Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/python-django@4.2.15-1?arch=el9ap
Typerpm
Namespaceredhat
Namepython-django
Version4.2.15-1
Qualifiers
arch el9ap
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-7tph-k8q2-bue2
vulnerability_id VCID-7tph-k8q2-bue2
summary An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41991.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41991.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-41991
reference_id
reference_type
scores
0
value 0.0091
scoring_system epss
scoring_elements 0.75851
published_at 2026-04-16T12:55:00Z
1
value 0.0091
scoring_system epss
scoring_elements 0.75813
published_at 2026-04-13T12:55:00Z
2
value 0.0091
scoring_system epss
scoring_elements 0.75815
published_at 2026-04-09T12:55:00Z
3
value 0.0091
scoring_system epss
scoring_elements 0.7582
published_at 2026-04-12T12:55:00Z
4
value 0.0091
scoring_system epss
scoring_elements 0.75839
published_at 2026-04-11T12:55:00Z
5
value 0.0091
scoring_system epss
scoring_elements 0.75803
published_at 2026-04-08T12:55:00Z
6
value 0.0091
scoring_system epss
scoring_elements 0.7577
published_at 2026-04-07T12:55:00Z
7
value 0.0091
scoring_system epss
scoring_elements 0.75792
published_at 2026-04-04T12:55:00Z
8
value 0.0091
scoring_system epss
scoring_elements 0.75759
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-41991
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T17:57:11Z/
url https://docs.djangoproject.com/en/dev/releases/security/
27
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
28
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
29
reference_url https://github.com/django/django/commit/523da8771bce321023f490f70d71a9e973ddc927
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/523da8771bce321023f490f70d71a9e973ddc927
30
reference_url https://github.com/django/django/commit/efea1ef7e2190e3f77ca0651b5458297bc0f6a9f
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/efea1ef7e2190e3f77ca0651b5458297bc0f6a9f
31
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-69.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-69.yaml
32
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T17:57:11Z/
url https://groups.google.com/forum/#%21forum/django-announce
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-41991
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-41991
34
reference_url https://security.netapp.com/advisory/ntap-20240905-0007
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240905-0007
35
reference_url https://www.djangoproject.com/weblog/2024/aug/06/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/aug/06/security-releases
36
reference_url https://www.djangoproject.com/weblog/2024/aug/06/security-releases/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T17:57:11Z/
url https://www.djangoproject.com/weblog/2024/aug/06/security-releases/
37
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078074
reference_id 1078074
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078074
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2302435
reference_id 2302435
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2302435
39
reference_url https://github.com/advisories/GHSA-r836-hh6v-rg5g
reference_id GHSA-r836-hh6v-rg5g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r836-hh6v-rg5g
40
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
41
reference_url https://access.redhat.com/errata/RHSA-2024:6428
reference_id RHSA-2024:6428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6428
42
reference_url https://access.redhat.com/errata/RHSA-2024:7987
reference_id RHSA-2024:7987
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7987
43
reference_url https://access.redhat.com/errata/RHSA-2025:1335
reference_id RHSA-2025:1335
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1335
44
reference_url https://usn.ubuntu.com/6946-1/
reference_id USN-6946-1
reference_type
scores
url https://usn.ubuntu.com/6946-1/
fixed_packages
aliases BIT-django-2024-41991, CVE-2024-41991, GHSA-r836-hh6v-rg5g, PYSEC-2024-69
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7tph-k8q2-bue2
1
url VCID-jzae-1awh-k7cm
vulnerability_id VCID-jzae-1awh-k7cm
summary An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38875.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38875.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38875
reference_id
reference_type
scores
0
value 0.0033
scoring_system epss
scoring_elements 0.55941
published_at 2026-04-07T12:55:00Z
1
value 0.0033
scoring_system epss
scoring_elements 0.56003
published_at 2026-04-16T12:55:00Z
2
value 0.0033
scoring_system epss
scoring_elements 0.55967
published_at 2026-04-13T12:55:00Z
3
value 0.0033
scoring_system epss
scoring_elements 0.55985
published_at 2026-04-12T12:55:00Z
4
value 0.0033
scoring_system epss
scoring_elements 0.56005
published_at 2026-04-11T12:55:00Z
5
value 0.0033
scoring_system epss
scoring_elements 0.55994
published_at 2026-04-09T12:55:00Z
6
value 0.0033
scoring_system epss
scoring_elements 0.55992
published_at 2026-04-08T12:55:00Z
7
value 0.0033
scoring_system epss
scoring_elements 0.55962
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38875
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38875
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38875
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-10T13:43:12Z/
url https://docs.djangoproject.com/en/dev/releases/security/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/7285644640f085f41d60ab0c8ae4e9153f0485db
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/7285644640f085f41d60ab0c8ae4e9153f0485db
8
