Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/django@5.0.10

Type pypi

Namespace

Name django

Version 5.0.10

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 5.0.14

Latest_non_vulnerable_version 6.0.5

Affected_by_vulnerabilities

url VCID-a3e2-se1v-2yb5

vulnerability_id VCID-a3e2-se1v-2yb5

summary An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.set_language are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27556.json

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27556.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27556

reference_id

reference_type

scores

value	0.00011
scoring_system	epss
scoring_elements	0.01482
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27556

reference_url

https://docs.djangoproject.com/en/dev/releases/security

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://docs.djangoproject.com/en/dev/releases/security

reference_url	https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url	https://docs.djangoproject.com/en/dev/releases/security/

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/django/django

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django

reference_url

https://github.com/django/django/commit/2cb311f7b069723027fb5def4044d1816d7d2afd

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/2cb311f7b069723027fb5def4044d1816d7d2afd

reference_url

https://github.com/django/django/commit/39e2297210d9d2938c75fc911d45f0e863dc4821

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/39e2297210d9d2938c75fc911d45f0e863dc4821

reference_url

https://github.com/django/django/commit/8c6871b097b6c49d2a782c0d80d908bcbe2116f1

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/8c6871b097b6c49d2a782c0d80d908bcbe2116f1

reference_url

https://github.com/django/django/commit/edc2716d01a6fdd84b173c02031695231bcee1f8

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/edc2716d01a6fdd84b173c02031695231bcee1f8

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-14.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-14.yaml

reference_url

https://groups.google.com/g/django-announce

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/django-announce

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-27556

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-27556

reference_url

https://www.djangoproject.com/weblog/2025/apr/02/security-releases

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.djangoproject.com/weblog/2025/apr/02/security-releases

reference_url	https://www.djangoproject.com/weblog/2025/apr/02/security-releases/
reference_id
reference_type
scores
url	https://www.djangoproject.com/weblog/2025/apr/02/security-releases/

reference_url

http://www.openwall.com/lists/oss-security/2025/04/02/2

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/04/02/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2356899
reference_id	2356899
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2356899

fixed_packages

url	pkg:pypi/django@5.0.14
purl	pkg:pypi/django@5.0.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.14

url pkg:pypi/django@5.1.8

purl pkg:pypi/django@5.1.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3d6k-rdsh-k7hm

vulnerability	VCID-7jbt-5zw2-vff2

vulnerability	VCID-9udu-eqvn-mqbj

vulnerability	VCID-ax7m-uv4s-zkc1

vulnerability	VCID-em3c-ceug-cubp

vulnerability	VCID-fbee-vj2y-cfeb

vulnerability	VCID-u15a-4ste-43cy

vulnerability	VCID-vpgq-jhzc-j7h2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.8

aliases BIT-django-2025-27556, CVE-2025-27556, GHSA-wqfg-m96j-85vm, PYSEC-2025-14

risk_score 2.6

exploitability 0.5

weighted_severity 5.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a3e2-se1v-2yb5

url VCID-chey-b3c1-pbe5

vulnerability_id VCID-chey-b3c1-pbe5

summary An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions clean_ipv6_address and is_valid_ipv6_address are vulnerable, as is the django.forms.GenericIPAddressField form field. (The django.db.models.GenericIPAddressField model field is not affected.)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56374.json

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56374.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-56374

reference_id

reference_type

scores

value	0.00084
scoring_system	epss
scoring_elements	0.24578
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-56374

reference_url

https://docs.djangoproject.com/en/dev/releases/security

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://docs.djangoproject.com/en/dev/releases/security

reference_url

https://docs.djangoproject.com/en/dev/releases/security/

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T19:40:35Z/

url

https://docs.djangoproject.com/en/dev/releases/security/

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/django/django

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django

reference_url

https://github.com/django/django/commit/4806731e58f3e8700a3c802e77899d54ac6021fe

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/4806731e58f3e8700a3c802e77899d54ac6021fe

reference_url

https://github.com/django/django/commit/ad866a1ca3e7d60da888d25d27e46a8adb2ed36e

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/ad866a1ca3e7d60da888d25d27e46a8adb2ed36e

reference_url

https://github.com/django/django/commit/ca2be7724e1244a4cb723de40a070f873c6e94bf

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/ca2be7724e1244a4cb723de40a070f873c6e94bf

reference_url

https://github.com/django/django/commit/e8d4a2005955dcf962193600b53bf461b190b455

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/e8d4a2005955dcf962193600b53bf461b190b455

