Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django@0.96
Typepypi
Namespace
Namedjango
Version0.96
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.96.1
Latest_non_vulnerable_version6.0.5
Affected_by_vulnerabilities
0
url VCID-ukf6-xwqc-xkdc
vulnerability_id VCID-ukf6-xwqc-xkdc
summary Cross-site scripting (XSS) vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request.
references
0
reference_url http://secunia.com/advisories/30250
reference_id
reference_type
scores
url http://secunia.com/advisories/30250
1
reference_url http://secunia.com/advisories/30291
reference_id
reference_type
scores
url http://secunia.com/advisories/30291
2
reference_url http://securitytracker.com/id?1020028
reference_id
reference_type
scores
url http://securitytracker.com/id?1020028
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/42396
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/42396
4
reference_url https://github.com/django/django
reference_id
reference_type
scores
url https://github.com/django/django
5
reference_url https://github.com/django/django/commit/50ce7fb57d79e8940ccf6e2781f2f01df029b5c5
reference_id
reference_type
scores
url https://github.com/django/django/commit/50ce7fb57d79e8940ccf6e2781f2f01df029b5c5
6
reference_url https://github.com/django/django/commit/6e657e2c404a96e744748209e896d8a69c15fdf2
reference_id
reference_type
scores
url https://github.com/django/django/commit/6e657e2c404a96e744748209e896d8a69c15fdf2
7
reference_url https://github.com/django/django/commit/7791e5c050cebf86d868c5dab7092185b125fdc9
reference_id
reference_type
scores
url https://github.com/django/django/commit/7791e5c050cebf86d868c5dab7092185b125fdc9
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2008-1.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2008-1.yaml
9
reference_url https://web.archive.org/web/20080725022008/http://secunia.com/advisories/30291
reference_id
reference_type
scores
url https://web.archive.org/web/20080725022008/http://secunia.com/advisories/30291
10
reference_url https://web.archive.org/web/20081012011038/http://secunia.com/advisories/30250
reference_id
reference_type
scores
url https://web.archive.org/web/20081012011038/http://secunia.com/advisories/30250
11
reference_url https://web.archive.org/web/20170222015451/http://securitytracker.com/id?1020028
reference_id
reference_type
scores
url https://web.archive.org/web/20170222015451/http://securitytracker.com/id?1020028
12
reference_url https://web.archive.org/web/20200228153339/http://www.securityfocus.com/bid/29209
reference_id
reference_type
scores
url https://web.archive.org/web/20200228153339/http://www.securityfocus.com/bid/29209
13
reference_url http://www.djangoproject.com/weblog/2008/may/14/security/
reference_id
reference_type
scores
url http://www.djangoproject.com/weblog/2008/may/14/security/
14
reference_url http://www.securityfocus.com/bid/29209
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/29209
15
reference_url http://www.vupen.com/english/advisories/2008/1618
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/1618
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-2302
reference_id CVE-2008-2302
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2008-2302
17
reference_url https://github.com/advisories/GHSA-54qj-48vx-cr9f
reference_id GHSA-54qj-48vx-cr9f
reference_type
scores
url https://github.com/advisories/GHSA-54qj-48vx-cr9f
fixed_packages
0
url pkg:pypi/django@0.96.2
purl pkg:pypi/django@0.96.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@0.96.2
1
url pkg:pypi/django@1.1
purl pkg:pypi/django@1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18gm-v5zp-tqf9
1
vulnerability VCID-38e1-hepp-vkg9
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-3sg7-t77d-rkc6
4
vulnerability VCID-5brz-383w-pfbb
5
vulnerability VCID-5vmb-d4xp-zfgy
6
vulnerability VCID-66ax-8wdn-1bgb
7
vulnerability VCID-6wah-r8vr-5qc4
8
vulnerability VCID-7cnm-hzsf-tybp
9
vulnerability VCID-7g7m-bfe1-wkhd
10
vulnerability VCID-7rz2-nqdn-hycc
11
vulnerability VCID-8gus-er59-1qak
12
vulnerability VCID-8v2c-7739-2ugp
13
vulnerability VCID-912q-3eks-4yfm
14
vulnerability VCID-9bsf-vm3b-ubhw
15
vulnerability VCID-9mpt-zxaw-kkeg
16
vulnerability VCID-bahz-gfxv-e3b2
17
vulnerability VCID-dh12-js4b-h7fw
18
vulnerability VCID-ffsr-th58-p3ct
19
vulnerability VCID-jfya-694v-myar
20
vulnerability VCID-ksh8-pazn-dbca
21
vulnerability VCID-kuyz-3pxs-r7cv
22
vulnerability VCID-mccp-khb9-qkb7
23
vulnerability VCID-n6ps-f6s6-zkbj
24
vulnerability VCID-r2a9-kym9-zqgq
25
vulnerability VCID-r7tk-79xy-jkhj
26
vulnerability VCID-rq19-9v21-47dy
27
vulnerability VCID-rxxr-sseq-k7a9
28
vulnerability VCID-ta66-7qrm-sbhu
29
vulnerability VCID-u4a7-uvcb-9kf8
30
vulnerability VCID-u5u9-xbb6-93hc
31
vulnerability VCID-u6sd-648r-qbdb
32
vulnerability VCID-vdpf-jddk-syda
33
vulnerability VCID-vj5u-2ukv-audq
34
vulnerability VCID-weqb-fxu4-17e7
35
vulnerability VCID-xf2n-qua7-m7fb
36
vulnerability VCID-zd9y-sxbn-kqa3
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.1
aliases CVE-2008-2302, GHSA-54qj-48vx-cr9f, PYSEC-2008-1
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ukf6-xwqc-xkdc
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django@0.96