Django REST framework
Api Root
Package List
Package Instance
Format
json
api
admin
Package Instance
Lookup for vulnerable packages by Package URL.
Purl
pkg:pypi/django@2.1.6
Type
pypi
Namespace
Name
django
Version
2.1.6
Qualifiers
Subpath
Is_vulnerable
false
Next_non_vulnerable_version
2.2.28
Latest_non_vulnerable_version
6.0.5
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url
VCID-t952-ghnf-jkby
vulnerability_id
VCID-t952-ghnf-jkby
summary
Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.
references
0
reference_url
https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
url
https://docs.djangoproject.com/en/dev/releases/security
1
reference_url
https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url
https://docs.djangoproject.com/en/dev/releases/security/
2
reference_url
https://github.com/advisories/GHSA-wh4h-v3f2-r2pp
reference_id
reference_type
scores
url
https://github.com/advisories/GHSA-wh4h-v3f2-r2pp
3
reference_url
https://github.com/django/django
reference_id
reference_type
scores
url
https://github.com/django/django
4
reference_url
https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227
reference_id
reference_type
scores
url
https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227
5
reference_url
https://github.com/django/django/commit/1f42f82566c9d2d73aff1c42790d6b1b243f7676
reference_id
reference_type
scores
url
https://github.com/django/django/commit/1f42f82566c9d2d73aff1c42790d6b1b243f7676
6
reference_url
https://github.com/django/django/commit/40cd19055773705301c3428ed5e08a036d2091f3
reference_id
reference_type
scores
url
https://github.com/django/django/commit/40cd19055773705301c3428ed5e08a036d2091f3
7
reference_url
https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-18.yaml
reference_id
reference_type
scores
url
https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-18.yaml
8
reference_url
https://groups.google.com/forum/#!topic/django-announce/WTwEAprR0IQ
reference_id
reference_type
scores
url
https://groups.google.com/forum/#!topic/django-announce/WTwEAprR0IQ
9
reference_url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU
reference_id
reference_type
scores
url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU
10
reference_url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU/
reference_id
reference_type
scores
url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU/
11
reference_url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ
reference_id
reference_type
scores
url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ
12
reference_url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/
reference_id
reference_type
scores
url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/
13
reference_url
https://seclists.org/bugtraq/2019/Jul/10
reference_id
reference_type
scores
url
https://seclists.org/bugtraq/2019/Jul/10
14
reference_url
https://usn.ubuntu.com/3890-1
reference_id
reference_type
scores
url
https://usn.ubuntu.com/3890-1
15
reference_url
https://usn.ubuntu.com/3890-1/
reference_id
reference_type
scores
url
https://usn.ubuntu.com/3890-1/
16
reference_url
https://web.archive.org/web/20200227084713/http://www.securityfocus.com/bid/106964
reference_id
reference_type
scores
url
https://web.archive.org/web/20200227084713/http://www.securityfocus.com/bid/106964
17
reference_url
https://www.debian.org/security/2019/dsa-4476
reference_id
reference_type
scores
url
https://www.debian.org/security/2019/dsa-4476
18
reference_url
https://www.djangoproject.com/weblog/2019/feb/11/security-releases
reference_id
reference_type
scores
url
https://www.djangoproject.com/weblog/2019/feb/11/security-releases
19
reference_url
https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
reference_id
reference_type
scores
url
https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
20
reference_url
https://www.openwall.com/lists/oss-security/2019/02/11/1
reference_id
reference_type
scores
url
https://www.openwall.com/lists/oss-security/2019/02/11/1
21
reference_url
http://www.securityfocus.com/bid/106964
reference_id
reference_type
scores
url
http://www.securityfocus.com/bid/106964
22
reference_url
https://nvd.nist.gov/vuln/detail/CVE-2019-6975
reference_id
CVE-2019-6975
reference_type
scores
url
https://nvd.nist.gov/vuln/detail/CVE-2019-6975
fixed_packages
0
url
pkg:pypi/django@1.11.19
purl
pkg:pypi/django@1.11.19
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.19
1
url
pkg:pypi/django@2.0.11
purl
pkg:pypi/django@2.0.11
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.11
2
url
pkg:pypi/django@2.0.12
purl
pkg:pypi/django@2.0.12
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-9mpt-zxaw-kkeg
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.12
3
url
pkg:pypi/django@2.1.6
purl
pkg:pypi/django@2.1.6
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.6
4
url
pkg:pypi/django@2.1.7
purl
pkg:pypi/django@2.1.7
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-3mfy-uj9u-d7de
1
vulnerability
VCID-9mpt-zxaw-kkeg
2
vulnerability
VCID-c3m7-fu62-2qd9
3
vulnerability
VCID-g44a-m54u-97cr
4
vulnerability
VCID-gfar-wbzc-3ubr
5
vulnerability
VCID-kbab-v2gz-dfe6
6
vulnerability
VCID-pgtx-cdua-kfb4
7
vulnerability
VCID-yreb-z7nz-jkbs
resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.7
aliases
CVE-2019-6975, GHSA-wh4h-v3f2-r2pp, PYSEC-2019-18
risk_score
null
exploitability
null
weighted_severity
null
resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-t952-ghnf-jkby
Risk_score
null
Resource_url
http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.6
×
Create
None
×
Edit
None