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-1.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-1.yaml

reference_url

https://groups.google.com/g/django-announce

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T19:40:35Z/

url

https://groups.google.com/g/django-announce

reference_url

https://lists.debian.org/debian-lts-announce/2025/01/msg00024.html

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/01/msg00024.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-56374

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-56374

reference_url

https://www.djangoproject.com/weblog/2025/jan/14/security-releases

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.djangoproject.com/weblog/2025/jan/14/security-releases

reference_url

https://www.djangoproject.com/weblog/2025/jan/14/security-releases/

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T19:40:35Z/

url

https://www.djangoproject.com/weblog/2025/jan/14/security-releases/

reference_url

http://www.openwall.com/lists/oss-security/2025/01/14/2

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/01/14/2

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093049
reference_id	1093049
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093049

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2337996
reference_id	2337996
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2337996

reference_url	https://security.gentoo.org/glsa/202509-03
reference_id	GLSA-202509-03
reference_type
scores
url	https://security.gentoo.org/glsa/202509-03

reference_url	https://access.redhat.com/errata/RHSA-2025:0722
reference_id	RHSA-2025:0722
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0722

reference_url	https://access.redhat.com/errata/RHSA-2025:0777
reference_id	RHSA-2025:0777
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0777

reference_url	https://access.redhat.com/errata/RHSA-2025:0782
reference_id	RHSA-2025:0782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0782

reference_url	https://access.redhat.com/errata/RHSA-2025:2399
reference_id	RHSA-2025:2399
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2399

reference_url	https://access.redhat.com/errata/RHSA-2025:4576
reference_id	RHSA-2025:4576
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4576

reference_url	https://usn.ubuntu.com/7205-1/
reference_id	USN-7205-1
reference_type
scores
url	https://usn.ubuntu.com/7205-1/

reference_url	https://usn.ubuntu.com/7205-2/
reference_id	USN-7205-2
reference_type
scores
url	https://usn.ubuntu.com/7205-2/

fixed_packages

url pkg:pypi/django@5.0.11

purl pkg:pypi/django@5.0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a3e2-se1v-2yb5

vulnerability	VCID-nyc2-p1rp-xkb4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.11

url pkg:pypi/django@5.1.5

purl pkg:pypi/django@5.1.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3d6k-rdsh-k7hm

vulnerability	VCID-7jbt-5zw2-vff2

vulnerability	VCID-9udu-eqvn-mqbj

vulnerability	VCID-a3e2-se1v-2yb5

vulnerability	VCID-ax7m-uv4s-zkc1

vulnerability	VCID-em3c-ceug-cubp

vulnerability	VCID-fbee-vj2y-cfeb

vulnerability	VCID-nyc2-p1rp-xkb4

vulnerability	VCID-u15a-4ste-43cy

vulnerability	VCID-vpgq-jhzc-j7h2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.5

aliases BIT-django-2024-56374, CVE-2024-56374, GHSA-qcgg-j2x8-h9g8, PYSEC-2025-1

risk_score 2.6

exploitability 0.5

weighted_severity 5.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-chey-b3c1-pbe5

url VCID-nyc2-p1rp-xkb4

vulnerability_id VCID-nyc2-p1rp-xkb4

summary An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap() method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26699.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26699.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-26699

reference_id

reference_type

scores

value	0.00287
scoring_system	epss
scoring_elements	0.52366
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-26699

reference_url

https://docs.djangoproject.com/en/dev/releases/security

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://docs.djangoproject.com/en/dev/releases/security

reference_url	https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url	https://docs.djangoproject.com/en/dev/releases/security/

