Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django@0.96
Typepypi
Namespace
Namedjango
Version0.96
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.2.29
Latest_non_vulnerable_version6.0.4
Affected_by_vulnerabilities
0
url VCID-v466-zd6u-dqce
vulnerability_id VCID-v466-zd6u-dqce
summary Cross-site scripting (XSS) vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2302.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2302.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-2302
reference_id
reference_type
scores
0
value 0.00441
scoring_system epss
scoring_elements 0.63241
published_at 2026-04-09T12:55:00Z
1
value 0.00441
scoring_system epss
scoring_elements 0.63116
published_at 2026-04-01T12:55:00Z
2
value 0.00441
scoring_system epss
scoring_elements 0.63176
published_at 2026-04-02T12:55:00Z
3
value 0.00441
scoring_system epss
scoring_elements 0.6325
published_at 2026-04-18T12:55:00Z
4
value 0.00441
scoring_system epss
scoring_elements 0.63207
published_at 2026-04-13T12:55:00Z
5
value 0.00441
scoring_system epss
scoring_elements 0.63243
published_at 2026-04-16T12:55:00Z
6
value 0.00441
scoring_system epss
scoring_elements 0.63206
published_at 2026-04-04T12:55:00Z
7
value 0.00441
scoring_system epss
scoring_elements 0.63171
published_at 2026-04-07T12:55:00Z
8
value 0.00441
scoring_system epss
scoring_elements 0.63259
published_at 2026-04-11T12:55:00Z
9
value 0.00441
scoring_system epss
scoring_elements 0.63223
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-2302
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2302
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2302
3
reference_url http://secunia.com/advisories/30250
reference_id
reference_type
scores
url http://secunia.com/advisories/30250
4
reference_url http://secunia.com/advisories/30291
reference_id
reference_type
scores
url http://secunia.com/advisories/30291
5
reference_url http://securitytracker.com/id?1020028
reference_id
reference_type
scores
url http://securitytracker.com/id?1020028
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/42396
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/42396
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/50ce7fb57d79e8940ccf6e2781f2f01df029b5c5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/50ce7fb57d79e8940ccf6e2781f2f01df029b5c5
9
reference_url https://github.com/django/django/commit/6e657e2c404a96e744748209e896d8a69c15fdf2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6e657e2c404a96e744748209e896d8a69c15fdf2
10
reference_url https://github.com/django/django/commit/7791e5c050cebf86d868c5dab7092185b125fdc9
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/7791e5c050cebf86d868c5dab7092185b125fdc9
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2008-1.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2008-1.yaml
12
reference_url https://web.archive.org/web/20080725022008/http://secunia.com/advisories/30291
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20080725022008/http://secunia.com/advisories/30291
13
reference_url https://web.archive.org/web/20081012011038/http://secunia.com/advisories/30250
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20081012011038/http://secunia.com/advisories/30250
14
reference_url https://web.archive.org/web/20170222015451/http://securitytracker.com/id?1020028
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170222015451/http://securitytracker.com/id?1020028
15
reference_url https://web.archive.org/web/20200228153339/http://www.securityfocus.com/bid/29209
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228153339/http://www.securityfocus.com/bid/29209
16
reference_url http://www.djangoproject.com/weblog/2008/may/14/security
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.djangoproject.com/weblog/2008/may/14/security
17
reference_url http://www.djangoproject.com/weblog/2008/may/14/security/
reference_id
reference_type
scores
url http://www.djangoproject.com/weblog/2008/may/14/security/
18
reference_url http://www.securityfocus.com/bid/29209
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/29209
19
reference_url http://www.vupen.com/english/advisories/2008/1618
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/1618
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=446402
reference_id 446402
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=446402
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481164
reference_id 481164
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481164
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-2302
reference_id CVE-2008-2302
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-2302
23
reference_url https://github.com/advisories/GHSA-54qj-48vx-cr9f
reference_id GHSA-54qj-48vx-cr9f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-54qj-48vx-cr9f
fixed_packages
0
url pkg:pypi/django@0.96.2
purl pkg:pypi/django@0.96.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@0.96.2
1
url pkg:pypi/django@1.1
purl pkg:pypi/django@1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1pvd-3217-6ygv
1
vulnerability VCID-2dhb-9yue-33h7
2
vulnerability VCID-2m9f-3cgw-ekdr
3
vulnerability VCID-325d-7dfk-sqd2
4
vulnerability VCID-42cm-j2av-87ea
5
vulnerability VCID-47er-pm3z-qfh3
6
vulnerability VCID-5g4y-1qmy-27bd
7
vulnerability VCID-6gss-ppm5-3yc9
8
vulnerability VCID-7bu3-ckpj-gbf8
9
vulnerability VCID-84mm-45p6-xkau
10
vulnerability VCID-896g-hqec-ryb9
11
vulnerability VCID-8jaq-53td-wbeg
12
vulnerability VCID-8teq-9xr9-q3fg
13
vulnerability VCID-9uzd-mmyv-mfh4
14
vulnerability VCID-a6d1-p4q6-fyav
15
vulnerability VCID-a715-2qks-wyhn
16
vulnerability VCID-bgmv-mf3x-bkew
17
vulnerability VCID-br5x-v7md-47hp
18
vulnerability VCID-c1n5-4ars-u7ff
19
vulnerability VCID-czkz-mcv8-mqfc
20
vulnerability VCID-e2jd-yd4j-kqgt
21
vulnerability VCID-eker-m822-cuax
22
vulnerability VCID-fw2d-s2rt-syfz
23
vulnerability VCID-g56k-prrj-aqb1
24
vulnerability VCID-hugz-zq5c-pugn
25
vulnerability VCID-jc9f-vgy8-ruan
26
vulnerability VCID-jumh-hkhx-7qc9
27
vulnerability VCID-k6s1-gnmc-e3ed
28
vulnerability VCID-mm3u-a8ar-b3hp
29
vulnerability VCID-p1dq-27t5-e7b3
30
vulnerability VCID-pv1d-wrex-hbgy
31
vulnerability VCID-qm34-ec8s-tfd7
32
vulnerability VCID-qzba-9xmg-3qer
33
vulnerability VCID-sbr6-pybe-dubq
34
vulnerability VCID-spwd-dz6f-5fh9
35
vulnerability VCID-t8ec-st1v-s3e5
36
vulnerability VCID-ttm3-5a6e-wfa1
37
vulnerability VCID-ukxp-wqpr-t3by
38
vulnerability VCID-ura5-t7s9-8fck
39
vulnerability VCID-w2dv-u8h6-sbgs
40
vulnerability VCID-w4pr-k5nj-ckgy
41
vulnerability VCID-x4ev-6zjm-sbe4
42
vulnerability VCID-x516-xwze-6ba3
43
vulnerability VCID-xtqq-9751-r3dq
44
vulnerability VCID-yemh-qd63-wuca
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.1
aliases CVE-2008-2302, GHSA-54qj-48vx-cr9f, PYSEC-2008-1
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v466-zd6u-dqce
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django@0.96