Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django@1.4.18
Typepypi
Namespace
Namedjango
Version1.4.18
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.7b4
Latest_non_vulnerable_version6.0.5
Affected_by_vulnerabilities
0
url VCID-12d7-vc63-rkdy
vulnerability_id VCID-12d7-vc63-rkdy
summary 
Denial-of-service possibility in logout() view by filling session store
A session can be created when anonymously accessing the `django.contrib.auth.views.logout` view (provided it wasn't decorated with `django.contrib.auth.decorators.login_required` as done in the admin). This allows an attacker to easily create many new session records by sending repeated requests, potentially filling up the session store or causing other users' session records to be evicted.
references
0
reference_url https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
fixed_packages
0
url pkg:pypi/django@1.4.22
purl pkg:pypi/django@1.4.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-ksh8-pazn-dbca
7
vulnerability VCID-rxxr-sseq-k7a9
8
vulnerability VCID-u6sd-648r-qbdb
9
vulnerability VCID-vdpf-jddk-syda
10
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.22
1
url pkg:pypi/django@1.5
purl pkg:pypi/django@1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-3sg7-t77d-rkc6
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-5vmb-d4xp-zfgy
5
vulnerability VCID-6wah-r8vr-5qc4
6
vulnerability VCID-71t1-69yq-c7h6
7
vulnerability VCID-7rz2-nqdn-hycc
8
vulnerability VCID-8gus-er59-1qak
9
vulnerability VCID-8v2c-7739-2ugp
10
vulnerability VCID-912q-3eks-4yfm
11
vulnerability VCID-9bqp-b6rw-mye7
12
vulnerability VCID-9mpt-zxaw-kkeg
13
vulnerability VCID-bahz-gfxv-e3b2
14
vulnerability VCID-dh12-js4b-h7fw
15
vulnerability VCID-ffsr-th58-p3ct
16
vulnerability VCID-g2z3-2h8p-c7ge
17
vulnerability VCID-jfya-694v-myar
18
vulnerability VCID-ksh8-pazn-dbca
19
vulnerability VCID-mccp-khb9-qkb7
20
vulnerability VCID-ps24-pjj4-uqd1
21
vulnerability VCID-r78b-88d6-m3f2
22
vulnerability VCID-r7tk-79xy-jkhj
23
vulnerability VCID-rq19-9v21-47dy
24
vulnerability VCID-rtjn-qccc-8kc7
25
vulnerability VCID-rxxr-sseq-k7a9
26
vulnerability VCID-ta66-7qrm-sbhu
27
vulnerability VCID-u4a7-uvcb-9kf8
28
vulnerability VCID-u6sd-648r-qbdb
29
vulnerability VCID-vdpf-jddk-syda
30
vulnerability VCID-weqb-fxu4-17e7
31
vulnerability VCID-wfas-jszp-k7dz
32
vulnerability VCID-x212-mskt-9bbw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5
2
url pkg:pypi/django@1.7.10
purl pkg:pypi/django@1.7.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-ksh8-pazn-dbca
7
vulnerability VCID-rxxr-sseq-k7a9
8
vulnerability VCID-vdpf-jddk-syda
9
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.10
3
url pkg:pypi/django@1.8.4
purl pkg:pypi/django@1.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-c58g-7jpv-t7hc
7
vulnerability VCID-ksh8-pazn-dbca
8
vulnerability VCID-qy2a-mvpz-q7eh
9
vulnerability VCID-rruq-9scz-vbg8
10
vulnerability VCID-rxxr-sseq-k7a9
11
vulnerability VCID-upbz-vg19-rugv
12
vulnerability VCID-vdpf-jddk-syda
13
vulnerability VCID-weqb-fxu4-17e7
14
vulnerability VCID-x61x-6b6k-h3bn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.4
aliases GMS-2015-21
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-12d7-vc63-rkdy
1
url VCID-29qk-rv5n-efbm
vulnerability_id VCID-29qk-rv5n-efbm
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36359
reference_id
reference_type
scores
0
value 0.0113
scoring_system epss
scoring_elements 0.78658
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36359
1
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
2
reference_url https://docs.djangoproject.com/en/4.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.0/releases/security/
3
reference_url https://github.com/advisories/GHSA-8x94-hmjh-97hq
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-8x94-hmjh-97hq
4
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
5
reference_url https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80
6
reference_url https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3
7
reference_url https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml
9
reference_url https://groups.google.com/g/django-announce/c/8cz--gvaJr4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/django-announce/c/8cz--gvaJr4
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36359
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36359
13
reference_url https://security.netapp.com/advisory/ntap-20220915-0008
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220915-0008
14
reference_url https://www.debian.org/security/2022/dsa-5254
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5254
15
reference_url https://www.djangoproject.com/weblog/2022/aug/03/security-releases
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/aug/03/security-releases
16
reference_url https://www.djangoproject.com/weblog/2022/aug/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/aug/03/security-releases/
17
reference_url http://www.openwall.com/lists/oss-security/2022/08/03/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/08/03/1
18
reference_url https://security.archlinux.org/AVG-2810
reference_id AVG-2810
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2810
fixed_packages
0
url pkg:pypi/django@3.2.15
purl pkg:pypi/django@3.2.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z4e-8ttu-tyd6
1
vulnerability VCID-am3f-c5ex-8ff2
2
vulnerability VCID-au8h-vj9k-pufv
3
vulnerability VCID-f4a7-tcz5-byfj
4
vulnerability VCID-fsaw-3ta1-x3dw
5
vulnerability VCID-m1dr-sjmw-jfd2
6
vulnerability VCID-m33h-4p9q-63fb
7
vulnerability VCID-qgp1-4efd-6yg6
8
vulnerability VCID-yuda-1mur-8bbq
9
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.15
1
url pkg:pypi/django@4.0.7
purl pkg:pypi/django@4.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4z4e-8ttu-tyd6
1
vulnerability VCID-au8h-vj9k-pufv
2
vulnerability VCID-f4a7-tcz5-byfj
3
vulnerability VCID-m1dr-sjmw-jfd2
4
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.7
aliases CVE-2022-36359, GHSA-8x94-hmjh-97hq, PYSEC-2022-245
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29qk-rv5n-efbm
2
url VCID-3kza-a88p-kfg7
vulnerability_id VCID-3kza-a88p-kfg7
summary Cross-site scripting (XSS) vulnerability in the dismissChangeRelatedObjectPopup function in contrib/admin/static/admin/js/admin/RelatedObjectLookups.js in Django before 1.8.14, 1.9.x before 1.9.8, and 1.10.x before 1.10rc1 allows remote attackers to inject arbitrary web script or HTML via vectors involving unsafe usage of Element.innerHTML.
references
0
reference_url http://packetstormsecurity.com/files/137965/Django-3.3.0-Script-Insertion.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/137965/Django-3.3.0-Script-Insertion.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-1594.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1594.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-1595.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1595.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-1596.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1596.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6186.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6186.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6186
reference_id
reference_type
scores
0
value 0.16367
scoring_system epss
scoring_elements 0.94982
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6186
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6186
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6186
7
reference_url http://seclists.org/fulldisclosure/2016/Jul/53
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2016/Jul/53
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/django/django/commit/6fa150b2f8b601668083042324c4add534143cb1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6fa150b2f8b601668083042324c4add534143cb1
10
reference_url https://github.com/django/django/commit/d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158
11
reference_url https://github.com/django/django/commit/f68e5a99164867ab0e071a936470958ed867479d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f68e5a99164867ab0e071a936470958ed867479d
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-2.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-2.yaml
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMLLFAUT4J4IP4P2KI4NOVWRMHA22WUJ
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMLLFAUT4J4IP4P2KI4NOVWRMHA22WUJ
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMLLFAUT4J4IP4P2KI4NOVWRMHA22WUJ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMLLFAUT4J4IP4P2KI4NOVWRMHA22WUJ/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KHHPN6MISX5I6UTXQHYLPTLEEUE6WDXW
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KHHPN6MISX5I6UTXQHYLPTLEEUE6WDXW
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KHHPN6MISX5I6UTXQHYLPTLEEUE6WDXW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KHHPN6MISX5I6UTXQHYLPTLEEUE6WDXW/
17
reference_url https://web.archive.org/web/20201022155237/http://www.securityfocus.com/archive/1/538947/100/0/threaded
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201022155237/http://www.securityfocus.com/archive/1/538947/100/0/threaded
18
reference_url https://web.archive.org/web/20210123154652/http://www.securityfocus.com/bid/92058
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123154652/http://www.securityfocus.com/bid/92058
19
reference_url https://web.archive.org/web/20211204042848/http://www.securitytracker.com/id/1036338
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20211204042848/http://www.securitytracker.com/id/1036338
20
reference_url https://www.djangoproject.com/weblog/2016/jul/18/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2016/jul/18/security-releases
21
reference_url https://www.djangoproject.com/weblog/2016/jul/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2016/jul/18/security-releases/
22
reference_url https://www.exploit-db.com/exploits/40129
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/40129
23
reference_url https://www.exploit-db.com/exploits/40129/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/40129/
24
reference_url http://www.debian.org/security/2016/dsa-3622
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3622
25
reference_url http://www.securityfocus.com/archive/1/538947/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/538947/100/0/threaded
26
reference_url http://www.securityfocus.com/bid/92058
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/92058
27
reference_url http://www.securitytracker.com/id/1036338
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036338
28
reference_url http://www.ubuntu.com/usn/USN-3039-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-3039-1
29
reference_url http://www.vulnerability-lab.com/get_content.php?id=1869
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vulnerability-lab.com/get_content.php?id=1869
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1355663
reference_id 1355663
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1355663
31
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831799
reference_id 831799
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831799
32
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/40129.txt
reference_id CVE-2016-6186
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/40129.txt
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6186
reference_id CVE-2016-6186
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6186
34
reference_url https://www.vulnerability-lab.com/get_content.php?id=1869
reference_id CVE-2016-6186
reference_type exploit
scores
url https://www.vulnerability-lab.com/get_content.php?id=1869
35
reference_url https://github.com/advisories/GHSA-c8c8-9472-w52h
reference_id GHSA-c8c8-9472-w52h
reference_type
scores
url https://github.com/advisories/GHSA-c8c8-9472-w52h
36
reference_url https://access.redhat.com/errata/RHSA-2016:1594
reference_id RHSA-2016:1594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1594
37
reference_url https://access.redhat.com/errata/RHSA-2016:1595
reference_id RHSA-2016:1595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1595
38
reference_url https://access.redhat.com/errata/RHSA-2016:1596
reference_id RHSA-2016:1596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1596
fixed_packages
0
url pkg:pypi/django@1.8.14
purl pkg:pypi/django@1.8.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-5q58-pzt4-8uey
2
vulnerability VCID-8gus-er59-1qak
3
vulnerability VCID-9mpt-zxaw-kkeg
4
vulnerability VCID-c58g-7jpv-t7hc
5
vulnerability VCID-qy2a-mvpz-q7eh
6
vulnerability VCID-rruq-9scz-vbg8
7
vulnerability VCID-upbz-vg19-rugv
8
vulnerability VCID-vdpf-jddk-syda
9
vulnerability VCID-weqb-fxu4-17e7
10
vulnerability VCID-x61x-6b6k-h3bn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.14
1
url pkg:pypi/django@1.9.8
purl pkg:pypi/django@1.9.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-5q58-pzt4-8uey
2
vulnerability VCID-8gus-er59-1qak
3
vulnerability VCID-9mpt-zxaw-kkeg
4
vulnerability VCID-qy2a-mvpz-q7eh
5
vulnerability VCID-rruq-9scz-vbg8
6
vulnerability VCID-upbz-vg19-rugv
7
vulnerability VCID-vdpf-jddk-syda
8
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.8
2
url pkg:pypi/django@1.10rc1
purl pkg:pypi/django@1.10rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-5q58-pzt4-8uey
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-hpj4-a9fa-4bca
