em3c-ceug-cubp
20
vulnerability VCID-enen-3w2h-g3b8
21
vulnerability VCID-fbee-vj2y-cfeb
22
vulnerability VCID-heum-8mwz-sbcw
23
vulnerability VCID-j2uz-w2ur-7ud4
24
vulnerability VCID-jma1-9ags-xbfm
25
vulnerability VCID-jt9m-kd3k-uqca
26
vulnerability VCID-kv5d-p5n4-r7dp
27
vulnerability VCID-nyc2-p1rp-xkb4
28
vulnerability VCID-q4cv-2m7d-3qd5
29
vulnerability VCID-sz4x-rr8f-a3hf
30
vulnerability VCID-u15a-4ste-43cy
31
vulnerability VCID-vm2w-caad-nyd3
32
vulnerability VCID-vpgq-jhzc-j7h2
33
vulnerability VCID-x4s4-qav9-xbet
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.7
aliases BIT-django-2023-46695, CVE-2023-46695, GHSA-qmf9-6jqf-j8fq, PYSEC-2023-222
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e2p6-m8gu-jbfu
4
url VCID-x4s4-qav9-xbet
vulnerability_id VCID-x4s4-qav9-xbet
summary An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24680.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24680.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-24680
reference_id
reference_type
scores
0
value 0.01394
scoring_system epss
scoring_elements 0.80693
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-24680
2
reference_url https://docs.djangoproject.com/en/5.0/releases/security
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/5.0/releases/security
3
reference_url https://docs.djangoproject.com/en/5.0/releases/security/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/
url https://docs.djangoproject.com/en/5.0/releases/security/
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/16a8fe18a3b81250f4fa57e3f93f0599dc4895bc
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/16a8fe18a3b81250f4fa57e3f93f0599dc4895bc
7
reference_url https://github.com/django/django/commit/55519d6cf8998fe4c8f5c8abffc2b10a7c3d14e9
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/55519d6cf8998fe4c8f5c8abffc2b10a7c3d14e9
8
reference_url https://github.com/django/django/commit/572ea07e84b38ea8de0551f4b4eda685d91d09d2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/572ea07e84b38ea8de0551f4b4eda685d91d09d2
9
reference_url https://github.com/django/django/commit/c1171ffbd570db90ca206c30f8e2b9f691243820
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c1171ffbd570db90ca206c30f8e2b9f691243820
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-28.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-28.yaml
11
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/
url https://groups.google.com/forum/#%21forum/django-announce
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
18
reference_url https://www.djangoproject.com/weblog/2024/feb/06/security-releases
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/feb/06/security-releases
19
reference_url https://www.djangoproject.com/weblog/2024/feb/06/security-releases/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/
url https://www.djangoproject.com/weblog/2024/feb/06/security-releases/
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2261856
reference_id 2261856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2261856
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-24680
reference_id CVE-2024-24680
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-24680
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/
reference_id D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/
23
reference_url https://github.com/advisories/GHSA-xxj9-f6rv-m3x4
reference_id GHSA-xxj9-f6rv-m3x4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xxj9-f6rv-m3x4
24
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
25
reference_url https://access.redhat.com/errata/RHSA-2024:1057
reference_id RHSA-2024:1057
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1057
26
reference_url https://access.redhat.com/errata/RHSA-2024:1640
reference_id RHSA-2024:1640
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1640
27
reference_url https://access.redhat.com/errata/RHSA-2024:1878
reference_id RHSA-2024:1878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1878
28
reference_url https://access.redhat.com/errata/RHSA-2024:2731
reference_id RHSA-2024:2731
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2731
29
reference_url https://access.redhat.com/errata/RHSA-2024:5662
reference_id RHSA-2024:5662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5662
30
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6/
reference_id SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6/
31
reference_url https://usn.ubuntu.com/6623-1/