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/django/django

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-13.yaml

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-13.yaml

reference_url

https://groups.google.com/g/django-announce

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/django-announce

reference_url

https://lists.debian.org/debian-lts-announce/2025/03/msg00012.html

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/03/msg00012.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-26699

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-26699

reference_url

https://www.djangoproject.com/weblog/2025/mar/06/security-releases

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.djangoproject.com/weblog/2025/mar/06/security-releases

reference_url	https://www.djangoproject.com/weblog/2025/mar/06/security-releases/
reference_id
reference_type
scores
url	https://www.djangoproject.com/weblog/2025/mar/06/security-releases/

reference_url

http://www.openwall.com/lists/oss-security/2025/03/06/12

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/03/06/12

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099682
reference_id	1099682
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099682

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2348993
reference_id	2348993
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2348993

reference_url	https://security.gentoo.org/glsa/202509-03
reference_id	GLSA-202509-03
reference_type
scores
url	https://security.gentoo.org/glsa/202509-03

reference_url	https://access.redhat.com/errata/RHSA-2025:3160
reference_id	RHSA-2025:3160
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3160

reference_url	https://access.redhat.com/errata/RHSA-2025:3162
reference_id	RHSA-2025:3162
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3162

reference_url	https://access.redhat.com/errata/RHSA-2025:3709
reference_id	RHSA-2025:3709
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3709

reference_url	https://access.redhat.com/errata/RHSA-2025:4553
reference_id	RHSA-2025:4553
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4553

reference_url	https://access.redhat.com/errata/RHSA-2025:8609
reference_id	RHSA-2025:8609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8609

reference_url	https://usn.ubuntu.com/7335-1/
reference_id	USN-7335-1
reference_type
scores
url	https://usn.ubuntu.com/7335-1/

fixed_packages

url pkg:pypi/django@5.0.13

purl pkg:pypi/django@5.0.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a3e2-se1v-2yb5

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.13

url pkg:pypi/django@5.1.7

purl pkg:pypi/django@5.1.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3d6k-rdsh-k7hm

vulnerability	VCID-7jbt-5zw2-vff2

vulnerability	VCID-9udu-eqvn-mqbj

vulnerability	VCID-a3e2-se1v-2yb5

vulnerability	VCID-ax7m-uv4s-zkc1

vulnerability	VCID-em3c-ceug-cubp

vulnerability	VCID-fbee-vj2y-cfeb

vulnerability	VCID-u15a-4ste-43cy

vulnerability	VCID-vpgq-jhzc-j7h2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.7

aliases BIT-django-2025-26699, CVE-2025-26699, GHSA-p3fp-8748-vqfq, PYSEC-2025-13

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nyc2-p1rp-xkb4

Fixing_vulnerabilities

url VCID-1umb-2rxg-bbdk

vulnerability_id VCID-1umb-2rxg-bbdk

summary An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53907.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53907.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-53907

reference_id

reference_type

scores

value	0.01038
scoring_system	epss
scoring_elements	0.77711
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-53907

reference_url

https://docs.djangoproject.com/en/dev/releases/security

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://docs.djangoproject.com/en/dev/releases/security

reference_url

https://docs.djangoproject.com/en/dev/releases/security/

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T16:22:53Z/

url

https://docs.djangoproject.com/en/dev/releases/security/

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/django/django

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-156.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-156.yaml

reference_url

https://groups.google.com/g/django-announce

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T16:22:53Z/

url

https://groups.google.com/g/django-announce

reference_url

https://lists.debian.org/debian-lts-announce/2024/12/msg00028.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/12/msg00028.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-53907