4
vulnerability VCID-rruq-9scz-vbg8
5
vulnerability VCID-vdpf-jddk-syda
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.10rc1
aliases CVE-2016-6186, GHSA-c8c8-9472-w52h, PYSEC-2016-2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kza-a88p-kfg7
3
url VCID-5q58-pzt4-8uey
vulnerability_id VCID-5q58-pzt4-8uey
summary Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7471.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7471.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7471
reference_id
reference_type
scores
0
value 0.1537
scoring_system epss
scoring_elements 0.94763
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7471
2
reference_url https://docs.djangoproject.com/en/3.0/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.0/releases/security
3
reference_url https://docs.djangoproject.com/en/3.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.0/releases/security/
4
reference_url https://github.com/advisories/GHSA-hmr4-m2h5-33qx
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hmr4-m2h5-33qx
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd
7
reference_url https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b
8
reference_url https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147
9
reference_url https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml
11
reference_url https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
14
reference_url https://seclists.org/bugtraq/2020/Feb/30
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2020/Feb/30
15
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
16
reference_url https://security.netapp.com/advisory/ntap-20200221-0006
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200221-0006
17
reference_url https://security.netapp.com/advisory/ntap-20200221-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200221-0006/
18
reference_url https://usn.ubuntu.com/4264-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4264-1
19
reference_url https://usn.ubuntu.com/4264-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4264-1/
20
reference_url https://www.debian.org/security/2020/dsa-4629
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4629
21
reference_url https://www.djangoproject.com/weblog/2020/feb/03/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/feb/03/security-releases
22
reference_url https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
23
reference_url https://www.openwall.com/lists/oss-security/2020/02/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/02/03/1
24
reference_url http://www.openwall.com/lists/oss-security/2020/02/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/02/03/1
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1798515
reference_id 1798515
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1798515
26
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581
reference_id 950581
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581
27
reference_url https://security.archlinux.org/ASA-202002-1
reference_id ASA-202002-1
reference_type
scores
url https://security.archlinux.org/ASA-202002-1
28
reference_url https://security.archlinux.org/AVG-1091
reference_id AVG-1091
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1091
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7471
reference_id CVE-2020-7471
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7471
fixed_packages
0
url pkg:pypi/django@1.11.28
purl pkg:pypi/django@1.11.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-9mpt-zxaw-kkeg
2
vulnerability VCID-m4wa-xv9b-q7ce
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.28
1
url pkg:pypi/django@2.2.10
purl pkg:pypi/django@2.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4cp2-k4mn-8ffj
2
vulnerability VCID-51tx-4tp9-kbcz
3
vulnerability VCID-6jpg-yrf8-cufy
4
vulnerability VCID-9end-mq19-rke5
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-attf-6gj8-ebaj
7
vulnerability VCID-drwp-htkk-bkfh
8
vulnerability VCID-fhp8-tck4-mye4
9
vulnerability VCID-fksk-pr23-2yd8
10
vulnerability VCID-hh9b-52xn-z7a9
11
vulnerability VCID-j81e-su1y-tqa6
12
vulnerability VCID-m4wa-xv9b-q7ce
13
vulnerability VCID-n9vn-4uxr-hkau
14
vulnerability VCID-na9w-xkvx-cbhd
15
vulnerability VCID-nss9-1yrb-x7f2
16
vulnerability VCID-q8r2-m9s6-rbek
17
vulnerability VCID-qvfs-2v1h-p3h4
18
vulnerability VCID-u9q1-63gf-7feh
19
vulnerability VCID-wnxx-rc7w-cke4
20
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.10
2
url pkg:pypi/django@3.0.3
purl pkg:pypi/django@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4cp2-k4mn-8ffj
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-fhp8-tck4-mye4
4
vulnerability VCID-hh9b-52xn-z7a9
5
vulnerability VCID-m4wa-xv9b-q7ce
6
vulnerability VCID-na9w-xkvx-cbhd
7
vulnerability VCID-q8r2-m9s6-rbek
8
vulnerability VCID-qvfs-2v1h-p3h4
9
vulnerability VCID-wnxx-rc7w-cke4
10
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.3
aliases CVE-2020-7471, GHSA-hmr4-m2h5-33qx, PYSEC-2020-35
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5q58-pzt4-8uey
4
url VCID-6wah-r8vr-5qc4
vulnerability_id VCID-6wah-r8vr-5qc4
summary The password hasher in contrib/auth/hashers.py in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to enumerate users via a timing attack involving login requests.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0502.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0502.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-0504.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0504.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-0505.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0505.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-0506.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0506.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2513.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2513.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2513
reference_id
reference_type
scores
0
value 0.0125
scoring_system epss
scoring_elements 0.79665
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2513
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2512
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2512
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/django/django/commit/67b46ba7016da2d259c1ecc7d666d11f5e1cfaab
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/67b46ba7016da2d259c1ecc7d666d11f5e1cfaab
10
reference_url https://github.com/django/django/commit/af7d09b0c5c6ab68e629fd9baf736f9dd203b18e
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/af7d09b0c5c6ab68e629fd9baf736f9dd203b18e
11
reference_url https://github.com/django/django/commit/f4e6e02f7713a6924d16540be279909ff4091eb6
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f4e6e02f7713a6924d16540be279909ff4091eb6
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-16.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-16.yaml
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2513
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2513
14
reference_url https://web.archive.org/web/20160322001143/http://www.securitytracker.com/id/1035152
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160322001143/http://www.securitytracker.com/id/1035152
15
reference_url https://web.archive.org/web/20200228001222/http://www.securityfocus.com/bid/83878
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228001222/http://www.securityfocus.com/bid/83878
16
reference_url https://www.djangoproject.com/weblog/2016/mar/01/security-releases
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2016/mar/01/security-releases
17
reference_url https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
18
reference_url http://www.debian.org/security/2016/dsa-3544
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3544
19
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
20
reference_url http://www.securityfocus.com/bid/83878
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/83878
21
reference_url http://www.securitytracker.com/id/1035152
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035152
22
reference_url http://www.ubuntu.com/usn/USN-2915-1
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2915-1
23
reference_url http://www.ubuntu.com/usn/USN-2915-2
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2915-2
24
reference_url http://www.ubuntu.com/usn/USN-2915-3
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2915-3
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1311438
reference_id 1311438
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1311438
26
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816434
reference_id 816434
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816434
27
reference_url https://access.redhat.com/errata/RHSA-2016:0502
reference_id RHSA-2016:0502
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0502
28
reference_url https://access.redhat.com/errata/RHSA-2016:0503
reference_id RHSA-2016:0503
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0503
29
reference_url https://access.redhat.com/errata/RHSA-2016:0504
reference_id RHSA-2016:0504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0504
30
reference_url https://access.redhat.com/errata/RHSA-2016:0505
reference_id RHSA-2016:0505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0505
31
reference_url https://access.redhat.com/errata/RHSA-2016:0506
reference_id RHSA-2016:0506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0506
fixed_packages
0
url pkg:pypi/django@1.8.10
purl pkg:pypi/django@1.8.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-8gus-er59-1qak
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-c58g-7jpv-t7hc
6
vulnerability VCID-qy2a-mvpz-q7eh
7
vulnerability VCID-rruq-9scz-vbg8
8
vulnerability VCID-upbz-vg19-rugv
9
vulnerability VCID-vdpf-jddk-syda
10
vulnerability VCID-weqb-fxu4-17e7
11
vulnerability VCID-x61x-6b6k-h3bn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.10
1
url pkg:pypi/django@1.9.3
purl pkg:pypi/django@1.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-8gus-er59-1qak
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-qy2a-mvpz-q7eh
6
vulnerability VCID-rruq-9scz-vbg8
7
vulnerability VCID-upbz-vg19-rugv
8
vulnerability VCID-vdpf-jddk-syda
9
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.3
aliases CVE-2016-2513, GHSA-fp6p-5xvw-m74f, PYSEC-2016-16
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wah-r8vr-5qc4
5
url VCID-8gus-er59-1qak
vulnerability_id VCID-8gus-er59-1qak
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9014.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9014.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9014
reference_id
reference_type
scores
0
value 0.03671
scoring_system epss
scoring_elements 0.88109
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9014
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9013
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9013
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9014
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9014
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7233
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7234
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19
8
reference_url https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472
9
reference_url https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-18.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-18.yaml
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9014
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9014
16
reference_url https://web.archive.org/web/20210123185619/http://www.securityfocus.com/bid/94068
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123185619/http://www.securityfocus.com/bid/94068
17
reference_url https://web.archive.org/web/20211204043252/http://www.securitytracker.com/id/1037159
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20211204043252/http://www.securitytracker.com/id/1037159
18
reference_url https://www.djangoproject.com/weblog/2016/nov/01/security-releases
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2016/nov/01/security-releases
19
reference_url https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
20
reference_url http://www.debian.org/security/2017/dsa-3835
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2017/dsa-3835
21
reference_url http://www.securityfocus.com/bid/94068
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94068
22
reference_url http://www.securitytracker.com/id/1037159
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037159
23
reference_url http://www.ubuntu.com/usn/USN-3115-1
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-3115-1
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1389417
reference_id 1389417
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1389417
25
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842856
reference_id 842856
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842856
26
reference_url https://security.archlinux.org/ASA-201611-15
reference_id ASA-201611-15
reference_type
scores
url https://security.archlinux.org/ASA-201611-15
27
reference_url https://security.archlinux.org/AVG-57
reference_id AVG-57
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-57
fixed_packages
0
url pkg:pypi/django@1.8.16
purl pkg:pypi/django@1.8.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-5q58-pzt4-8uey
