VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/7844?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/7844?format=api",
    "purl": "pkg:pypi/django@1.9a1",
    "type": "pypi",
    "namespace": "",
    "name": "django",
    "version": "1.9a1",
    "qualifiers": {},
    "subpath": "",
    "is_vulnerable": true,
    "next_non_vulnerable_version": "1.11.19",
    "latest_non_vulnerable_version": "6.0.5",
    "affected_by_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7344?format=api",
            "vulnerability_id": "VCID-6p2m-vyft-xfe8",
            "summary": "The get_format function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2 might allow remote attackers to obtain sensitive application secrets via a settings key in place of a date/time format setting, as demonstrated by SECRET_KEY.",
            "references": [
                {
                    "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173375.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173375.html"
                },
                {
                    "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174770.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174770.html"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00014.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00014.html"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00017.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00017.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0129.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-0129.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0156.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-0156.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0157.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-0157.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0158.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-0158.html"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8213",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.03006",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86816",
                            "published_at": "2026-05-30T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8213"
                },
                {
                    "reference_url": "https://github.com/django/django",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django"
                },
                {
                    "reference_url": "https://github.com/django/django/commit/316bc3fc9437c5960c24baceb93c73f1939711e4",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django/commit/316bc3fc9437c5960c24baceb93c73f1939711e4"
                },
                {
                    "reference_url": "https://github.com/django/django/commit/3ebbda0aef9e7a90ac6208bb8f9bc21228e2c7da",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django/commit/3ebbda0aef9e7a90ac6208bb8f9bc21228e2c7da"
                },
                {
                    "reference_url": "https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172"
                },
                {
                    "reference_url": "https://github.com/django/django/commit/9f83fc2f66f5a0bac7c291aec55df66050bb6991",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django/commit/9f83fc2f66f5a0bac7c291aec55df66050bb6991"
                },
                {
                    "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-11.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-11.yaml"
                },
                {
                    "reference_url": "https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued"
                },
                {
                    "reference_url": "https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/"
                },
                {
                    "reference_url": "http://www.debian.org/security/2015/dsa-3404",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2015/dsa-3404"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/77750",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/77750"
                },
                {
                    "reference_url": "http://www.securitytracker.com/id/1034237",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securitytracker.com/id/1034237"
                },
                {
                    "reference_url": "http://www.ubuntu.com/usn/USN-2816-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ubuntu.com/usn/USN-2816-1"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8213",
                    "reference_id": "CVE-2015-8213",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8213"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-6wcr-wcqm-3mfh",
                    "reference_id": "GHSA-6wcr-wcqm-3mfh",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/advisories/GHSA-6wcr-wcqm-3mfh"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/7849?format=api",
                    "purl": "pkg:pypi/django@1.9rc2",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-fynq-usj6-rfd3"
                        },
                        {
                            "vulnerability": "VCID-hzcv-euwq-eqeg"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9rc2"
                }
            ],
            "aliases": [
                "CVE-2015-8213",
                "GHSA-6wcr-wcqm-3mfh",
                "PYSEC-2015-11"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6p2m-vyft-xfe8"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4216?format=api",
            "vulnerability_id": "VCID-fynq-usj6-rfd3",
            "summary": "insufficient validation",
            "references": [
                {
                    "reference_url": "http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19844",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.13973",
                            "scoring_system": "epss",
                            "scoring_elements": "0.94448",
                            "published_at": "2026-05-30T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19844"
                },
                {
                    "reference_url": "https://docs.djangoproject.com/en/dev/releases/security",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://docs.djangoproject.com/en/dev/releases/security"
                },
                {