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-53907

reference_url

https://www.djangoproject.com/weblog/2024/dec/04/security-releases

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.djangoproject.com/weblog/2024/dec/04/security-releases

reference_url

https://www.openwall.com/lists/oss-security/2024/12/04/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T16:22:53Z/

url

https://www.openwall.com/lists/oss-security/2024/12/04/3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2329288
reference_id	2329288
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2329288

reference_url	https://security.gentoo.org/glsa/202509-03
reference_id	GLSA-202509-03
reference_type
scores
url	https://security.gentoo.org/glsa/202509-03

reference_url	https://access.redhat.com/errata/RHSA-2024:11144
reference_id	RHSA-2024:11144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11144

reference_url	https://access.redhat.com/errata/RHSA-2024:11146
reference_id	RHSA-2024:11146
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11146

reference_url	https://access.redhat.com/errata/RHSA-2025:0340
reference_id	RHSA-2025:0340
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0340

reference_url	https://access.redhat.com/errata/RHSA-2025:0777
reference_id	RHSA-2025:0777
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0777

reference_url	https://usn.ubuntu.com/7136-1/
reference_id	USN-7136-1
reference_type
scores
url	https://usn.ubuntu.com/7136-1/

reference_url	https://usn.ubuntu.com/7136-2/
reference_id	USN-7136-2
reference_type
scores
url	https://usn.ubuntu.com/7136-2/

fixed_packages

url pkg:pypi/django@4.2.17

purl pkg:pypi/django@4.2.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-32d1-b8f2-hud5

vulnerability	VCID-3d6k-rdsh-k7hm

vulnerability	VCID-5fbx-3yfb-fudx

vulnerability	VCID-62jv-ab6d-sqdb

vulnerability	VCID-63c7-mkxw-ufav

vulnerability	VCID-7jbt-5zw2-vff2

vulnerability	VCID-92bp-6kte-tyfs

vulnerability	VCID-9udu-eqvn-mqbj

vulnerability	VCID-ax7m-uv4s-zkc1

vulnerability	VCID-cbsj-1qqg-1ba6

vulnerability	VCID-cg44-thdw-cygg

vulnerability	VCID-chey-b3c1-pbe5

vulnerability	VCID-em3c-ceug-cubp

vulnerability	VCID-enen-3w2h-g3b8

vulnerability	VCID-fbee-vj2y-cfeb

vulnerability	VCID-heum-8mwz-sbcw

vulnerability	VCID-j2uz-w2ur-7ud4

vulnerability	VCID-jma1-9ags-xbfm

vulnerability	VCID-nyc2-p1rp-xkb4

vulnerability	VCID-u15a-4ste-43cy

vulnerability	VCID-vpgq-jhzc-j7h2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.17

url pkg:pypi/django@5.0.10

purl pkg:pypi/django@5.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a3e2-se1v-2yb5

vulnerability	VCID-chey-b3c1-pbe5

vulnerability	VCID-nyc2-p1rp-xkb4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.10

url pkg:pypi/django@5.1.4

purl pkg:pypi/django@5.1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3d6k-rdsh-k7hm

vulnerability	VCID-7jbt-5zw2-vff2

vulnerability	VCID-9udu-eqvn-mqbj

vulnerability	VCID-a3e2-se1v-2yb5

vulnerability	VCID-ax7m-uv4s-zkc1

vulnerability	VCID-chey-b3c1-pbe5

vulnerability	VCID-em3c-ceug-cubp

vulnerability	VCID-fbee-vj2y-cfeb

vulnerability	VCID-nyc2-p1rp-xkb4

vulnerability	VCID-u15a-4ste-43cy

vulnerability	VCID-vpgq-jhzc-j7h2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.4

aliases BIT-django-2024-53907, CVE-2024-53907, GHSA-8498-2h75-472j, PYSEC-2024-156