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-c58g-7jpv-t7hc
4
vulnerability VCID-rruq-9scz-vbg8
5
vulnerability VCID-upbz-vg19-rugv
6
vulnerability VCID-vdpf-jddk-syda
7
vulnerability VCID-x61x-6b6k-h3bn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.16
1
url pkg:pypi/django@1.9.11
purl pkg:pypi/django@1.9.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-5q58-pzt4-8uey
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-rruq-9scz-vbg8
4
vulnerability VCID-upbz-vg19-rugv
5
vulnerability VCID-vdpf-jddk-syda
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.11
2
url pkg:pypi/django@1.10.3
purl pkg:pypi/django@1.10.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-5q58-pzt4-8uey
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-hpj4-a9fa-4bca
4
vulnerability VCID-rruq-9scz-vbg8
5
vulnerability VCID-upbz-vg19-rugv
6
vulnerability VCID-vdpf-jddk-syda
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.10.3
aliases CVE-2016-9014, GHSA-3f2c-jm6v-cr35, PYSEC-2016-18
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8gus-er59-1qak
6
url VCID-9mpt-zxaw-kkeg
vulnerability_id VCID-9mpt-zxaw-kkeg
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33203.json
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33203.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33203
reference_id
reference_type
scores
0
value 0.00143
scoring_system epss
scoring_elements 0.34125
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33203
2
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.2/releases/security
3
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
4
reference_url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90
7
reference_url https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f
8
reference_url https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml
10
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
12
reference_url https://security.netapp.com/advisory/ntap-20210727-0004
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210727-0004
13
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
14
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966251
reference_id 1966251
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966251
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
reference_id 989394
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
17
reference_url https://security.archlinux.org/ASA-202106-41
reference_id ASA-202106-41
reference_type
scores
url https://security.archlinux.org/ASA-202106-41
18
reference_url https://security.archlinux.org/AVG-2026
reference_id AVG-2026
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2026
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33203
reference_id CVE-2021-33203
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33203
20
reference_url https://access.redhat.com/errata/RHSA-2021:3490
reference_id RHSA-2021:3490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3490
21
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
22
reference_url https://access.redhat.com/errata/RHSA-2021:5070
reference_id RHSA-2021:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5070
fixed_packages
0
url pkg:pypi/django@2.2.24
purl pkg:pypi/django@2.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-51tx-4tp9-kbcz
2
vulnerability VCID-6jpg-yrf8-cufy
3
vulnerability VCID-9end-mq19-rke5
4
vulnerability VCID-attf-6gj8-ebaj
5
vulnerability VCID-drwp-htkk-bkfh
6
vulnerability VCID-fksk-pr23-2yd8
7
vulnerability VCID-n9vn-4uxr-hkau
8
vulnerability VCID-nss9-1yrb-x7f2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24
1
url pkg:pypi/django@3.1.12
purl pkg:pypi/django@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4pb2-tqru-uufs
2
vulnerability VCID-n9vn-4uxr-hkau
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12
2
url pkg:pypi/django@3.2.4
purl pkg:pypi/django@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-2n2n-1fq2-7bbs
2
vulnerability VCID-4pb2-tqru-uufs
3
vulnerability VCID-4z4e-8ttu-tyd6
4
vulnerability VCID-51tx-4tp9-kbcz
5
vulnerability VCID-6jpg-yrf8-cufy
6
vulnerability VCID-9end-mq19-rke5
7
vulnerability VCID-am3f-c5ex-8ff2
8
vulnerability VCID-attf-6gj8-ebaj
9
vulnerability VCID-au8h-vj9k-pufv
10
vulnerability VCID-drwp-htkk-bkfh
11
vulnerability VCID-f4a7-tcz5-byfj
12
vulnerability VCID-fksk-pr23-2yd8
13
vulnerability VCID-fsaw-3ta1-x3dw
14
vulnerability VCID-m1dr-sjmw-jfd2
15
vulnerability VCID-m33h-4p9q-63fb
16
vulnerability VCID-n9vn-4uxr-hkau
17
vulnerability VCID-nss9-1yrb-x7f2
18
vulnerability VCID-qgp1-4efd-6yg6
19
vulnerability VCID-yuda-1mur-8bbq
20
vulnerability VCID-z6tf-z1y9-cydq
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4
aliases CVE-2021-33203, GHSA-68w8-qjq3-2gfm, PYSEC-2021-98
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9mpt-zxaw-kkeg
7
url VCID-bahz-gfxv-e3b2
vulnerability_id VCID-bahz-gfxv-e3b2
summary The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155421.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155421.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160263.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160263.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2317.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2317.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-2317
reference_id
reference_type
scores
0
value 0.02884
scoring_system epss
scoring_elements 0.86572
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-2317
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2317
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2317
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/2342693b31f740a422abf7267c53b4e7bc487c1b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2342693b31f740a422abf7267c53b4e7bc487c1b
9
reference_url https://github.com/django/django/commit/2a4113dbd532ce952308992633d802dc169a75f1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2a4113dbd532ce952308992633d802dc169a75f1
10
reference_url https://github.com/django/django/commit/5510f070711540aaa8d3707776cd77494e688ef9
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/5510f070711540aaa8d3707776cd77494e688ef9
11
reference_url https://github.com/django/django/commit/770427c2896a078925abfca2317486b284d22f04
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/770427c2896a078925abfca2317486b284d22f04
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-9.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-9.yaml
13
reference_url https://web.archive.org/web/20200228131706/http://www.securityfocus.com/bid/73319
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228131706/http://www.securityfocus.com/bid/73319
14
reference_url https://www.djangoproject.com/weblog/2015/mar/18/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/mar/18/security-releases
15
reference_url https://www.djangoproject.com/weblog/2015/mar/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/mar/18/security-releases/
16
reference_url http://ubuntu.com/usn/usn-2539-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-2539-1
17
reference_url http://www.debian.org/security/2015/dsa-3204
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3204
18
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:195
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:195
19
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
20
reference_url http://www.securityfocus.com/bid/73319
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/73319
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1202818
reference_id 1202818
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1202818
22
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780873
reference_id 780873
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780873
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-2317
reference_id CVE-2015-2317
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-2317
24
reference_url https://github.com/advisories/GHSA-7fq8-4pv5-5w5c
reference_id GHSA-7fq8-4pv5-5w5c
reference_type
scores
url https://github.com/advisories/GHSA-7fq8-4pv5-5w5c
fixed_packages
0
url pkg:pypi/django@1.4.20
purl pkg:pypi/django@1.4.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-jfya-694v-myar
8
vulnerability VCID-kq8u-td31-uqaa
9
vulnerability VCID-ksh8-pazn-dbca
10
vulnerability VCID-mccp-khb9-qkb7
11
vulnerability VCID-rxxr-sseq-k7a9
12
vulnerability VCID-th75-ys47-d3h8
13
vulnerability VCID-u6sd-648r-qbdb
14
vulnerability VCID-vdpf-jddk-syda
15
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.20
1
url pkg:pypi/django@1.6.11
purl pkg:pypi/django@1.6.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-jfya-694v-myar
7
vulnerability VCID-ksh8-pazn-dbca
8
vulnerability VCID-mccp-khb9-qkb7
9
vulnerability VCID-rxxr-sseq-k7a9
10
vulnerability VCID-u6sd-648r-qbdb
11
vulnerability VCID-vdpf-jddk-syda
12
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.11
2
url pkg:pypi/django@1.7.7
purl pkg:pypi/django@1.7.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-jfya-694v-myar
8
vulnerability VCID-kq8u-td31-uqaa
9
vulnerability VCID-ksh8-pazn-dbca
10
vulnerability VCID-mccp-khb9-qkb7
11
vulnerability VCID-rxxr-sseq-k7a9
12
vulnerability VCID-th75-ys47-d3h8
13
vulnerability VCID-vdpf-jddk-syda
14
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.7
3
url pkg:pypi/django@1.8rc1
purl pkg:pypi/django@1.8rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3kza-a88p-kfg7
1
vulnerability VCID-6wah-r8vr-5qc4
2
vulnerability VCID-8gus-er59-1qak
3
vulnerability VCID-9mpt-zxaw-kkeg
4
vulnerability VCID-ksh8-pazn-dbca
5
vulnerability VCID-vdpf-jddk-syda
6
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8rc1
aliases CVE-2015-2317, GHSA-7fq8-4pv5-5w5c, PYSEC-2015-9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bahz-gfxv-e3b2
8
url VCID-jfya-694v-myar
vulnerability_id VCID-jfya-694v-myar
summary The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-1678.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1678.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-1686.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1686.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5143.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5143.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5143
reference_id
reference_type
scores
0
value 0.15813
scoring_system epss
scoring_elements 0.94861
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5143
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5143
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5144
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5144
9
reference_url https://github.com/advisories/GHSA-h582-2pch-3xv3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-h582-2pch-3xv3
10
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
11
reference_url https://github.com/django/django/commit/1828f4341ec53a8684112d24031b767eba557663
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/1828f4341ec53a8684112d24031b767eba557663
12
reference_url https://github.com/django/django/commit/2e47f3e401c29bc2ba5ab794d483cb0820855fb9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2e47f3e401c29bc2ba5ab794d483cb0820855fb9
13
reference_url https://github.com/django/django/commit/66d12d1ababa8f062857ee5eb43276493720bf16
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/66d12d1ababa8f062857ee5eb43276493720bf16
14
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-20.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-20.yaml
15
reference_url https://security.gentoo.org/glsa/201510-06
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201510-06
16
reference_url https://www.djangoproject.com/weblog/2015/jul/08/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/jul/08/security-releases
17
reference_url https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
18
reference_url http://www.debian.org/security/2015/dsa-3305
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3305
19
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
20
reference_url http://www.securityfocus.com/bid/75666
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/75666
21
reference_url http://www.securitytracker.com/id/1032820
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1032820
22
reference_url http://www.ubuntu.com/usn/USN-2671-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2671-1
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1239010
reference_id 1239010
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1239010
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5143
reference_id CVE-2015-5143
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5143
25
reference_url https://access.redhat.com/errata/RHSA-2015:1678
reference_id RHSA-2015:1678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1678
26
reference_url https://access.redhat.com/errata/RHSA-2015:1686
reference_id RHSA-2015:1686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1686
fixed_packages
0
url pkg:pypi/django@1.4.21
purl pkg:pypi/django@1.4.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-kq8u-td31-uqaa
8
vulnerability VCID-ksh8-pazn-dbca
9
vulnerability VCID-rxxr-sseq-k7a9
10
vulnerability VCID-th75-ys47-d3h8
11
vulnerability VCID-u6sd-648r-qbdb
12
vulnerability VCID-vdpf-jddk-syda
13
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.21
1
url pkg:pypi/django@1.7.9
purl pkg:pypi/django@1.7.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-kq8u-td31-uqaa
8