                    "reference_url": "https://docs.djangoproject.com/en/dev/releases/security/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://docs.djangoproject.com/en/dev/releases/security/"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-vfq6-hq5r-27r6",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "CRITICAL",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-vfq6-hq5r-27r6"
                },
                {
                    "reference_url": "https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26"
                },
                {
                    "reference_url": "https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e"
                },
                {
                    "reference_url": "https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70"
                },
                {
                    "reference_url": "https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2"
                },
                {
                    "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml"
                },
                {
                    "reference_url": "https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/"
                },
                {
                    "reference_url": "https://seclists.org/bugtraq/2020/Jan/9",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://seclists.org/bugtraq/2020/Jan/9"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/202004-17",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/202004-17"
                },
                {
                    "reference_url": "https://security.netapp.com/advisory/ntap-20200110-0003",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.netapp.com/advisory/ntap-20200110-0003"
                },
                {
                    "reference_url": "https://security.netapp.com/advisory/ntap-20200110-0003/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.netapp.com/advisory/ntap-20200110-0003/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/4224-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/4224-1"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/4224-1/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/4224-1/"
                },
                {
                    "reference_url": "https://www.debian.org/security/2020/dsa-4598",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.debian.org/security/2020/dsa-4598"
                },
                {
                    "reference_url": "https://www.djangoproject.com/weblog/2019/dec/18/security-releases",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.djangoproject.com/weblog/2019/dec/18/security-releases"
                },
                {
                    "reference_url": "https://www.djangoproject.com/weblog/2019/dec/18/security-releases/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.djangoproject.com/weblog/2019/dec/18/security-releases/"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-1080",
                    "reference_id": "AVG-1080",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-1080"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19844",
                    "reference_id": "CVE-2019-19844",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19844"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/13511?format=api",
                    "purl": "pkg:pypi/django@1.11.27",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-2bh9-k4at-r7hz"
                        },
                        {
                            "vulnerability": "VCID-7b47-vsfh-y3gh"
                        },
                        {
                            "vulnerability": "VCID-hzcv-euwq-eqeg"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.27"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/13512?format=api",
                    "purl": "pkg:pypi/django@2.2.9",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-2bh9-k4at-r7hz"
                        },
                        {
                            "vulnerability": "VCID-2f2p-wfbs-73hz"
                        },
                        {
                            "vulnerability": "VCID-5a2y-2m62-1qfa"
                        },
                        {
                            "vulnerability": "VCID-7b47-vsfh-y3gh"
                        },
                        {
                            "vulnerability": "VCID-81q1-gytk-2uaq"
                        },
                        {
                            "vulnerability": "VCID-9hp4-hn21-zkg8"
                        },
                        {
                            "vulnerability": "VCID-b81v-3drw-xudf"
                        },
                        {
                            "vulnerability": "VCID-bbxx-48nj-pqcd"
                        },
                        {
                            "vulnerability": "VCID-dcv2-gx5a-pfe2"
                        },
                        {
                            "vulnerability": "VCID-dqkn-1888-y3er"
                        },
                        {
                            "vulnerability": "VCID-fc6y-y2b1-v3d5"
                        },
                        {
                            "vulnerability": "VCID-gxju-xjh2-z7bn"
                        },
                        {
                            "vulnerability": "VCID-hzcv-euwq-eqeg"
                        },
                        {
                            "vulnerability": "VCID-jzbk-uswz-8ucg"
                        },
                        {
                            "vulnerability": "VCID-nxbs-37dx-rbbh"
                        },
                        {
                            "vulnerability": "VCID-punr-dfy5-v3g1"
                        },
                        {
                            "vulnerability": "VCID-u53d-8afk-c3gq"
                        },
                        {
                            "vulnerability": "VCID-vyzr-dkz3-vfg6"
                        },
                        {
                            "vulnerability": "VCID-xb3c-6rew-z3ba"
                        },
                        {
                            "vulnerability": "VCID-xu9t-qtjz-bud8"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/13753?format=api",