reference_id USN-6623-1
reference_type
scores
url https://usn.ubuntu.com/6623-1/
32
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/
reference_id ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/
fixed_packages
0
url pkg:pypi/django@3.2.24
purl pkg:pypi/django@3.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-bjn5-qpmt-qffx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.24
1
url pkg:pypi/django@4.2.10
purl pkg:pypi/django@4.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1c7j-evpp-53eb
1
vulnerability VCID-1umb-2rxg-bbdk
2
vulnerability VCID-32d1-b8f2-hud5
3
vulnerability VCID-3d6k-rdsh-k7hm
4
vulnerability VCID-4vry-9jdm-nyg9
5
vulnerability VCID-5fbx-3yfb-fudx
6
vulnerability VCID-62jv-ab6d-sqdb
7
vulnerability VCID-63c7-mkxw-ufav
8
vulnerability VCID-68nb-696n-n3bf
9
vulnerability VCID-7jbt-5zw2-vff2
10
vulnerability VCID-92bp-6kte-tyfs
11
vulnerability VCID-9udu-eqvn-mqbj
12
vulnerability VCID-ape9-66ck-nfez
13
vulnerability VCID-ax7m-uv4s-zkc1
14
vulnerability VCID-bjn5-qpmt-qffx
15
vulnerability VCID-bq5s-uknu-z7cn
16
vulnerability VCID-cbsj-1qqg-1ba6
17
vulnerability VCID-cg44-thdw-cygg
18
vulnerability VCID-chey-b3c1-pbe5
19
vulnerability VCID-em3c-ceug-cubp
20
vulnerability VCID-enen-3w2h-g3b8
21
vulnerability VCID-fbee-vj2y-cfeb
22
vulnerability VCID-heum-8mwz-sbcw
23
vulnerability VCID-j2uz-w2ur-7ud4
24
vulnerability VCID-jma1-9ags-xbfm
25
vulnerability VCID-jt9m-kd3k-uqca
26
vulnerability VCID-kv5d-p5n4-r7dp
27
vulnerability VCID-nyc2-p1rp-xkb4
28
vulnerability VCID-q4cv-2m7d-3qd5
29
vulnerability VCID-sz4x-rr8f-a3hf
30
vulnerability VCID-u15a-4ste-43cy
31
vulnerability VCID-vm2w-caad-nyd3
32
vulnerability VCID-vpgq-jhzc-j7h2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.10
2
url pkg:pypi/django@5.0.2
purl pkg:pypi/django@5.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1c7j-evpp-53eb
1
vulnerability VCID-1umb-2rxg-bbdk
2
vulnerability VCID-4vry-9jdm-nyg9
3
vulnerability VCID-68nb-696n-n3bf
4
vulnerability VCID-a3e2-se1v-2yb5
5
vulnerability VCID-ape9-66ck-nfez
6
vulnerability VCID-bjn5-qpmt-qffx
7
vulnerability VCID-bq5s-uknu-z7cn
8
vulnerability VCID-chey-b3c1-pbe5
9
vulnerability VCID-jt9m-kd3k-uqca
10
vulnerability VCID-kv5d-p5n4-r7dp
11
vulnerability VCID-nyc2-p1rp-xkb4
12
vulnerability VCID-q4cv-2m7d-3qd5
13
vulnerability VCID-sz4x-rr8f-a3hf
14
vulnerability VCID-vm2w-caad-nyd3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.2
aliases BIT-django-2024-24680, CVE-2024-24680, GHSA-xxj9-f6rv-m3x4, PYSEC-2024-28
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x4s4-qav9-xbet
Fixing_vulnerabilities
0
url VCID-kmv2-339j-8ugc
vulnerability_id VCID-kmv2-339j-8ugc
summary In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36053.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36053.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-36053
reference_id
reference_type
scores
0
value 0.09595
scoring_system epss
scoring_elements 0.93006
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-36053
2
reference_url https://docs.djangoproject.com/en/4.2/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.2/releases/security
3
reference_url https://docs.djangoproject.com/en/4.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.2/releases/security/
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/454f2fb93437f98917283336201b4048293f7582
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/454f2fb93437f98917283336201b4048293f7582
7
reference_url https://github.com/django/django/commit/ad0410ec4f458aa39803e5f6b9a3736527062dcd
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/ad0410ec4f458aa39803e5f6b9a3736527062dcd
8
reference_url https://github.com/django/django/commit/b7c5feb35a31799de6e582ad6a5a91a9de74e0f9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/b7c5feb35a31799de6e582ad6a5a91a9de74e0f9
9
reference_url https://github.com/django/django/commit/beb3f3d55940d9aa7198bf9d424ab74e873aec3d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/beb3f3d55940d9aa7198bf9d424ab74e873aec3d
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-100.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-100.yaml
11
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21forum/django-announce
12
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
13
reference_url https://lists.debian.org/debian-lts-announce/2023/07/msg00022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/07/msg00022.html
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D