vulnerability VCID-ksh8-pazn-dbca
9
vulnerability VCID-rxxr-sseq-k7a9
10
vulnerability VCID-th75-ys47-d3h8
11
vulnerability VCID-vdpf-jddk-syda
12
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.9
2
url pkg:pypi/django@1.8.3
purl pkg:pypi/django@1.8.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-c58g-7jpv-t7hc
8
vulnerability VCID-kq8u-td31-uqaa
9
vulnerability VCID-ksh8-pazn-dbca
10
vulnerability VCID-qy2a-mvpz-q7eh
11
vulnerability VCID-rruq-9scz-vbg8
12
vulnerability VCID-rxxr-sseq-k7a9
13
vulnerability VCID-upbz-vg19-rugv
14
vulnerability VCID-vdpf-jddk-syda
15
vulnerability VCID-weqb-fxu4-17e7
16
vulnerability VCID-x61x-6b6k-h3bn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.3
aliases CVE-2015-5143, GHSA-h582-2pch-3xv3, PYSEC-2015-20
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jfya-694v-myar
9
url VCID-kq8u-td31-uqaa
vulnerability_id VCID-kq8u-td31-uqaa
summary contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session record.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2015-09/msg00026.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-09/msg00026.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-1766.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1766.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-1767.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1767.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-1894.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1894.html
6
reference_url https://access.redhat.com/errata/RHSA-2015:1876
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1876
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5963.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5963.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5963
reference_id
reference_type
scores
0
value 0.07079
scoring_system epss
scoring_elements 0.91667
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5963
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5963
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5963
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5964
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5964
11
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
12
reference_url https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.8.4.txt#L9-L21
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.8.4.txt#L9-L21
13
reference_url https://github.com/django/django/commit/2eb86b01d7b59be06076f6179a454d0fd0afaff6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2eb86b01d7b59be06076f6179a454d0fd0afaff6
14
reference_url https://github.com/django/django/commit/2f5485346ee6f84b4e52068c04e043092daf55f7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2f5485346ee6f84b4e52068c04e043092daf55f7
15
reference_url https://github.com/django/django/commit/575f59f9bc7c59a5e41a081d1f5f55fc859c5012
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/575f59f9bc7c59a5e41a081d1f5f55fc859c5012
16
reference_url https://github.com/django/django/commit/8cc41ce7a7a8f6bebfdd89d5ab276cd0109f4fc5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/8cc41ce7a7a8f6bebfdd89d5ab276cd0109f4fc5
17
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-22.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-22.yaml
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5963
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5963
19
reference_url https://web.archive.org/web/20150904151934/http://www.securitytracker.com/id/1033318
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150904151934/http://www.securitytracker.com/id/1033318
20
reference_url https://web.archive.org/web/20200228050526/http://www.securityfocus.com/bid/76428
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228050526/http://www.securityfocus.com/bid/76428
21
reference_url https://www.djangoproject.com/weblog/2015/aug/18/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/aug/18/security-releases
22
reference_url https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
23
reference_url http://www.debian.org/security/2015/dsa-3338
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3338
24
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
25
reference_url http://www.securityfocus.com/bid/76428
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/76428
26
reference_url http://www.securitytracker.com/id/1033318
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1033318
27
reference_url http://www.ubuntu.com/usn/USN-2720-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2720-1
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1252890
reference_id 1252890
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1252890
29
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796104
reference_id 796104
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796104
30
reference_url https://access.redhat.com/errata/RHSA-2015:1766
reference_id RHSA-2015:1766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1766
31
reference_url https://access.redhat.com/errata/RHSA-2015:1767
reference_id RHSA-2015:1767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1767
32
reference_url https://access.redhat.com/errata/RHSA-2015:1894
reference_id RHSA-2015:1894
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1894
fixed_packages
0
url pkg:pypi/django@1.4.22
purl pkg:pypi/django@1.4.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-ksh8-pazn-dbca
7
vulnerability VCID-rxxr-sseq-k7a9
8
vulnerability VCID-u6sd-648r-qbdb
9
vulnerability VCID-vdpf-jddk-syda
10
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.22
1
url pkg:pypi/django@1.7.10
purl pkg:pypi/django@1.7.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-ksh8-pazn-dbca
7
vulnerability VCID-rxxr-sseq-k7a9
8
vulnerability VCID-vdpf-jddk-syda
9
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.10
2
url pkg:pypi/django@1.8.4
purl pkg:pypi/django@1.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-c58g-7jpv-t7hc
7
vulnerability VCID-ksh8-pazn-dbca
8
vulnerability VCID-qy2a-mvpz-q7eh
9
vulnerability VCID-rruq-9scz-vbg8
10
vulnerability VCID-rxxr-sseq-k7a9
11
vulnerability VCID-upbz-vg19-rugv
12
vulnerability VCID-vdpf-jddk-syda
13
vulnerability VCID-weqb-fxu4-17e7
14
vulnerability VCID-x61x-6b6k-h3bn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.4
aliases CVE-2015-5963, GHSA-pgxh-wfw4-jx2v, PYSEC-2015-22
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kq8u-td31-uqaa
10
url VCID-ksh8-pazn-dbca
vulnerability_id VCID-ksh8-pazn-dbca
summary The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting (XSS) attacks via a URL containing basic authentication, as demonstrated by http://mysite.example.com\@attacker.com.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0502.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0502.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-0504.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0504.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-0505.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0505.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-0506.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0506.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2512.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2512.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2512
reference_id
reference_type
scores
0
value 0.01203
scoring_system epss
scoring_elements 0.79267
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2512
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2512
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2512
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/django/django/commit/382ab137312961ad62feb8109d70a5a581fe8350
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/382ab137312961ad62feb8109d70a5a581fe8350
10
reference_url https://github.com/django/django/commit/c5544d289233f501917e25970c03ed444abbd4f0
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c5544d289233f501917e25970c03ed444abbd4f0
11
reference_url https://github.com/django/django/commit/fc6d147a63f89795dbcdecb0559256470fff4380
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/fc6d147a63f89795dbcdecb0559256470fff4380
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-15.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-15.yaml
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2512
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2512
14
reference_url https://web.archive.org/web/20210123090815/http://www.securityfocus.com/bid/83879
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123090815/http://www.securityfocus.com/bid/83879
15
reference_url https://web.archive.org/web/20210413200202/http://www.securitytracker.com/id/1035152
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210413200202/http://www.securitytracker.com/id/1035152
16
reference_url https://www.djangoproject.com/weblog/2016/mar/01/security-releases
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2016/mar/01/security-releases
17
reference_url https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
18
reference_url http://www.debian.org/security/2016/dsa-3544
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3544
19
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
20
reference_url http://www.securityfocus.com/bid/83879
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/83879
21
reference_url http://www.securitytracker.com/id/1035152
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035152
22
reference_url http://www.ubuntu.com/usn/USN-2915-1
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2915-1
23
reference_url http://www.ubuntu.com/usn/USN-2915-2
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2915-2
24
reference_url http://www.ubuntu.com/usn/USN-2915-3
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2915-3
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1311431
reference_id 1311431
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1311431
26
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816434
reference_id 816434
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816434
27
reference_url https://access.redhat.com/errata/RHSA-2016:0502
reference_id RHSA-2016:0502
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0502
28
reference_url https://access.redhat.com/errata/RHSA-2016:0503
reference_id RHSA-2016:0503
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0503
29
reference_url https://access.redhat.com/errata/RHSA-2016:0504
reference_id RHSA-2016:0504
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0504
30
reference_url https://access.redhat.com/errata/RHSA-2016:0505
reference_id RHSA-2016:0505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0505
31
reference_url https://access.redhat.com/errata/RHSA-2016:0506
reference_id RHSA-2016:0506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0506
fixed_packages
0
url pkg:pypi/django@1.8.10
purl pkg:pypi/django@1.8.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-8gus-er59-1qak
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-c58g-7jpv-t7hc
6
vulnerability VCID-qy2a-mvpz-q7eh
7
vulnerability VCID-rruq-9scz-vbg8
8
vulnerability VCID-upbz-vg19-rugv
9
vulnerability VCID-vdpf-jddk-syda
10
vulnerability VCID-weqb-fxu4-17e7
11
vulnerability VCID-x61x-6b6k-h3bn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.10
1
url pkg:pypi/django@1.9.3
purl pkg:pypi/django@1.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-8gus-er59-1qak
4
vulnerability VCID-9mpt-zxaw-kkeg
5
vulnerability VCID-qy2a-mvpz-q7eh
6
vulnerability VCID-rruq-9scz-vbg8
7
vulnerability VCID-upbz-vg19-rugv
8
vulnerability VCID-vdpf-jddk-syda
9
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.3
aliases CVE-2016-2512, GHSA-pw27-w7w4-9qc7, PYSEC-2016-15
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ksh8-pazn-dbca
11
url VCID-mccp-khb9-qkb7
vulnerability_id VCID-mccp-khb9-qkb7
summary Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an (1) email message to the EmailValidator, a (2) URL to the URLValidator, or unspecified vectors to the (3) validate_ipv4_address or (4) validate_slug validator.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5144.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5144.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5144
reference_id
reference_type
scores
0
value 0.01493
scoring_system epss
scoring_elements 0.81399
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5144
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5143
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5144
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5144
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.4.21.txt#L30-L54
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.4.21.txt#L30-L54
9
reference_url https://github.com/django/django/commit/1ba1cdce7d58e6740fe51955d945b56ae51d072a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/1ba1cdce7d58e6740fe51955d945b56ae51d072a
10
reference_url https://github.com/django/django/commit/574dd5e0b0fbb877ae5827b1603d298edc9bb2a0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/574dd5e0b0fbb877ae5827b1603d298edc9bb2a0
11
reference_url https://github.com/django/django/commit/8f9a4d3a2bc42f14bb437defd30c7315adbff22c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/8f9a4d3a2bc42f14bb437defd30c7315adbff22c
12
reference_url https://github.com/django/django/commit/ae49b4d994656bc037513dcd064cb9ce5bb85649
