Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/45495?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/45495?format=api", "purl": "pkg:pypi/django@5.1.15", "type": "pypi", "namespace": "", "name": "django", "version": "5.1.15", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "5.2.14", "latest_non_vulnerable_version": "6.0.5", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9487?format=api", "vulnerability_id": "VCID-3d6k-rdsh-k7hm", "summary": "An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27.\n`FilteredRelation` is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the `**kwargs` passed to `QuerySet.annotate()` or `QuerySet.alias()` on PostgreSQL.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank Stackered for reporting this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13372.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13372.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13372", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00331", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13372" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.djangoproject.com/en/dev/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T15:43:29Z/" } ], "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/django/django", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django" }, { "reference_url": "https://github.com/django/django/commit/479415ce5249bcdebeb6570c72df2a87f45a7bbf", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/479415ce5249bcdebeb6570c72df2a87f45a7bbf" }, { "reference_url": "https://github.com/django/django/commit/56aea00c3c5e1aacf4ed05f8ee06c2e78f02cea0", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/56aea00c3c5e1aacf4ed05f8ee06c2e78f02cea0" }, { "reference_url": "https://github.com/django/django/commit/5b90ca1e7591fa36fccf2d6dad67cf1477e6293e", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/5b90ca1e7591fa36fccf2d6dad67cf1477e6293e" }, { "reference_url": "https://github.com/django/django/commit/9c6a5bde24240382807d13bc3748d08444709355", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/9c6a5bde24240382807d13bc3748d08444709355" }, { "reference_url": "https://github.com/django/django/commit/f997037b235f6b5c9e7c4a501491ec45f3400f3d", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/f997037b235f6b5c9e7c4a501491ec45f3400f3d" }, { "reference_url": "https://groups.google.com/g/django-announce", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T15:43:29Z/" } ], "url": "https://groups.google.com/g/django-announce" }, { "reference_url": "https://www.djangoproject.com/weblog/2025/dec/02/security-releases", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.djangoproject.com/weblog/2025/dec/02/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2025/dec/02/security-releases/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T15:43:29Z/" } ], "url": "https://www.djangoproject.com/weblog/2025/dec/02/security-releases/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121788", "reference_id": "1121788", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121788" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418372", "reference_id": "2418372", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418372" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13372", "reference_id": "CVE-2025-13372", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13372" }, { "reference_url": "https://github.com/advisories/GHSA-rqw2-ghq9-44m7", "reference_id": "GHSA-rqw2-ghq9-44m7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rqw2-ghq9-44m7" }, { "reference_url": "https://usn.ubuntu.com/7903-1/", "reference_id": "USN-7903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/45494?format=api", "purl": "pkg:pypi/django@4.2.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32d1-b8f2-hud5" }, { "vulnerability": "VCID-5fbx-3yfb-fudx" }, { "vulnerability": "VCID-62jv-ab6d-sqdb" }, { "vulnerability": "VCID-63c7-mkxw-ufav" }, { "vulnerability": "VCID-92bp-6kte-tyfs" }, { "vulnerability": "VCID-cbsj-1qqg-1ba6" }, { "vulnerability": "VCID-cg44-thdw-cygg" }, { "vulnerability": "VCID-enen-3w2h-g3b8" }, { "vulnerability": "VCID-heum-8mwz-sbcw" }, { "vulnerability": "VCID-j2uz-w2ur-7ud4" }, { "vulnerability": "VCID-jma1-9ags-xbfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/45495?format=api", "purl": "pkg:pypi/django@5.1.15", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/45496?format=api", "purl": "pkg:pypi/django@5.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32d1-b8f2-hud5" }, { "vulnerability": "VCID-3ccr-92q5-aqfk" }, { "vulnerability": "VCID-5fbx-3yfb-fudx" }, { "vulnerability": "VCID-62jv-ab6d-sqdb" }, { "vulnerability": "VCID-63c7-mkxw-ufav" }, { "vulnerability": "VCID-92bp-6kte-tyfs" }, { "vulnerability": "VCID-92z2-3rbz-77h9" }, { "vulnerability": "VCID-cbsj-1qqg-1ba6" }, { "vulnerability": "VCID-cg44-thdw-cygg" }, { "vulnerability": "VCID-enen-3w2h-g3b8" }, { "vulnerability": "VCID-g22z-jue5-8udz" }, { "vulnerability": "VCID-heum-8mwz-sbcw" }, { "vulnerability": "VCID-j2uz-w2ur-7ud4" }, { "vulnerability": "VCID-jma1-9ags-xbfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.9" } ], "aliases": [ "BIT-django-2025-13372", "CVE-2025-13372", "GHSA-rqw2-ghq9-44m7", "PYSEC-2025-104" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3d6k-rdsh-k7hm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9488?format=api", "vulnerability_id": "VCID-7jbt-5zw2-vff2", "summary": "An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27.