                    "purl": "pkg:pypi/django@3.0.1",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-2bh9-k4at-r7hz"
                        },
                        {
                            "vulnerability": "VCID-5a2y-2m62-1qfa"
                        },
                        {
                            "vulnerability": "VCID-7b47-vsfh-y3gh"
                        },
                        {
                            "vulnerability": "VCID-9hp4-hn21-zkg8"
                        },
                        {
                            "vulnerability": "VCID-b81v-3drw-xudf"
                        },
                        {
                            "vulnerability": "VCID-hzcv-euwq-eqeg"
                        },
                        {
                            "vulnerability": "VCID-nxbs-37dx-rbbh"
                        },
                        {
                            "vulnerability": "VCID-punr-dfy5-v3g1"
                        },
                        {
                            "vulnerability": "VCID-xb3c-6rew-z3ba"
                        },
                        {
                            "vulnerability": "VCID-xu9t-qtjz-bud8"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.1"
                }
            ],
            "aliases": [
                "CVE-2019-19844",
                "GHSA-vfq6-hq5r-27r6",
                "PYSEC-2019-16"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fynq-usj6-rfd3"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5556?format=api",
            "vulnerability_id": "VCID-hzcv-euwq-eqeg",
            "summary": "multiple issues",
            "references": [
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-33203",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00327",
                            "scoring_system": "epss",
                            "scoring_elements": "0.5585",
                            "published_at": "2026-05-30T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-33203"
                },
                {
                    "reference_url": "https://docs.djangoproject.com/en/3.2/releases/security/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://docs.djangoproject.com/en/3.2/releases/security/"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-68w8-qjq3-2gfm",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/advisories/GHSA-68w8-qjq3-2gfm"
                },
                {
                    "reference_url": "https://groups.google.com/forum/#!forum/django-announce",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://groups.google.com/forum/#!forum/django-announce"
                },
                {
                    "reference_url": "https://www.djangoproject.com/weblog/2021/jun/02/security-releases/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.djangoproject.com/weblog/2021/jun/02/security-releases/"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-202106-41",
                    "reference_id": "ASA-202106-41",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-202106-41"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-2026",
                    "reference_id": "AVG-2026",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-2026"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/21276?format=api",
                    "purl": "pkg:pypi/django@2.2.24",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-2f2p-wfbs-73hz"
                        },
                        {
                            "vulnerability": "VCID-81q1-gytk-2uaq"
                        },
                        {
                            "vulnerability": "VCID-bbxx-48nj-pqcd"
                        },
                        {
                            "vulnerability": "VCID-dcv2-gx5a-pfe2"
                        },
                        {
                            "vulnerability": "VCID-dqkn-1888-y3er"
                        },
                        {
                            "vulnerability": "VCID-fc6y-y2b1-v3d5"
                        },
                        {
                            "vulnerability": "VCID-jzbk-uswz-8ucg"
                        },
                        {
                            "vulnerability": "VCID-vyzr-dkz3-vfg6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/21277?format=api",
                    "purl": "pkg:pypi/django@3.1.12",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-fc6y-y2b1-v3d5"
                        },
                        {
                            "vulnerability": "VCID-zvet-h29t-tub8"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/21278?format=api",
                    "purl": "pkg:pypi/django@3.2.4",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-2f2p-wfbs-73hz"
                        },
                        {
                            "vulnerability": "VCID-5k3f-9smv-8bev"
                        },
                        {
                            "vulnerability": "VCID-6bct-bfhb-xugt"
                        },
                        {
                            "vulnerability": "VCID-7u6e-a3ng-fude"
                        },
                        {
                            "vulnerability": "VCID-81q1-gytk-2uaq"
                        },
                        {
                            "vulnerability": "VCID-bbxx-48nj-pqcd"
                        },
                        {
                            "vulnerability": "VCID-bjn5-qpmt-qffx"
                        },
                        {
                            "vulnerability": "VCID-ctk2-ykg7-h7ag"
                        },
                        {
                            "vulnerability": "VCID-dcv2-gx5a-pfe2"
                        },
                        {
                            "vulnerability": "VCID-dqkn-1888-y3er"
                        },
                        {
                            "vulnerability": "VCID-e2p6-m8gu-jbfu"
                        },
                        {
                            "vulnerability": "VCID-fc6y-y2b1-v3d5"
                        },
                        {
                            "vulnerability": "VCID-fwkd-bq8u-9kg8"
                        },
                        {
                            "vulnerability": "VCID-jzbk-uswz-8ucg"
                        },