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/ae49b4d994656bc037513dcd064cb9ce5bb85649
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-10.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-10.yaml
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5144
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5144
15
reference_url https://security.gentoo.org/glsa/201510-06
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201510-06
16
reference_url https://web.archive.org/web/20150924150801/http://www.securitytracker.com/id/1032820
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150924150801/http://www.securitytracker.com/id/1032820
17
reference_url https://web.archive.org/web/20200228050526/http://www.securityfocus.com/bid/75665
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228050526/http://www.securityfocus.com/bid/75665
18
reference_url https://www.djangoproject.com/weblog/2015/jul/08/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/jul/08/security-releases
19
reference_url https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
20
reference_url http://www.debian.org/security/2015/dsa-3305
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3305
21
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
22
reference_url http://www.securityfocus.com/bid/75665
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/75665
23
reference_url http://www.securitytracker.com/id/1032820
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1032820
24
reference_url http://www.ubuntu.com/usn/USN-2671-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2671-1
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1239011
reference_id 1239011
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1239011
fixed_packages
0
url pkg:pypi/django@1.4.21
purl pkg:pypi/django@1.4.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-kq8u-td31-uqaa
8
vulnerability VCID-ksh8-pazn-dbca
9
vulnerability VCID-rxxr-sseq-k7a9
10
vulnerability VCID-th75-ys47-d3h8
11
vulnerability VCID-u6sd-648r-qbdb
12
vulnerability VCID-vdpf-jddk-syda
13
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.21
1
url pkg:pypi/django@1.7.9
purl pkg:pypi/django@1.7.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-kq8u-td31-uqaa
8
vulnerability VCID-ksh8-pazn-dbca
9
vulnerability VCID-rxxr-sseq-k7a9
10
vulnerability VCID-th75-ys47-d3h8
11
vulnerability VCID-vdpf-jddk-syda
12
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.9
2
url pkg:pypi/django@1.8.3
purl pkg:pypi/django@1.8.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-c58g-7jpv-t7hc
8
vulnerability VCID-kq8u-td31-uqaa
9
vulnerability VCID-ksh8-pazn-dbca
10
vulnerability VCID-qy2a-mvpz-q7eh
11
vulnerability VCID-rruq-9scz-vbg8
12
vulnerability VCID-rxxr-sseq-k7a9
13
vulnerability VCID-upbz-vg19-rugv
14
vulnerability VCID-vdpf-jddk-syda
15
vulnerability VCID-weqb-fxu4-17e7
16
vulnerability VCID-x61x-6b6k-h3bn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.3
aliases CVE-2015-5144, GHSA-q5qw-4364-5hhm, PYSEC-2015-10
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mccp-khb9-qkb7
12
url VCID-rxxr-sseq-k7a9
vulnerability_id VCID-rxxr-sseq-k7a9
summary The get_format function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2 might allow remote attackers to obtain sensitive application secrets via a settings key in place of a date/time format setting, as demonstrated by SECRET_KEY.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173375.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173375.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174770.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174770.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2015-12/msg00014.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-12/msg00014.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2015-12/msg00017.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-12/msg00017.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-0129.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0129.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2016-0156.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0156.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2016-0157.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0157.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2016-0158.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0158.html
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8213.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8213.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8213
reference_id
reference_type
scores
0
value 0.03006
scoring_system epss
scoring_elements 0.86833
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8213
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8213
11
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
12
reference_url https://github.com/django/django/commit/316bc3fc9437c5960c24baceb93c73f1939711e4
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/316bc3fc9437c5960c24baceb93c73f1939711e4
13
reference_url https://github.com/django/django/commit/3ebbda0aef9e7a90ac6208bb8f9bc21228e2c7da
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/3ebbda0aef9e7a90ac6208bb8f9bc21228e2c7da
14
reference_url https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172
15
reference_url https://github.com/django/django/commit/9f83fc2f66f5a0bac7c291aec55df66050bb6991
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/9f83fc2f66f5a0bac7c291aec55df66050bb6991
16
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-11.yaml
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-11.yaml
17
reference_url https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued
18
reference_url https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/
19
reference_url http://www.debian.org/security/2015/dsa-3404
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3404
20
reference_url http://www.securityfocus.com/bid/77750
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/77750
21
reference_url http://www.securitytracker.com/id/1034237
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1034237
22
reference_url http://www.ubuntu.com/usn/USN-2816-1
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2816-1
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1283553
reference_id 1283553
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1283553
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8213
reference_id CVE-2015-8213
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-8213
25
reference_url https://github.com/advisories/GHSA-6wcr-wcqm-3mfh
reference_id GHSA-6wcr-wcqm-3mfh
reference_type
scores
url https://github.com/advisories/GHSA-6wcr-wcqm-3mfh
26
reference_url https://access.redhat.com/errata/RHSA-2016:0129
reference_id RHSA-2016:0129
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0129
27
reference_url https://access.redhat.com/errata/RHSA-2016:0156
reference_id RHSA-2016:0156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0156
28
reference_url https://access.redhat.com/errata/RHSA-2016:0157
reference_id RHSA-2016:0157
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0157
29
reference_url https://access.redhat.com/errata/RHSA-2016:0158
reference_id RHSA-2016:0158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0158
30
reference_url https://access.redhat.com/errata/RHSA-2016:0360
reference_id RHSA-2016:0360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0360
fixed_packages
0
url pkg:pypi/django@1.7.11
purl pkg:pypi/django@1.7.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-ksh8-pazn-dbca
7
vulnerability VCID-vdpf-jddk-syda
8
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.11
1
url pkg:pypi/django@1.8.7
purl pkg:pypi/django@1.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-c58g-7jpv-t7hc
7
vulnerability VCID-ksh8-pazn-dbca
8
vulnerability VCID-qy2a-mvpz-q7eh
9
vulnerability VCID-rruq-9scz-vbg8
10
vulnerability VCID-upbz-vg19-rugv
11
vulnerability VCID-vdpf-jddk-syda
12
vulnerability VCID-weqb-fxu4-17e7
13
vulnerability VCID-x61x-6b6k-h3bn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.7
2
url pkg:pypi/django@1.9rc2
purl pkg:pypi/django@1.9rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-5q58-pzt4-8uey
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-rruq-9scz-vbg8
4
vulnerability VCID-vdpf-jddk-syda
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9rc2
aliases CVE-2015-8213, GHSA-6wcr-wcqm-3mfh, PYSEC-2015-11
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rxxr-sseq-k7a9
13
url VCID-th75-ys47-d3h8
vulnerability_id VCID-th75-ys47-d3h8
summary The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-1766.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1766.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-1767.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1767.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-1894.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1894.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5964.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5964.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5964
reference_id
reference_type
scores
0
value 0.04693
scoring_system epss
scoring_elements 0.89537
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5964
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5963
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5963
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5964
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5964
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/django/django/commit/2f5485346ee6f84b4e52068c04e043092daf55f7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2f5485346ee6f84b4e52068c04e043092daf55f7
10
reference_url https://github.com/django/django/commit/575f59f9bc7c59a5e41a081d1f5f55fc859c5012
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/575f59f9bc7c59a5e41a081d1f5f55fc859c5012
11
reference_url https://github.com/django/django/commit/8cc41ce7a7a8f6bebfdd89d5ab276cd0109f4fc5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/8cc41ce7a7a8f6bebfdd89d5ab276cd0109f4fc5
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-23.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-23.yaml
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5964
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5964
14
reference_url https://web.archive.org/web/20150906124157/http://www.securityfocus.com/bid/76440
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150906124157/http://www.securityfocus.com/bid/76440
15
reference_url https://web.archive.org/web/20150923161048/http://www.securitytracker.com/id/1033318
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150923161048/http://www.securitytracker.com/id/1033318
16
reference_url https://web.archive.org/web/20200228051814/http://www.securityfocus.com/bid/76440
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228051814/http://www.securityfocus.com/bid/76440
17
reference_url https://www.djangoproject.com/weblog/2015/aug/18/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/aug/18/security-releases
18
reference_url https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
19
reference_url http://www.debian.org/security/2015/dsa-3338
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3338
20
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
21
reference_url http://www.securityfocus.com/bid/76440
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/76440
22
reference_url http://www.securitytracker.com/id/1033318
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1033318
23
reference_url http://www.ubuntu.com/usn/USN-2720-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2720-1
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1252891
reference_id 1252891
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1252891
25
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796104
reference_id 796104
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796104
26
reference_url https://access.redhat.com/errata/RHSA-2015:1766
reference_id RHSA-2015:1766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1766
27
reference_url https://access.redhat.com/errata/RHSA-2015:1767
reference_id RHSA-2015:1767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1767
28
reference_url https://access.redhat.com/errata/RHSA-2015:1894
reference_id RHSA-2015:1894
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1894
fixed_packages
0
url pkg:pypi/django@1.4.22
purl pkg:pypi/django@1.4.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-ksh8-pazn-dbca
7
vulnerability VCID-rxxr-sseq-k7a9
8
vulnerability VCID-u6sd-648r-qbdb
9
vulnerability VCID-vdpf-jddk-syda
10
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.22
1
url pkg:pypi/django@1.7.10
purl pkg:pypi/django@1.7.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-ksh8-pazn-dbca
7
vulnerability VCID-rxxr-sseq-k7a9
8
vulnerability VCID-vdpf-jddk-syda
9
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.10
aliases CVE-2015-5964, GHSA-x38m-486c-2wr9, PYSEC-2015-23
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-th75-ys47-d3h8
14
url VCID-u6sd-648r-qbdb
vulnerability_id VCID-u6sd-648r-qbdb
summary Cross-site scripting (XSS) vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a model attribute in ModelAdmin.readonly_fields, as demonstrated by a @property.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2241.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2241.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-2241