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1umb-2rxg-bbdk

url VCID-4vry-9jdm-nyg9

vulnerability_id VCID-4vry-9jdm-nyg9

summary An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53908.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53908.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-53908

reference_id

reference_type

scores

value	0.00931
scoring_system	epss
scoring_elements	0.76454
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-53908

reference_url

https://docs.djangoproject.com/en/dev/releases/security

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://docs.djangoproject.com/en/dev/releases/security

reference_url

https://docs.djangoproject.com/en/dev/releases/security/

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-06T16:19:13Z/

url

https://docs.djangoproject.com/en/dev/releases/security/

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/django/django

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-157.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-157.yaml

reference_url

https://groups.google.com/g/django-announce

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-06T16:19:13Z/

url

https://groups.google.com/g/django-announce

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-53908

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-53908

reference_url

https://www.djangoproject.com/weblog/2024/dec/04/security-releases

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.djangoproject.com/weblog/2024/dec/04/security-releases

reference_url

https://www.openwall.com/lists/oss-security/2024/12/04/3

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	7.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-06T16:19:13Z/

url

https://www.openwall.com/lists/oss-security/2024/12/04/3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2329287
reference_id	2329287
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2329287

reference_url	https://security.gentoo.org/glsa/202509-03
reference_id	GLSA-202509-03
reference_type
scores
url	https://security.gentoo.org/glsa/202509-03

reference_url	https://access.redhat.com/errata/RHSA-2024:11144
reference_id	RHSA-2024:11144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11144

reference_url	https://access.redhat.com/errata/RHSA-2024:11146
reference_id	RHSA-2024:11146
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11146

reference_url	https://access.redhat.com/errata/RHSA-2025:0340
reference_id	RHSA-2025:0340
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0340

reference_url	https://access.redhat.com/errata/RHSA-2025:0721
reference_id	RHSA-2025:0721
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0721

reference_url	https://usn.ubuntu.com/7136-1/
reference_id	USN-7136-1
reference_type
scores
url	https://usn.ubuntu.com/7136-1/

fixed_packages

url pkg:pypi/django@4.2.17

purl pkg:pypi/django@4.2.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-32d1-b8f2-hud5

vulnerability	VCID-3d6k-rdsh-k7hm

vulnerability	VCID-5fbx-3yfb-fudx

vulnerability	VCID-62jv-ab6d-sqdb

vulnerability	VCID-63c7-mkxw-ufav

vulnerability	VCID-7jbt-5zw2-vff2

vulnerability	VCID-92bp-6kte-tyfs

vulnerability	VCID-9udu-eqvn-mqbj

vulnerability	VCID-ax7m-uv4s-zkc1

vulnerability	VCID-cbsj-1qqg-1ba6

vulnerability	VCID-cg44-thdw-cygg

vulnerability	VCID-chey-b3c1-pbe5

vulnerability	VCID-em3c-ceug-cubp

vulnerability	VCID-enen-3w2h-g3b8

vulnerability	VCID-fbee-vj2y-cfeb

vulnerability	VCID-heum-8mwz-sbcw

vulnerability	VCID-j2uz-w2ur-7ud4

vulnerability	VCID-jma1-9ags-xbfm

vulnerability	VCID-nyc2-p1rp-xkb4

vulnerability	VCID-u15a-4ste-43cy

vulnerability	VCID-vpgq-jhzc-j7h2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.17

url pkg:pypi/django@5.0.10

purl pkg:pypi/django@5.0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-a3e2-se1v-2yb5

vulnerability	VCID-chey-b3c1-pbe5

vulnerability	VCID-nyc2-p1rp-xkb4

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.10

url pkg:pypi/django@5.1.4

purl pkg:pypi/django@5.1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3d6k-rdsh-k7hm

vulnerability	VCID-7jbt-5zw2-vff2

vulnerability	VCID-9udu-eqvn-mqbj

vulnerability	VCID-a3e2-se1v-2yb5

vulnerability	VCID-ax7m-uv4s-zkc1

vulnerability	VCID-chey-b3c1-pbe5

vulnerability	VCID-em3c-ceug-cubp

vulnerability	VCID-fbee-vj2y-cfeb

vulnerability	VCID-nyc2-p1rp-xkb4

vulnerability	VCID-u15a-4ste-43cy

vulnerability	VCID-vpgq-jhzc-j7h2

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.4

aliases BIT-django-2024-53908, CVE-2024-53908, GHSA-m9g8-fxxm-xg86, PYSEC-2024-157

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4vry-9jdm-nyg9

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.10

Package Instance