Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/python-django@2:2.2.28-1~deb11u2

Type deb

Namespace debian

Name python-django

Version 2:2.2.28-1~deb11u2

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2:2.2.28-1~deb11u2

Latest_non_vulnerable_version 2:2.2.28-1~deb11u2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-vdpf-jddk-syda

vulnerability_id VCID-vdpf-jddk-syda

summary insufficient validation

references

reference_url	http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844

reference_url	https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url	https://docs.djangoproject.com/en/dev/releases/security/

reference_url	https://github.com/advisories/GHSA-vfq6-hq5r-27r6
reference_id
reference_type
scores
url	https://github.com/advisories/GHSA-vfq6-hq5r-27r6

reference_url	https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
reference_id
reference_type
scores
url	https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/

reference_url	https://seclists.org/bugtraq/2020/Jan/9
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2020/Jan/9

reference_url	https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/202004-17

reference_url	https://security.netapp.com/advisory/ntap-20200110-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200110-0003/

reference_url	https://usn.ubuntu.com/4224-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/4224-1/

reference_url	https://www.debian.org/security/2020/dsa-4598
reference_id
reference_type
scores
url	https://www.debian.org/security/2020/dsa-4598

reference_url	https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
reference_id
reference_type
scores
url	https://www.djangoproject.com/weblog/2019/dec/18/security-releases/

reference_url

https://security.archlinux.org/AVG-1080

reference_id

AVG-1080

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1080

fixed_packages

url pkg:deb/debian/python-django@1:1.10.7-2%2Bdeb9u9

purl pkg:deb/debian/python-django@1:1.10.7-2%2Bdeb9u9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mfy-uj9u-d7de

vulnerability	VCID-9kvc-1bdz-n3bd

vulnerability	VCID-vdpf-jddk-syda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@1:1.10.7-2%252Bdeb9u9

url pkg:deb/debian/python-django@1:1.11.29-1~deb10u1

purl pkg:deb/debian/python-django@1:1.11.29-1~deb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-vdpf-jddk-syda

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@1:1.11.29-1~deb10u1

url	pkg:deb/debian/python-django@2:2.2.28-1~deb11u2
purl	pkg:deb/debian/python-django@2:2.2.28-1~deb11u2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2

aliases CVE-2019-19844, GHSA-vfq6-hq5r-27r6, PYSEC-2019-16

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vdpf-jddk-syda

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2

Package Instance