reference_id
reference_type
scores
0
value 0.00257
scoring_system epss
scoring_elements 0.49293
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-2241
2
reference_url https://code.djangoproject.com/ticket/24461
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://code.djangoproject.com/ticket/24461
3
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
4
reference_url https://github.com/django/django/commit/2654e1b93923bac55f12b4e66c5e39b16695ace5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2654e1b93923bac55f12b4e66c5e39b16695ace5
5
reference_url https://github.com/django/django/commit/82c9169077a066995e3b00aac551bf1c8a89d98a
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/82c9169077a066995e3b00aac551bf1c8a89d98a
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-8.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-8.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-2241
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-2241
8
reference_url https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109
9
reference_url https://web.archive.org/web/20171112005349/http://www.securityfocus.com/bid/73095
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20171112005349/http://www.securityfocus.com/bid/73095
10
reference_url https://www.djangoproject.com/weblog/2015/mar/09/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/mar/09/security-releases
11
reference_url https://www.djangoproject.com/weblog/2015/mar/09/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/mar/09/security-releases/
12
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:109
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:109
13
reference_url http://www.securityfocus.com/bid/73095
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/73095
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1200922
reference_id 1200922
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1200922
fixed_packages
0
url pkg:pypi/django@1.7.6
purl pkg:pypi/django@1.7.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-bahz-gfxv-e3b2
8
vulnerability VCID-jfya-694v-myar
9
vulnerability VCID-kq8u-td31-uqaa
10
vulnerability VCID-ksh8-pazn-dbca
11
vulnerability VCID-mccp-khb9-qkb7
12
vulnerability VCID-rxxr-sseq-k7a9
13
vulnerability VCID-th75-ys47-d3h8
14
vulnerability VCID-vacy-878s-3kfb
15
vulnerability VCID-vdpf-jddk-syda
16
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.6
1
url pkg:pypi/django@1.8b2
purl pkg:pypi/django@1.8b2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-bahz-gfxv-e3b2
8
vulnerability VCID-c58g-7jpv-t7hc
9
vulnerability VCID-ksh8-pazn-dbca
10
vulnerability VCID-rruq-9scz-vbg8
11
vulnerability VCID-vacy-878s-3kfb
12
vulnerability VCID-vdpf-jddk-syda
13
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8b2
aliases CVE-2015-2241, GHSA-6565-fg86-6jcx, PYSEC-2015-8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u6sd-648r-qbdb
15
url VCID-vdpf-jddk-syda
vulnerability_id VCID-vdpf-jddk-syda
summary insufficient validation
references
0
reference_url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19844.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19844.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19844
reference_id
reference_type
scores
0
value 0.15418
scoring_system epss
scoring_elements 0.94771
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19844
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844
4
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
5
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
6
reference_url https://github.com/advisories/GHSA-vfq6-hq5r-27r6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-vfq6-hq5r-27r6
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26
9
reference_url https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e
10
reference_url https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
11
reference_url https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml
13
reference_url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
16
reference_url https://seclists.org/bugtraq/2020/Jan/9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2020/Jan/9
17
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
18
reference_url https://security.netapp.com/advisory/ntap-20200110-0003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200110-0003
19
reference_url https://security.netapp.com/advisory/ntap-20200110-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200110-0003/
20
reference_url https://usn.ubuntu.com/4224-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4224-1
21
reference_url https://usn.ubuntu.com/4224-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4224-1/
22
reference_url https://www.debian.org/security/2020/dsa-4598
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4598
23
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases
24
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1788425
reference_id 1788425
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1788425
26
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937
reference_id 946937
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937
27
reference_url https://security.archlinux.org/AVG-1080
reference_id AVG-1080
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1080
28
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md
reference_id CVE-2019-19844
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19844
reference_id CVE-2019-19844
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19844
30
reference_url https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
reference_id CVE-2019-19844
reference_type exploit
scores
url https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
fixed_packages
0
url pkg:pypi/django@1.11.27
purl pkg:pypi/django@1.11.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-5q58-pzt4-8uey
2
vulnerability VCID-9mpt-zxaw-kkeg
3
vulnerability VCID-m4wa-xv9b-q7ce
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.27
1
url pkg:pypi/django@2.2.9
purl pkg:pypi/django@2.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4cp2-k4mn-8ffj
2
vulnerability VCID-51tx-4tp9-kbcz
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6jpg-yrf8-cufy
5
vulnerability VCID-9end-mq19-rke5
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-attf-6gj8-ebaj
8
vulnerability VCID-drwp-htkk-bkfh
9
vulnerability VCID-fhp8-tck4-mye4
10
vulnerability VCID-fksk-pr23-2yd8
11
vulnerability VCID-hh9b-52xn-z7a9
12
vulnerability VCID-j81e-su1y-tqa6
13
vulnerability VCID-m4wa-xv9b-q7ce
14
vulnerability VCID-n9vn-4uxr-hkau
15
vulnerability VCID-na9w-xkvx-cbhd
16
vulnerability VCID-nss9-1yrb-x7f2
17
vulnerability VCID-q8r2-m9s6-rbek
18
vulnerability VCID-qvfs-2v1h-p3h4
19
vulnerability VCID-u9q1-63gf-7feh
20
vulnerability VCID-wnxx-rc7w-cke4
21
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9
2
url pkg:pypi/django@3.0.1
purl pkg:pypi/django@3.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-4cp2-k4mn-8ffj
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-9mpt-zxaw-kkeg
4
vulnerability VCID-fhp8-tck4-mye4
5
vulnerability VCID-hh9b-52xn-z7a9
6
vulnerability VCID-m4wa-xv9b-q7ce
7
vulnerability VCID-na9w-xkvx-cbhd
8
vulnerability VCID-q8r2-m9s6-rbek
9
vulnerability VCID-qvfs-2v1h-p3h4
10
vulnerability VCID-wnxx-rc7w-cke4
11
vulnerability VCID-z4x1-e7tp-rqhz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.1
aliases CVE-2019-19844, GHSA-vfq6-hq5r-27r6, PYSEC-2019-16
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vdpf-jddk-syda
16
url VCID-weqb-fxu4-17e7
vulnerability_id VCID-weqb-fxu4-17e7
summary The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2038.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2038.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2039.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2039.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-2040.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2040.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-2041.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2041.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-2042.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2042.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2016-2043.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2043.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7401.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7401.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7401
reference_id
reference_type
scores
0
value 0.06156
scoring_system epss
scoring_elements 0.9098
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7401
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/django/django/commit/6118ab7d0676f0d622278e5be215f14fb5410b6a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6118ab7d0676f0d622278e5be215f14fb5410b6a
10
reference_url https://github.com/django/django/commit/6fe846a8f08dc959003f298b5407e321c6fe3735
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6fe846a8f08dc959003f298b5407e321c6fe3735
11
reference_url https://github.com/django/django/commit/d1bc980db1c0fffd6d60677e62f70beadb9fe64a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d1bc980db1c0fffd6d60677e62f70beadb9fe64a
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-3.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-3.yaml
13
reference_url https://web.archive.org/web/20200227223637/http://www.securityfocus.com/bid/93182
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227223637/http://www.securityfocus.com/bid/93182
14
reference_url https://web.archive.org/web/20210927195154/http://www.securitytracker.com/id/1036899
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210927195154/http://www.securitytracker.com/id/1036899
15
reference_url https://www.djangoproject.com/weblog/2016/sep/26/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2016/sep/26/security-releases
16
reference_url https://www.djangoproject.com/weblog/2016/sep/26/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2016/sep/26/security-releases/
17
reference_url http://www.debian.org/security/2016/dsa-3678
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3678
18
reference_url http://www.securityfocus.com/bid/93182
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/93182
19
reference_url http://www.securitytracker.com/id/1036899
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036899
20
reference_url http://www.ubuntu.com/usn/USN-3089-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-3089-1
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1377376
reference_id 1377376
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1377376
22
reference_url https://security.archlinux.org/ASA-201610-13
reference_id ASA-201610-13
reference_type
scores
url https://security.archlinux.org/ASA-201610-13
23
reference_url https://security.archlinux.org/AVG-35
reference_id AVG-35
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-35
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7401
reference_id CVE-2016-7401
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7401
25
reference_url https://github.com/advisories/GHSA-crhm-qpjc-cm64
reference_id GHSA-crhm-qpjc-cm64
reference_type
scores
url https://github.com/advisories/GHSA-crhm-qpjc-cm64
26
reference_url https://access.redhat.com/errata/RHSA-2016:2038
reference_id RHSA-2016:2038
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2038
27
reference_url https://access.redhat.com/errata/RHSA-2016:2039
reference_id RHSA-2016:2039
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2039
28
reference_url https://access.redhat.com/errata/RHSA-2016:2040
reference_id RHSA-2016:2040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2040
29
reference_url https://access.redhat.com/errata/RHSA-2016:2041
reference_id RHSA-2016:2041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2041
30
reference_url https://access.redhat.com/errata/RHSA-2016:2042
reference_id RHSA-2016:2042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2042
31
reference_url https://access.redhat.com/errata/RHSA-2016:2043
reference_id RHSA-2016:2043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2043
fixed_packages
0
url pkg:pypi/django@1.8.15
purl pkg:pypi/django@1.8.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-5q58-pzt4-8uey
2
vulnerability VCID-8gus-er59-1qak
3
vulnerability VCID-9mpt-zxaw-kkeg
4
vulnerability VCID-c58g-7jpv-t7hc
5
vulnerability VCID-qy2a-mvpz-q7eh
6
vulnerability VCID-rruq-9scz-vbg8
7
vulnerability VCID-upbz-vg19-rugv
8
vulnerability VCID-vdpf-jddk-syda
9
vulnerability VCID-x61x-6b6k-h3bn
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.15
1
url pkg:pypi/django@1.9.10
purl pkg:pypi/django@1.9.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-5q58-pzt4-8uey
2
vulnerability VCID-8gus-er59-1qak
3
vulnerability VCID-9mpt-zxaw-kkeg
4
vulnerability VCID-qy2a-mvpz-q7eh
5
vulnerability VCID-rruq-9scz-vbg8
6
vulnerability VCID-upbz-vg19-rugv
7
vulnerability VCID-vdpf-jddk-syda
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.10
aliases CVE-2016-7401, GHSA-crhm-qpjc-cm64, PYSEC-2016-3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-weqb-fxu4-17e7
Fixing_vulnerabilities
0
url VCID-5vmb-d4xp-zfgy
vulnerability_id VCID-5vmb-d4xp-zfgy
summary Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X-Auth_User header.