                        {
                            "vulnerability": "VCID-kmv2-339j-8ugc"
                        },
                        {
                            "vulnerability": "VCID-nyy8-t17r-syex"
                        },
                        {
                            "vulnerability": "VCID-qg2s-fuw3-nbda"
                        },
                        {
                            "vulnerability": "VCID-rn9d-fd73-3kb9"
                        },
                        {
                            "vulnerability": "VCID-vyzr-dkz3-vfg6"
                        },
                        {
                            "vulnerability": "VCID-x4s4-qav9-xbet"
                        },
                        {
                            "vulnerability": "VCID-zvet-h29t-tub8"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4"
                }
            ],
            "aliases": [
                "CVE-2021-33203",
                "GHSA-68w8-qjq3-2gfm",
                "PYSEC-2021-98"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hzcv-euwq-eqeg"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6307?format=api",
            "vulnerability_id": "VCID-ptk1-k7b2-gkdm",
            "summary": "multiple issues",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2017:1445",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2017:1445"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2017:1451",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2017:1451"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2017:1462",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2017:1462"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2017:1470",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2017:1470"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2017:1596",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2017:1596"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2017:3093",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2017:3093"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2018:2927"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7233",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00747",
                            "scoring_system": "epss",
                            "scoring_elements": "0.73389",
                            "published_at": "2026-05-30T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7233"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-37hp-765x-j95x",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "MODERATE",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-37hp-765x-j95x"
                },
                {
                    "reference_url": "https://github.com/django/django",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django"
                },
                {
                    "reference_url": "https://github.com/django/django/commit/254326cb3682389f55f886804d2c43f7b9f23e4f",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django/commit/254326cb3682389f55f886804d2c43f7b9f23e4f"
                },
                {
                    "reference_url": "https://github.com/django/django/commit/8339277518c7d8ec280070a780915304654e3b66",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django/commit/8339277518c7d8ec280070a780915304654e3b66"
                },
                {
                    "reference_url": "https://github.com/django/django/commit/f824655bc2c50b19d2f202d7640785caabc82787",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/django/django/commit/f824655bc2c50b19d2f202d7640785caabc82787"
                },
                {
                    "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2017-9.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2017-9.yaml"
                },
                {
                    "reference_url": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases"
                },
                {
                    "reference_url": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.djangoproject.com/weblog/2017/apr/04/security-releases/"
                },
                {
                    "reference_url": "http://www.debian.org/security/2017/dsa-3835",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2017/dsa-3835"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/97406",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/97406"
                },
                {
                    "reference_url": "http://www.securitytracker.com/id/1038177",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securitytracker.com/id/1038177"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201704-2",
                    "reference_id": "ASA-201704-2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201704-2"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-233",
                    "reference_id": "AVG-233",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-233"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7233",
                    "reference_id": "CVE-2017-7233",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7233"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/8616?format=api",
                    "purl": "pkg:pypi/django@1.9.13",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-fynq-usj6-rfd3"
                        },
                        {
                            "vulnerability": "VCID-hzcv-euwq-eqeg"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.13"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/8615?format=api",
                    "purl": "pkg:pypi/django@1.10.7",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-8gkb-43x6-d7a8"
                        },
                        {
                            "vulnerability": "VCID-fynq-usj6-rfd3"
                        },
                        {
                            "vulnerability": "VCID-hzcv-euwq-eqeg"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.10.7"
                }
            ],
            "aliases": [
                "CVE-2017-7233",
                "GHSA-37hp-765x-j95x",
                "PYSEC-2017-9"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptk1-k7b2-gkdm"
        }
    ],
    "fixing_vulnerabilities": [],
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9a1"
}

Package Instance