Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/django@4.1.12

Type pypi

Namespace

Name django

Version 4.1.12

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 4.1.13

Latest_non_vulnerable_version 6.0.5

Affected_by_vulnerabilities

url VCID-am3f-c5ex-8ff2

vulnerability_id VCID-am3f-c5ex-8ff2

summary An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46695.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46695.json

reference_url

https://docs.djangoproject.com/en/4.2/releases/security

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://docs.djangoproject.com/en/4.2/releases/security

reference_url	https://docs.djangoproject.com/en/4.2/releases/security/
reference_id
reference_type
scores
url	https://docs.djangoproject.com/en/4.2/releases/security/

reference_url

https://github.com/django/django

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django

reference_url

https://github.com/django/django/commit/048a9ebb6ea468426cb4e57c71572cbbd975517f

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/048a9ebb6ea468426cb4e57c71572cbbd975517f

reference_url

https://github.com/django/django/commit/4965bfdde2e5a5c883685019e57d123a3368a75e

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/4965bfdde2e5a5c883685019e57d123a3368a75e

reference_url

https://github.com/django/django/commit/f9a7fb8466a7ba4857eaf930099b5258f3eafb2b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/f9a7fb8466a7ba4857eaf930099b5258f3eafb2b

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-222.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-222.yaml

reference_url

https://groups.google.com/forum/#%21forum/django-announce

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#%21forum/django-announce

reference_url

https://groups.google.com/forum/#!forum/django-announce

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#!forum/django-announce

reference_url

https://security.netapp.com/advisory/ntap-20231214-0001

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20231214-0001

reference_url

https://www.djangoproject.com/weblog/2023/nov/01/security-releases

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.djangoproject.com/weblog/2023/nov/01/security-releases

reference_url	https://www.djangoproject.com/weblog/2023/nov/01/security-releases/
reference_id
reference_type
scores
url	https://www.djangoproject.com/weblog/2023/nov/01/security-releases/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2247097
reference_id	2247097
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2247097

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-46695

reference_id

CVE-2023-46695

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-46695

reference_url	https://github.com/advisories/GHSA-qmf9-6jqf-j8fq
reference_id	GHSA-qmf9-6jqf-j8fq
reference_type
scores
url	https://github.com/advisories/GHSA-qmf9-6jqf-j8fq

fixed_packages

url	pkg:pypi/django@4.1.13
purl	pkg:pypi/django@4.1.13
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.13

url pkg:pypi/django@4.2.7

purl pkg:pypi/django@4.2.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ft7-rbey-kuhx

vulnerability	VCID-4kcg-gx5y-cuaw

vulnerability	VCID-5xtt-au84-zbb2

vulnerability	VCID-7c5n-nzwk-v7bz

vulnerability	VCID-9gq3-whr8-s7b8

vulnerability	VCID-9kvc-1bdz-n3bd

vulnerability	VCID-bb8b-hq41-s7a6

vulnerability	VCID-e12b-tw2c-53c9

vulnerability	VCID-e8j6-mybr-17fh

vulnerability	VCID-fcg9-xypn-ykhf

vulnerability	VCID-fsaw-3ta1-x3dw

vulnerability	VCID-ga69-9y5g-77c3

vulnerability	VCID-ga7z-wj4j-63h1

vulnerability	VCID-hsjn-xnpp-5yeh

vulnerability	VCID-jgv9-vdbm-sycd

vulnerability	VCID-jybd-p65h-xffy

vulnerability	VCID-kxdd-yzp3-r7cb

vulnerability	VCID-pa7y-gpwp-6qgj

vulnerability	VCID-phkp-9abp-f3dq

vulnerability	VCID-qy1a-x3ff-4bc8

vulnerability	VCID-r1vx-vv7d-gqaj

vulnerability	VCID-rqqc-ta7c-ykgx

vulnerability	VCID-s1rj-1xbw-fbg5

vulnerability	VCID-shch-yusm-1uck

vulnerability	VCID-shjc-2j68-2yfy

vulnerability	VCID-tktt-vg92-6kae

vulnerability	VCID-tuqc-c251-h7ds

vulnerability	VCID-ud73-4t2c-n3at

vulnerability	VCID-vgq9-s6th-yufg

vulnerability	VCID-wa3g-27sx-mbcw

vulnerability	VCID-whgc-pt2s-77ar

vulnerability	VCID-xcmd-18ck-gqae

vulnerability	VCID-ynt9-h6ww-h7e9

vulnerability	VCID-yuda-1mur-8bbq

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.7

aliases CVE-2023-46695, GHSA-qmf9-6jqf-j8fq, PYSEC-2023-222

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-am3f-c5ex-8ff2

Fixing_vulnerabilities

url VCID-m33h-4p9q-63fb

vulnerability_id VCID-m33h-4p9q-63fb

summary In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43665.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43665.json

reference_url

https://docs.djangoproject.com/en/4.2/releases/security

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://docs.djangoproject.com/en/4.2/releases/security