references
0
reference_url http://advisories.mageia.org/MGASA-2015-0026.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2015-0026.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html
5
reference_url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0219.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0219.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0219
reference_id
reference_type
scores
0
value 0.04836
scoring_system epss
scoring_elements 0.89703
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0219
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0219
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0219
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0220
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0220
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0221
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0221
11
reference_url http://secunia.com/advisories/62285
reference_id
reference_type
scores
url http://secunia.com/advisories/62285
12
reference_url http://secunia.com/advisories/62309
reference_id
reference_type
scores
url http://secunia.com/advisories/62309
13
reference_url http://secunia.com/advisories/62718
reference_id
reference_type
scores
url http://secunia.com/advisories/62718
14
reference_url https://github.com/django/daphne/blob/e49c39a4e5fac8ec170dd653641a9e90844fd3f1/daphne/http_protocol.py#L151
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/daphne/blob/e49c39a4e5fac8ec170dd653641a9e90844fd3f1/daphne/http_protocol.py#L151
15
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
16
reference_url https://github.com/django/django/commit/41b4bc73ee0da7b2e09f4af47fc1fd21144c710f
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/41b4bc73ee0da7b2e09f4af47fc1fd21144c710f
17
reference_url https://github.com/django/django/commit/4f6fffc1dc429f1ad428ecf8e6620739e8837450
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4f6fffc1dc429f1ad428ecf8e6620739e8837450
18
reference_url https://github.com/django/django/commit/d7597b31d5c03106eeba4be14a33b32a5e25f4ee
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d7597b31d5c03106eeba4be14a33b32a5e25f4ee
19
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-4.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-4.yaml
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0219
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0219
21
reference_url https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62285
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62285
22
reference_url https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62309
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62309
23
reference_url https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109
24
reference_url https://web.archive.org/web/20150523054953/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:036/?name=MDVSA-2015:036
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150523054953/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:036/?name=MDVSA-2015:036
25
reference_url https://web.archive.org/web/20151104201446/http://secunia.com/advisories/62718
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20151104201446/http://secunia.com/advisories/62718
26
reference_url https://www.djangoproject.com/weblog/2015/jan/13/security
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/jan/13/security
27
reference_url https://www.djangoproject.com/weblog/2015/jan/13/security/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/jan/13/security/
28
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:036
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:036
29
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:109
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:109
30
reference_url http://www.ubuntu.com/usn/USN-2469-1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2469-1
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1179672
reference_id 1179672
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1179672
32
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375
reference_id 775375
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375
fixed_packages
0
url pkg:pypi/django@1.4.18
purl pkg:pypi/django@1.4.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-bahz-gfxv-e3b2
8
vulnerability VCID-jfya-694v-myar
9
vulnerability VCID-kq8u-td31-uqaa
10
vulnerability VCID-ksh8-pazn-dbca
11
vulnerability VCID-mccp-khb9-qkb7
12
vulnerability VCID-rxxr-sseq-k7a9
13
vulnerability VCID-th75-ys47-d3h8
14
vulnerability VCID-u6sd-648r-qbdb
15
vulnerability VCID-vdpf-jddk-syda
16
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.18
1
url pkg:pypi/django@1.6.10
purl pkg:pypi/django@1.6.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-bahz-gfxv-e3b2
7
vulnerability VCID-jfya-694v-myar
8
vulnerability VCID-ksh8-pazn-dbca
9
vulnerability VCID-mccp-khb9-qkb7
10
vulnerability VCID-rxxr-sseq-k7a9
11
vulnerability VCID-u6sd-648r-qbdb
12
vulnerability VCID-vacy-878s-3kfb
13
vulnerability VCID-vdpf-jddk-syda
14
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.10
2
url pkg:pypi/django@1.7.3
purl pkg:pypi/django@1.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-bahz-gfxv-e3b2
8
vulnerability VCID-jfya-694v-myar
9
vulnerability VCID-kq8u-td31-uqaa
10
vulnerability VCID-ksh8-pazn-dbca
11
vulnerability VCID-mccp-khb9-qkb7
12
vulnerability VCID-rxxr-sseq-k7a9
13
vulnerability VCID-th75-ys47-d3h8
14
vulnerability VCID-u6sd-648r-qbdb
15
vulnerability VCID-vacy-878s-3kfb
16
vulnerability VCID-vdpf-jddk-syda
17
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.3
aliases CVE-2015-0219, GHSA-7qfw-j7hp-v45g, PYSEC-2015-4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5vmb-d4xp-zfgy
1
url VCID-912q-3eks-4yfm
vulnerability_id VCID-912q-3eks-4yfm
summary The django.util.http.is_safe_url function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL, related to redirect URLs, as demonstrated by a "\njavascript:" URL.
references
0
reference_url http://advisories.mageia.org/MGASA-2015-0026.html
reference_id
reference_type
scores
url http://advisories.mageia.org/MGASA-2015-0026.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0220.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0220.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0220
reference_id
reference_type
scores
0
value 0.02154
scoring_system epss
scoring_elements 0.84577
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0220
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0219
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0219
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0220
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0220
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0221
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0221
10
reference_url http://secunia.com/advisories/62285
reference_id
reference_type
scores
url http://secunia.com/advisories/62285
11
reference_url http://secunia.com/advisories/62309
reference_id
reference_type
scores
url http://secunia.com/advisories/62309
12
reference_url http://secunia.com/advisories/62718
reference_id
reference_type
scores
url http://secunia.com/advisories/62718
13
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
14
reference_url https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.4.18.txt#L34-L46
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.4.18.txt#L34-L46
15
reference_url https://github.com/django/django/commit/4c241f1b710da6419d9dca160e80b23b82db7758
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4c241f1b710da6419d9dca160e80b23b82db7758
16
reference_url https://github.com/django/django/commit/72e0b033662faa11bb7f516f18a132728aa0ae28
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/72e0b033662faa11bb7f516f18a132728aa0ae28
17
reference_url https://github.com/django/django/commit/de67dedc771ad2edec15c1d00c083a1a084e1e89
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/de67dedc771ad2edec15c1d00c083a1a084e1e89
18
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-5.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-5.yaml
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0220
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0220
20
reference_url https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62285
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62285
21
reference_url https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109
22
reference_url https://web.archive.org/web/20150523054953/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:036/?name=MDVSA-2015:036
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150523054953/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:036/?name=MDVSA-2015:036
23
reference_url https://web.archive.org/web/20151104201446/http://secunia.com/advisories/62718
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20151104201446/http://secunia.com/advisories/62718
24
reference_url https://www.djangoproject.com/weblog/2015/jan/13/security
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/jan/13/security
25
reference_url https://www.djangoproject.com/weblog/2015/jan/13/security/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/jan/13/security/
26
reference_url http://ubuntu.com/usn/usn-2469-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-2469-1
27
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:036
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:036
28
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:109
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:109
29
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1179675
reference_id 1179675
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1179675
30
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375
reference_id 775375
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375
fixed_packages
0
url pkg:pypi/django@1.4.18
purl pkg:pypi/django@1.4.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-bahz-gfxv-e3b2
8
vulnerability VCID-jfya-694v-myar
9
vulnerability VCID-kq8u-td31-uqaa
10
vulnerability VCID-ksh8-pazn-dbca
11
vulnerability VCID-mccp-khb9-qkb7
12
vulnerability VCID-rxxr-sseq-k7a9
13
vulnerability VCID-th75-ys47-d3h8
14
vulnerability VCID-u6sd-648r-qbdb
15
vulnerability VCID-vdpf-jddk-syda
16
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.18
1
url pkg:pypi/django@1.6.10
purl pkg:pypi/django@1.6.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-bahz-gfxv-e3b2
7
vulnerability VCID-jfya-694v-myar
8
vulnerability VCID-ksh8-pazn-dbca
9
vulnerability VCID-mccp-khb9-qkb7
10
vulnerability VCID-rxxr-sseq-k7a9
11
vulnerability VCID-u6sd-648r-qbdb
12
vulnerability VCID-vacy-878s-3kfb
13
vulnerability VCID-vdpf-jddk-syda
14
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.10
2
url pkg:pypi/django@1.7.3
purl pkg:pypi/django@1.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-bahz-gfxv-e3b2
8
vulnerability VCID-jfya-694v-myar
9
vulnerability VCID-kq8u-td31-uqaa
10
vulnerability VCID-ksh8-pazn-dbca
11
vulnerability VCID-mccp-khb9-qkb7
12
vulnerability VCID-rxxr-sseq-k7a9
13
vulnerability VCID-th75-ys47-d3h8
14
vulnerability VCID-u6sd-648r-qbdb
15
vulnerability VCID-vacy-878s-3kfb
16
vulnerability VCID-vdpf-jddk-syda
17
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.3
aliases CVE-2015-0220, GHSA-gv98-g628-m9x5, PYSEC-2015-5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-912q-3eks-4yfm
2
url VCID-dh12-js4b-h7fw
vulnerability_id VCID-dh12-js4b-h7fw
summary ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.