\nAlgorithmic complexity in `django.core.serializers.xml_serializer.getInnerText()` allows a remote attacker to cause a potential denial-of-service attack triggering CPU and memory exhaustion via specially crafted XML input processed by the XML `Deserializer`.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank Seokchan Yoon for reporting this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64460.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64460.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64460", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20956", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-64460" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.djangoproject.com/en/dev/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:53:53Z/" } ], "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/django/django", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django" }, { "reference_url": "https://github.com/django/django/commit/0db9ea4669312f1f4973e09f4bca06ab9c1ec74b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/0db9ea4669312f1f4973e09f4bca06ab9c1ec74b" }, { "reference_url": "https://github.com/django/django/commit/1dbd07a608e495a0c229edaaf84d58d8976313b5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/1dbd07a608e495a0c229edaaf84d58d8976313b5" }, { "reference_url": "https://github.com/django/django/commit/4d2b8803bebcdefd2b76e9e8fc528d5fddea93f0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/4d2b8803bebcdefd2b76e9e8fc528d5fddea93f0" }, { "reference_url": "https://github.com/django/django/commit/99e7d22f55497278d0bcb2e15e72ef532e62a31d", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/django/django/commit/99e7d22f55497278d0bcb2e15e72ef532e62a31d" }, { "reference_url": "https://groups.google.com/g/django-announce", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:53:53Z/" } ], "url": "https://groups.google.com/g/django-announce" }, { "reference_url": "https://www.djangoproject.com/weblog/2025/dec/02/security-releases", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.djangoproject.com/weblog/2025/dec/02/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2025/dec/02/security-releases/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:53:53Z/" } ], "url": "https://www.djangoproject.com/weblog/2025/dec/02/security-releases/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121788", "reference_id": "1121788", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121788" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418366", "reference_id": "2418366", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418366" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64460", "reference_id": "CVE-2025-64460", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64460" }, { "reference_url": "https://github.com/advisories/GHSA-vrcr-9hj9-jcg6", "reference_id": "GHSA-vrcr-9hj9-jcg6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vrcr-9hj9-jcg6" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0414", "reference_id": "RHSA-2026:0414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1249", "reference_id": "RHSA-2026:1249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1497", "reference_id": "RHSA-2026:1497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1506", "reference_id": "RHSA-2026:1506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1599", "reference_id": "RHSA-2026:1599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1609", "reference_id": "RHSA-2026:1609", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1609" }, { "reference_url": "https://usn.ubuntu.com/7903-1/", "reference_id": "USN-7903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/45494?format=api", "purl": "pkg:pypi/django@4.2.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32d1-b8f2-hud5" }, { "vulnerability": "VCID-5fbx-3yfb-fudx" }, { "vulnerability": "VCID-62jv-ab6d-sqdb" }, { "vulnerability": "VCID-63c7-mkxw-ufav" }, { "vulnerability": "VCID-92bp-6kte-tyfs" }, { "vulnerability": "VCID-cbsj-1qqg-1ba6" }, { "vulnerability": "VCID-cg44-thdw-cygg" }, { "vulnerability": "VCID-enen-3w2h-g3b8" }, { "vulnerability": "VCID-heum-8mwz-sbcw" }, { "vulnerability": "VCID-j2uz-w2ur-7ud4" }, { "vulnerability": "VCID-jma1-9ags-xbfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/45495?format=api", "purl": "pkg:pypi/django@5.1.15", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/45496?format=api", "purl": "pkg:pypi/django@5.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-32d1-b8f2-hud5" }, { "vulnerability": "VCID-3ccr-92q5-aqfk" }, { "vulnerability": "VCID-5fbx-3yfb-fudx" }, { "vulnerability": "VCID-62jv-ab6d-sqdb" }, { "vulnerability": "VCID-63c7-mkxw-ufav" }, { "vulnerability": "VCID-92bp-6kte-tyfs" }, { "vulnerability": "VCID-92z2-3rbz-77h9" }, { "vulnerability": "VCID-cbsj-1qqg-1ba6" }, { "vulnerability": "VCID-cg44-thdw-cygg" }, { "vulnerability": "VCID-enen-3w2h-g3b8" }, { "vulnerability": "VCID-g22z-jue5-8udz" }, { "vulnerability": "VCID-heum-8mwz-sbcw" }, { "vulnerability": "VCID-j2uz-w2ur-7ud4" }, { "vulnerability": "VCID-jma1-9ags-xbfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.9" } ], "aliases": [ "BIT-django-2025-64460", "CVE-2025-64460", "GHSA-vrcr-9hj9-jcg6", "PYSEC-2025-109" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7jbt-5zw2-vff2" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.15" }