Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django@0.91
Typepypi
Namespace
Namedjango
Version0.91
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.91.1
Latest_non_vulnerable_version6.0.5
Affected_by_vulnerabilities
0
url VCID-ukf6-xwqc-xkdc
vulnerability_id VCID-ukf6-xwqc-xkdc
summary Cross-site scripting (XSS) vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2302.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2302.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-2302
reference_id
reference_type
scores
0
value 0.00441
scoring_system epss
scoring_elements 0.6352
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-2302
2
reference_url http://secunia.com/advisories/30250
reference_id
reference_type
scores
url http://secunia.com/advisories/30250
3
reference_url http://secunia.com/advisories/30291
reference_id
reference_type
scores
url http://secunia.com/advisories/30291
4
reference_url http://securitytracker.com/id?1020028
reference_id
reference_type
scores
url http://securitytracker.com/id?1020028
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/42396
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/42396
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/50ce7fb57d79e8940ccf6e2781f2f01df029b5c5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/50ce7fb57d79e8940ccf6e2781f2f01df029b5c5
8
reference_url https://github.com/django/django/commit/6e657e2c404a96e744748209e896d8a69c15fdf2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6e657e2c404a96e744748209e896d8a69c15fdf2
9
reference_url https://github.com/django/django/commit/7791e5c050cebf86d868c5dab7092185b125fdc9
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/7791e5c050cebf86d868c5dab7092185b125fdc9
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2008-1.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2008-1.yaml
11
reference_url https://web.archive.org/web/20080725022008/http://secunia.com/advisories/30291
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20080725022008/http://secunia.com/advisories/30291
12
reference_url https://web.archive.org/web/20081012011038/http://secunia.com/advisories/30250
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20081012011038/http://secunia.com/advisories/30250
13
reference_url https://web.archive.org/web/20170222015451/http://securitytracker.com/id?1020028
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170222015451/http://securitytracker.com/id?1020028
14
reference_url https://web.archive.org/web/20200228153339/http://www.securityfocus.com/bid/29209
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228153339/http://www.securityfocus.com/bid/29209
15
reference_url http://www.djangoproject.com/weblog/2008/may/14/security
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.djangoproject.com/weblog/2008/may/14/security
16
reference_url http://www.djangoproject.com/weblog/2008/may/14/security/
reference_id
reference_type
scores
url http://www.djangoproject.com/weblog/2008/may/14/security/
17
reference_url http://www.securityfocus.com/bid/29209
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/29209
18
reference_url http://www.vupen.com/english/advisories/2008/1618
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/1618
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=446402
reference_id 446402
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=446402
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481164
reference_id 481164
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481164
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-2302
reference_id CVE-2008-2302
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2008-2302
22
reference_url https://github.com/advisories/GHSA-54qj-48vx-cr9f
reference_id GHSA-54qj-48vx-cr9f
reference_type
scores
url https://github.com/advisories/GHSA-54qj-48vx-cr9f
fixed_packages
0
url pkg:pypi/django@0.91.2
purl pkg:pypi/django@0.91.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@0.91.2
1
url pkg:pypi/django@0.95.3
purl pkg:pypi/django@0.95.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@0.95.3
2
url pkg:pypi/django@0.96.2
purl pkg:pypi/django@0.96.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@0.96.2
3
url pkg:pypi/django@1.1
purl pkg:pypi/django@1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18gm-v5zp-tqf9
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-38e1-hepp-vkg9
3
vulnerability VCID-3kza-a88p-kfg7
4
vulnerability VCID-3sg7-t77d-rkc6
5
vulnerability VCID-5brz-383w-pfbb
6
vulnerability VCID-5q58-pzt4-8uey
7
vulnerability VCID-5vmb-d4xp-zfgy
8
vulnerability VCID-66ax-8wdn-1bgb
9
vulnerability VCID-6wah-r8vr-5qc4
10
vulnerability VCID-7cnm-hzsf-tybp
11
vulnerability VCID-7g7m-bfe1-wkhd
12
vulnerability VCID-7rz2-nqdn-hycc
13
vulnerability VCID-8gus-er59-1qak
14
vulnerability VCID-8v2c-7739-2ugp
15
vulnerability VCID-912q-3eks-4yfm
16
vulnerability VCID-9bsf-vm3b-ubhw
17
vulnerability VCID-9mpt-zxaw-kkeg
18
vulnerability VCID-bahz-gfxv-e3b2
19
vulnerability VCID-dh12-js4b-h7fw
20
vulnerability VCID-ffsr-th58-p3ct
21
vulnerability VCID-jfya-694v-myar
22
vulnerability VCID-ksh8-pazn-dbca
23
vulnerability VCID-kuyz-3pxs-r7cv
24
vulnerability VCID-mccp-khb9-qkb7
25
vulnerability VCID-n6ps-f6s6-zkbj
26
vulnerability VCID-r2a9-kym9-zqgq
27
vulnerability VCID-r7tk-79xy-jkhj
28
vulnerability VCID-rq19-9v21-47dy
29
vulnerability VCID-rxxr-sseq-k7a9
30
vulnerability VCID-ta66-7qrm-sbhu
31
vulnerability VCID-u4a7-uvcb-9kf8
32
vulnerability VCID-u5u9-xbb6-93hc
33
vulnerability VCID-u6sd-648r-qbdb
34
vulnerability VCID-vdpf-jddk-syda
35
vulnerability VCID-vj5u-2ukv-audq
36
vulnerability VCID-weqb-fxu4-17e7
37
vulnerability VCID-xf2n-qua7-m7fb
38
vulnerability VCID-zd9y-sxbn-kqa3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.1
aliases CVE-2008-2302, GHSA-54qj-48vx-cr9f, PYSEC-2008-1
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ukf6-xwqc-xkdc
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django@0.91