references
0
reference_url http://advisories.mageia.org/MGASA-2015-0026.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2015-0026.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html
5
reference_url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0222.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0222.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0222
reference_id
reference_type
scores
0
value 0.0429
scoring_system epss
scoring_elements 0.89046
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0222
8
reference_url http://secunia.com/advisories/62285
reference_id
reference_type
scores
url http://secunia.com/advisories/62285
9
reference_url http://secunia.com/advisories/62309
reference_id
reference_type
scores
url http://secunia.com/advisories/62309
10
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
11
reference_url https://github.com/django/django/commit/bcfb47780ce7caecb409a9e9c1c314266e41d392
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/bcfb47780ce7caecb409a9e9c1c314266e41d392
12
reference_url https://github.com/django/django/commit/d7a06ee7e571b6dad07c0f5b519b1db02e2a476c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d7a06ee7e571b6dad07c0f5b519b1db02e2a476c
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-7.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-7.yaml
14
reference_url https://web.archive.org/web/20161201073154/http://secunia.com/advisories/62285
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161201073154/http://secunia.com/advisories/62285
15
reference_url https://web.archive.org/web/20161201073337/http://secunia.com/advisories/62309
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20161201073337/http://secunia.com/advisories/62309
16
reference_url https://www.djangoproject.com/weblog/2015/jan/13/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/jan/13/security
17
reference_url https://www.djangoproject.com/weblog/2015/jan/13/security/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/jan/13/security/
18
reference_url http://ubuntu.com/usn/usn-2469-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-2469-1
19
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:109
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:109
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1179685
reference_id 1179685
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1179685
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375
reference_id 775375
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0222
reference_id CVE-2015-0222
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0222
23
reference_url https://github.com/advisories/GHSA-6g95-x6cj-mg4v
reference_id GHSA-6g95-x6cj-mg4v
reference_type
scores
url https://github.com/advisories/GHSA-6g95-x6cj-mg4v
fixed_packages
0
url pkg:pypi/django@1.4.18
purl pkg:pypi/django@1.4.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-bahz-gfxv-e3b2
8
vulnerability VCID-jfya-694v-myar
9
vulnerability VCID-kq8u-td31-uqaa
10
vulnerability VCID-ksh8-pazn-dbca
11
vulnerability VCID-mccp-khb9-qkb7
12
vulnerability VCID-rxxr-sseq-k7a9
13
vulnerability VCID-th75-ys47-d3h8
14
vulnerability VCID-u6sd-648r-qbdb
15
vulnerability VCID-vdpf-jddk-syda
16
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.18
1
url pkg:pypi/django@1.6.10
purl pkg:pypi/django@1.6.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-bahz-gfxv-e3b2
7
vulnerability VCID-jfya-694v-myar
8
vulnerability VCID-ksh8-pazn-dbca
9
vulnerability VCID-mccp-khb9-qkb7
10
vulnerability VCID-rxxr-sseq-k7a9
11
vulnerability VCID-u6sd-648r-qbdb
12
vulnerability VCID-vacy-878s-3kfb
13
vulnerability VCID-vdpf-jddk-syda
14
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.10
2
url pkg:pypi/django@1.7.3
purl pkg:pypi/django@1.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-bahz-gfxv-e3b2
8
vulnerability VCID-jfya-694v-myar
9
vulnerability VCID-kq8u-td31-uqaa
10
vulnerability VCID-ksh8-pazn-dbca
11
vulnerability VCID-mccp-khb9-qkb7
12
vulnerability VCID-rxxr-sseq-k7a9
13
vulnerability VCID-th75-ys47-d3h8
14
vulnerability VCID-u6sd-648r-qbdb
15
vulnerability VCID-vacy-878s-3kfb
16
vulnerability VCID-vdpf-jddk-syda
17
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.3
aliases CVE-2015-0222, GHSA-6g95-x6cj-mg4v, PYSEC-2015-7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dh12-js4b-h7fw
3
url VCID-ta66-7qrm-sbhu
vulnerability_id VCID-ta66-7qrm-sbhu
summary The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service (memory consumption) via a long line in a file.
references
0
reference_url http://advisories.mageia.org/MGASA-2015-0026.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://advisories.mageia.org/MGASA-2015-0026.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html
5
reference_url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0221.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0221.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0221
reference_id
reference_type
scores
0
value 0.07842
scoring_system epss
scoring_elements 0.92136
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0221
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0219
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0219
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0220
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0220
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0221
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0221
11
reference_url http://secunia.com/advisories/62285
reference_id
reference_type
scores
url http://secunia.com/advisories/62285
12
reference_url http://secunia.com/advisories/62309
reference_id
reference_type
scores
url http://secunia.com/advisories/62309
13
reference_url http://secunia.com/advisories/62718
reference_id
reference_type
scores
url http://secunia.com/advisories/62718
14
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
15
reference_url https://github.com/django/django/blob/9b9c805cedb08621bd5dc58a01a6478eb7cc49a9/docs/releases/1.4.18.txt#L48C1-L49C1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/blob/9b9c805cedb08621bd5dc58a01a6478eb7cc49a9/docs/releases/1.4.18.txt#L48C1-L49C1
16
reference_url https://github.com/django/django/commit/553779c4055e8742cc832ed525b9ee34b174934f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/553779c4055e8742cc832ed525b9ee34b174934f
17
reference_url https://github.com/django/django/commit/818e59a3f0fbadf6c447754d202d88df025f8f2a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/818e59a3f0fbadf6c447754d202d88df025f8f2a
18
reference_url https://github.com/django/django/commit/d020da6646c5142bc092247d218a3d1ce3e993f7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d020da6646c5142bc092247d218a3d1ce3e993f7
19
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-6.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-6.yaml
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0221
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0221
21
reference_url https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62285
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62285
22
reference_url https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62309
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62309
23
reference_url https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109
24
reference_url https://web.archive.org/web/20150523054953/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:036/?name=MDVSA-2015:036
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150523054953/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:036/?name=MDVSA-2015:036
25
reference_url https://web.archive.org/web/20151104201446/http://secunia.com/advisories/62718
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20151104201446/http://secunia.com/advisories/62718
26
reference_url https://www.djangoproject.com/weblog/2015/jan/13/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/jan/13/security
27
reference_url https://www.djangoproject.com/weblog/2015/jan/13/security/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/jan/13/security/
28
reference_url http://ubuntu.com/usn/usn-2469-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-2469-1
29
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:036
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:036
30
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:109
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:109
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1179679
reference_id 1179679
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1179679
32
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375
reference_id 775375
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375
fixed_packages
0
url pkg:pypi/django@1.4.18
purl pkg:pypi/django@1.4.18
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-bahz-gfxv-e3b2
8
vulnerability VCID-jfya-694v-myar
9
vulnerability VCID-kq8u-td31-uqaa
10
vulnerability VCID-ksh8-pazn-dbca
11
vulnerability VCID-mccp-khb9-qkb7
12
vulnerability VCID-rxxr-sseq-k7a9
13
vulnerability VCID-th75-ys47-d3h8
14
vulnerability VCID-u6sd-648r-qbdb
15
vulnerability VCID-vdpf-jddk-syda
16
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.18
1
url pkg:pypi/django@1.6.10
purl pkg:pypi/django@1.6.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29qk-rv5n-efbm
1
vulnerability VCID-3kza-a88p-kfg7
2
vulnerability VCID-5q58-pzt4-8uey
3
vulnerability VCID-6wah-r8vr-5qc4
4
vulnerability VCID-8gus-er59-1qak
5
vulnerability VCID-9mpt-zxaw-kkeg
6
vulnerability VCID-bahz-gfxv-e3b2
7
vulnerability VCID-jfya-694v-myar
8
vulnerability VCID-ksh8-pazn-dbca
9
vulnerability VCID-mccp-khb9-qkb7
10
vulnerability VCID-rxxr-sseq-k7a9
11
vulnerability VCID-u6sd-648r-qbdb
12
vulnerability VCID-vacy-878s-3kfb
13
vulnerability VCID-vdpf-jddk-syda
14
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.10
2
url pkg:pypi/django@1.7.3
purl pkg:pypi/django@1.7.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-12d7-vc63-rkdy
1
vulnerability VCID-29qk-rv5n-efbm
2
vulnerability VCID-3kza-a88p-kfg7
3
vulnerability VCID-5q58-pzt4-8uey
4
vulnerability VCID-6wah-r8vr-5qc4
5
vulnerability VCID-8gus-er59-1qak
6
vulnerability VCID-9mpt-zxaw-kkeg
7
vulnerability VCID-bahz-gfxv-e3b2
8
vulnerability VCID-jfya-694v-myar
9
vulnerability VCID-kq8u-td31-uqaa
10
vulnerability VCID-ksh8-pazn-dbca
11
vulnerability VCID-mccp-khb9-qkb7
12
vulnerability VCID-rxxr-sseq-k7a9
13
vulnerability VCID-th75-ys47-d3h8
14
vulnerability VCID-u6sd-648r-qbdb
15
vulnerability VCID-vacy-878s-3kfb
16
vulnerability VCID-vdpf-jddk-syda
17
vulnerability VCID-weqb-fxu4-17e7
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.3
aliases CVE-2015-0221, GHSA-jhjg-w2cp-5j44, PYSEC-2015-6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ta66-7qrm-sbhu
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.18