Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/python-django@4.2.19-1?arch=el9pc

Type rpm

Namespace redhat

Name python-django

Version 4.2.19-1

Qualifiers

arch	el9pc

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-duvn-u125-dqan

vulnerability_id

VCID-duvn-u125-dqan

summary

Requests `Session` object does not verify requests after making first request with verify=False
When using a `requests.Session`, if the first request to a given origin is made with `verify=False`, TLS certificate verification may remain disabled for all subsequent requests to that origin, even if `verify=True` is explicitly specified later.

This occurs because the underlying connection is reused from the session's connection pool, causing the initial TLS verification setting to persist for the lifetime of the pooled connection. As a result, applications may unintentionally send requests without certificate verification, leading to potential man-in-the-middle attacks and compromised confidentiality or integrity.

This behavior affects versions of `requests` prior to 2.32.0.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35195.json

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35195.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-35195

reference_id

reference_type

scores

value	0.00044
scoring_system	epss
scoring_elements	0.13564
published_at	2026-04-24T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13552
published_at	2026-04-21T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13481
published_at	2026-04-18T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13691
published_at	2026-04-02T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13485
published_at	2026-04-16T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.1357
published_at	2026-04-13T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13618
published_at	2026-04-12T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13654
published_at	2026-04-11T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13685
published_at	2026-04-09T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13633
published_at	2026-04-08T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13553
published_at	2026-04-07T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13752
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-35195

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35195
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35195

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/psf/requests

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/psf/requests

reference_url

https://github.com/psf/requests/commit/a58d7f2ffb4d00b46dca2d70a3932a0b37e22fac

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-21T14:17:58Z/

url

https://github.com/psf/requests/commit/a58d7f2ffb4d00b46dca2d70a3932a0b37e22fac

reference_url

https://github.com/psf/requests/pull/6655

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-21T14:17:58Z/

url

https://github.com/psf/requests/pull/6655

reference_url

https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-21T14:17:58Z/

url

https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-35195

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-35195

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071593
reference_id	1071593
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071593

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2282114
reference_id	2282114
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2282114

reference_url

https://github.com/advisories/GHSA-9wx4-h78v-vm56

reference_id

GHSA-9wx4-h78v-vm56

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9wx4-h78v-vm56

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q/

reference_id

IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-21T14:17:58Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYLSNK5TL46Q6XPRVMHVWS63MVJQOK4Q/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ/

reference_id

N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-21T14:17:58Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N7WP6EYDSUOCOJYHDK5NX43PYZ4SNHGZ/

reference_url	https://access.redhat.com/errata/RHSA-2024:3781
reference_id	RHSA-2024:3781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3781

reference_url	https://access.redhat.com/errata/RHSA-2024:4522
reference_id	RHSA-2024:4522
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4522

reference_url	https://access.redhat.com/errata/RHSA-2024:9988
reference_id	RHSA-2024:9988
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9988

reference_url	https://access.redhat.com/errata/RHSA-2025:0012
reference_id	RHSA-2025:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0012

reference_url	https://access.redhat.com/errata/RHSA-2025:1335
reference_id	RHSA-2025:1335
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1335

reference_url	https://access.redhat.com/errata/RHSA-2025:2399
reference_id	RHSA-2025:2399
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2399

reference_url	https://access.redhat.com/errata/RHSA-2025:7049
reference_id	RHSA-2025:7049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7049

reference_url	https://access.redhat.com/errata/RHSA-2025:8385
reference_id	RHSA-2025:8385
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8385

fixed_packages

aliases

CVE-2024-35195, GHSA-9wx4-h78v-vm56

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-duvn-u125-dqan

url

VCID-e87q-1j8h-93hh

vulnerability_id

VCID-e87q-1j8h-93hh

summary

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions clean_ipv6_address and is_valid_ipv6_address are vulnerable, as is the django.forms.GenericIPAddressField form field. (The django.db.models.GenericIPAddressField model field is not affected.)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56374.json