20
reference_url https://www.debian.org/security/2023/dsa-5465
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2023/dsa-5465
21
reference_url https://www.djangoproject.com/weblog/2023/jul/03/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2023/jul/03/security-releases
22
reference_url https://www.djangoproject.com/weblog/2023/jul/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2023/jul/03/security-releases/
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040225
reference_id 1040225
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040225
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2218004
reference_id 2218004
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2218004
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-36053
reference_id CVE-2023-36053
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-36053
26
reference_url https://github.com/advisories/GHSA-jh3w-4vvf-mjgr
reference_id GHSA-jh3w-4vvf-mjgr
reference_type
scores
url https://github.com/advisories/GHSA-jh3w-4vvf-mjgr
27
reference_url https://access.redhat.com/errata/RHSA-2023:4692
reference_id RHSA-2023:4692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4692
28
reference_url https://access.redhat.com/errata/RHSA-2023:4693
reference_id RHSA-2023:4693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4693
29
reference_url https://access.redhat.com/errata/RHSA-2023:5931
reference_id RHSA-2023:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5931
30
reference_url https://access.redhat.com/errata/RHSA-2023:6818
reference_id RHSA-2023:6818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6818
31
reference_url https://access.redhat.com/errata/RHSA-2024:0212
reference_id RHSA-2024:0212
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0212
32
reference_url https://access.redhat.com/errata/RHSA-2024:1878
reference_id RHSA-2024:1878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1878
33
reference_url https://usn.ubuntu.com/6203-1/
reference_id USN-6203-1
reference_type
scores
url https://usn.ubuntu.com/6203-1/
34
reference_url https://usn.ubuntu.com/6203-2/
reference_id USN-6203-2
reference_type
scores
url https://usn.ubuntu.com/6203-2/
fixed_packages
0
url pkg:pypi/django@3.2.20
purl pkg:pypi/django@3.2.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7u6e-a3ng-fude
1
vulnerability VCID-bjn5-qpmt-qffx
2
vulnerability VCID-ctk2-ykg7-h7ag
3
vulnerability VCID-e2p6-m8gu-jbfu
4
vulnerability VCID-x4s4-qav9-xbet
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.20
1
url pkg:pypi/django@4.1.10
purl pkg:pypi/django@4.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7u6e-a3ng-fude
1
vulnerability VCID-ctk2-ykg7-h7ag
2
vulnerability VCID-e2p6-m8gu-jbfu
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.10
2
url pkg:pypi/django@4.2.3
purl pkg:pypi/django@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1c7j-evpp-53eb
1
vulnerability VCID-1umb-2rxg-bbdk
2
vulnerability VCID-32d1-b8f2-hud5
3
vulnerability VCID-3d6k-rdsh-k7hm
4
vulnerability VCID-4vry-9jdm-nyg9
5
vulnerability VCID-5fbx-3yfb-fudx
6
vulnerability VCID-62jv-ab6d-sqdb
7
vulnerability VCID-63c7-mkxw-ufav
8
vulnerability VCID-68nb-696n-n3bf
9
vulnerability VCID-7jbt-5zw2-vff2
10
vulnerability VCID-7u6e-a3ng-fude
11
vulnerability VCID-92bp-6kte-tyfs
12
vulnerability VCID-9udu-eqvn-mqbj
13
vulnerability VCID-ape9-66ck-nfez
14
vulnerability VCID-ax7m-uv4s-zkc1
15
vulnerability VCID-bjn5-qpmt-qffx
16
vulnerability VCID-bq5s-uknu-z7cn
17
vulnerability VCID-cbsj-1qqg-1ba6
18
vulnerability VCID-cg44-thdw-cygg
19
vulnerability VCID-chey-b3c1-pbe5
20
vulnerability VCID-ctk2-ykg7-h7ag
21
vulnerability VCID-e2p6-m8gu-jbfu
22
vulnerability VCID-em3c-ceug-cubp
23
vulnerability VCID-enen-3w2h-g3b8
24
vulnerability VCID-fbee-vj2y-cfeb
25
vulnerability VCID-heum-8mwz-sbcw
26
vulnerability VCID-j2uz-w2ur-7ud4
27
vulnerability VCID-jma1-9ags-xbfm
28
vulnerability VCID-jt9m-kd3k-uqca
29
vulnerability VCID-kv5d-p5n4-r7dp
30
vulnerability VCID-nyc2-p1rp-xkb4
31
vulnerability VCID-q4cv-2m7d-3qd5
32
vulnerability VCID-sz4x-rr8f-a3hf
33
vulnerability VCID-u15a-4ste-43cy
34
vulnerability VCID-vm2w-caad-nyd3
35
vulnerability VCID-vpgq-jhzc-j7h2
36
vulnerability VCID-x4s4-qav9-xbet
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.3
aliases BIT-django-2023-36053, CVE-2023-36053, GHSA-jh3w-4vvf-mjgr, PYSEC-2023-100
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kmv2-339j-8ugc
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.20