reference_url	https://docs.djangoproject.com/en/4.2/releases/security/
reference_id
reference_type
scores
url	https://docs.djangoproject.com/en/4.2/releases/security/

reference_url

https://github.com/django/django

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django

reference_url

https://github.com/django/django/commit/be9c27c4d18c2e6a5be8af4e53c0797440794473

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/be9c27c4d18c2e6a5be8af4e53c0797440794473

reference_url

https://github.com/django/django/commit/c7b7024742250414e426ad49fb80db943e7ba4e8

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/c7b7024742250414e426ad49fb80db943e7ba4e8

reference_url

https://github.com/django/django/commit/ccdade1a0262537868d7ca64374de3d957ca50c5

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/ccdade1a0262537868d7ca64374de3d957ca50c5

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-226.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-226.yaml

reference_url

https://groups.google.com/forum/#%21forum/django-announce

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#%21forum/django-announce

reference_url

https://groups.google.com/forum/#!forum/django-announce

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#!forum/django-announce

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D

reference_url

https://security.netapp.com/advisory/ntap-20231221-0001

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20231221-0001

reference_url

https://www.djangoproject.com/weblog/2023/oct/04/security-releases

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.djangoproject.com/weblog/2023/oct/04/security-releases

reference_url	https://www.djangoproject.com/weblog/2023/oct/04/security-releases/
reference_id
reference_type
scores
url	https://www.djangoproject.com/weblog/2023/oct/04/security-releases/

reference_url

http://www.openwall.com/lists/oss-security/2024/03/04/1

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2024/03/04/1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053475
reference_id	1053475
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053475

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2241046
reference_id	2241046
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2241046

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-43665

reference_id

CVE-2023-43665

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-43665

reference_url	https://github.com/advisories/GHSA-h8gc-pgj2-vjm3
reference_id	GHSA-h8gc-pgj2-vjm3
reference_type
scores
url	https://github.com/advisories/GHSA-h8gc-pgj2-vjm3

reference_url	https://access.redhat.com/errata/RHSA-2023:6158
reference_id	RHSA-2023:6158
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6158

reference_url	https://access.redhat.com/errata/RHSA-2024:1878
reference_id	RHSA-2024:1878
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1878

fixed_packages

url pkg:pypi/django@3.2.22

purl pkg:pypi/django@3.2.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-am3f-c5ex-8ff2

vulnerability	VCID-fsaw-3ta1-x3dw

vulnerability	VCID-yuda-1mur-8bbq

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.22

url pkg:pypi/django@4.1.12

purl pkg:pypi/django@4.1.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-am3f-c5ex-8ff2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.12

url pkg:pypi/django@4.2.6

purl pkg:pypi/django@4.2.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2ft7-rbey-kuhx

vulnerability	VCID-4kcg-gx5y-cuaw

vulnerability	VCID-5xtt-au84-zbb2

vulnerability	VCID-7c5n-nzwk-v7bz

vulnerability	VCID-9gq3-whr8-s7b8

vulnerability	VCID-9kvc-1bdz-n3bd

vulnerability	VCID-am3f-c5ex-8ff2

vulnerability	VCID-bb8b-hq41-s7a6

vulnerability	VCID-e12b-tw2c-53c9

vulnerability	VCID-e8j6-mybr-17fh

vulnerability	VCID-fcg9-xypn-ykhf

vulnerability	VCID-fsaw-3ta1-x3dw

vulnerability	VCID-ga69-9y5g-77c3

vulnerability	VCID-ga7z-wj4j-63h1

vulnerability	VCID-hsjn-xnpp-5yeh

vulnerability	VCID-jgv9-vdbm-sycd

vulnerability	VCID-jybd-p65h-xffy

vulnerability	VCID-kxdd-yzp3-r7cb

vulnerability	VCID-pa7y-gpwp-6qgj

vulnerability	VCID-phkp-9abp-f3dq

vulnerability	VCID-qy1a-x3ff-4bc8

vulnerability	VCID-r1vx-vv7d-gqaj

vulnerability	VCID-rqqc-ta7c-ykgx

vulnerability	VCID-s1rj-1xbw-fbg5

vulnerability	VCID-shch-yusm-1uck

vulnerability	VCID-shjc-2j68-2yfy

vulnerability	VCID-tktt-vg92-6kae

vulnerability	VCID-tuqc-c251-h7ds

vulnerability	VCID-ud73-4t2c-n3at

vulnerability	VCID-vgq9-s6th-yufg

vulnerability	VCID-wa3g-27sx-mbcw

vulnerability	VCID-whgc-pt2s-77ar

vulnerability	VCID-xcmd-18ck-gqae

vulnerability	VCID-ynt9-h6ww-h7e9

vulnerability	VCID-yuda-1mur-8bbq

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.6

aliases CVE-2023-43665, GHSA-h8gc-pgj2-vjm3, PYSEC-2023-226

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m33h-4p9q-63fb

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.12

Package Instance