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56374.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-56374

reference_id

reference_type

scores

value	0.00084
scoring_system	epss
scoring_elements	0.24457
published_at	2026-04-24T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24532
published_at	2026-04-13T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24512
published_at	2026-04-21T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24537
published_at	2026-04-18T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24545
published_at	2026-04-16T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24586
published_at	2026-04-12T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24629
published_at	2026-04-11T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24612
published_at	2026-04-09T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24567
published_at	2026-04-08T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24496
published_at	2026-04-07T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24724
published_at	2026-04-04T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24686
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-56374

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460

reference_url

https://docs.djangoproject.com/en/dev/releases/security

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://docs.djangoproject.com/en/dev/releases/security

reference_url

https://docs.djangoproject.com/en/dev/releases/security/

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T19:40:35Z/

url

https://docs.djangoproject.com/en/dev/releases/security/

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/django/django

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django

reference_url

https://github.com/django/django/commit/4806731e58f3e8700a3c802e77899d54ac6021fe

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/4806731e58f3e8700a3c802e77899d54ac6021fe

reference_url

https://github.com/django/django/commit/ad866a1ca3e7d60da888d25d27e46a8adb2ed36e

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/ad866a1ca3e7d60da888d25d27e46a8adb2ed36e

reference_url

https://github.com/django/django/commit/ca2be7724e1244a4cb723de40a070f873c6e94bf

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/ca2be7724e1244a4cb723de40a070f873c6e94bf

reference_url

https://github.com/django/django/commit/e8d4a2005955dcf962193600b53bf461b190b455

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/e8d4a2005955dcf962193600b53bf461b190b455

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-1.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-1.yaml

reference_url

https://groups.google.com/g/django-announce

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T19:40:35Z/

url

https://groups.google.com/g/django-announce

reference_url

https://lists.debian.org/debian-lts-announce/2025/01/msg00024.html

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/01/msg00024.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-56374

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-56374

reference_url

https://www.djangoproject.com/weblog/2025/jan/14/security-releases

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.djangoproject.com/weblog/2025/jan/14/security-releases

reference_url

https://www.djangoproject.com/weblog/2025/jan/14/security-releases/

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T19:40:35Z/

url

https://www.djangoproject.com/weblog/2025/jan/14/security-releases/

reference_url

http://www.openwall.com/lists/oss-security/2025/01/14/2

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/01/14/2

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093049
reference_id	1093049
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093049

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2337996
reference_id	2337996
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2337996

reference_url

https://github.com/advisories/GHSA-qcgg-j2x8-h9g8

reference_id

GHSA-qcgg-j2x8-h9g8

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qcgg-j2x8-h9g8

reference_url	https://security.gentoo.org/glsa/202509-03
reference_id	GLSA-202509-03
reference_type
scores
url	https://security.gentoo.org/glsa/202509-03

reference_url	https://access.redhat.com/errata/RHSA-2025:0722
reference_id	RHSA-2025:0722
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0722

reference_url	https://access.redhat.com/errata/RHSA-2025:0777
reference_id	RHSA-2025:0777
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0777

reference_url	https://access.redhat.com/errata/RHSA-2025:0782
reference_id	RHSA-2025:0782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0782

reference_url	https://access.redhat.com/errata/RHSA-2025:2399
reference_id	RHSA-2025:2399
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2399

reference_url	https://access.redhat.com/errata/RHSA-2025:4576
reference_id	RHSA-2025:4576
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4576

reference_url	https://usn.ubuntu.com/7205-1/
reference_id	USN-7205-1
reference_type
scores
url	https://usn.ubuntu.com/7205-1/

reference_url	https://usn.ubuntu.com/7205-2/
reference_id	USN-7205-2
reference_type
scores
url	https://usn.ubuntu.com/7205-2/

fixed_packages

aliases

BIT-django-2024-56374, CVE-2024-56374, GHSA-qcgg-j2x8-h9g8, PYSEC-2025-1

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-e87q-1j8h-93hh

Fixing_vulnerabilities

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-django@4.2.19-1%3Farch=el9pc

Package Instance