reference_url https://github.com/django/django/commit/79f368764295df109a37192f6182fb6f361d85b5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/79f368764295df109a37192f6182fb6f361d85b5
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-56.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-56.yaml
10
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-10T13:43:12Z/
url https://groups.google.com/forum/#%21forum/django-announce
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-38875
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-38875
12
reference_url https://security.netapp.com/advisory/ntap-20240808-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240808-0005
13
reference_url https://www.djangoproject.com/weblog/2024/jul/09/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/jul/09/security-releases
14
reference_url https://www.djangoproject.com/weblog/2024/jul/09/security-releases/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-10T13:43:12Z/
url https://www.djangoproject.com/weblog/2024/jul/09/security-releases/
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076069
reference_id 1076069
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076069
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295935
reference_id 2295935
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295935
17
reference_url https://github.com/advisories/GHSA-qg2p-9jwr-mmqf
reference_id GHSA-qg2p-9jwr-mmqf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qg2p-9jwr-mmqf
18
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
19
reference_url https://access.redhat.com/errata/RHSA-2024:6428
reference_id RHSA-2024:6428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6428
20
reference_url https://access.redhat.com/errata/RHSA-2024:8906
reference_id RHSA-2024:8906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8906
21
reference_url https://access.redhat.com/errata/RHSA-2024:9481
reference_id RHSA-2024:9481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9481
22
reference_url https://usn.ubuntu.com/6888-1/
reference_id USN-6888-1
reference_type
scores
url https://usn.ubuntu.com/6888-1/
23
reference_url https://usn.ubuntu.com/6888-2/
reference_id USN-6888-2
reference_type
scores
url https://usn.ubuntu.com/6888-2/
fixed_packages
aliases BIT-django-2024-38875, CVE-2024-38875, GHSA-qg2p-9jwr-mmqf, PYSEC-2024-56
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jzae-1awh-k7cm
2
url VCID-m91a-6235-nye9
vulnerability_id VCID-m91a-6235-nye9
summary An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values() and values_list() methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42005.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42005.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-42005
reference_id
reference_type
scores
0
value 0.00328
scoring_system epss
scoring_elements 0.5587
published_at 2026-04-16T12:55:00Z
1
value 0.00328
scoring_system epss
scoring_elements 0.55834
published_at 2026-04-13T12:55:00Z
2
value 0.00328
scoring_system epss
scoring_elements 0.55807
published_at 2026-04-02T12:55:00Z
3
value 0.00328
scoring_system epss
scoring_elements 0.55829
published_at 2026-04-04T12:55:00Z
4
value 0.00328
scoring_system epss
scoring_elements 0.55852
published_at 2026-04-12T12:55:00Z
5
value 0.00328
scoring_system epss
scoring_elements 0.55809
published_at 2026-04-07T12:55:00Z
6
value 0.00328
scoring_system epss
scoring_elements 0.55863
published_at 2026-04-09T12:55:00Z
7
value 0.00328
scoring_system epss
scoring_elements 0.5586
published_at 2026-04-08T12:55:00Z
8
value 0.00328
scoring_system epss
scoring_elements 0.55873
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-42005
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-16T20:19:17Z/
url https://docs.djangoproject.com/en/dev/releases/security/
27
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
28
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
29
reference_url https://github.com/django/django/commit/32ebcbf2e1fe3e5ba79a6554a167efce81f7422d
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/32ebcbf2e1fe3e5ba79a6554a167efce81f7422d
30
reference_url https://github.com/django/django/commit/f4af67b9b41e0f4c117a8741da3abbd1c869ab28
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f4af67b9b41e0f4c117a8741da3abbd1c869ab28
31
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-70.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-70.yaml
32
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-16T20:19:17Z/
url https://groups.google.com/forum/#%21forum/django-announce
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-42005
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-42005
34
reference_url https://security.netapp.com/advisory/ntap-20240905-0007
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240905-0007
35
reference_url https://www.djangoproject.com/weblog/2024/aug/06/security-releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/aug/06/security-releases
36
reference_url https://www.djangoproject.com/weblog/2024/aug/06/security-releases/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-16T20:19:17Z/
url https://www.djangoproject.com/weblog/2024/aug/06/security-releases/
37
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078074
reference_id 1078074
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078074
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2302436
reference_id 2302436
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2302436
39
reference_url https://github.com/advisories/GHSA-pv4p-cwwg-4rph
reference_id GHSA-pv4p-cwwg-4rph
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pv4p-cwwg-4rph
40
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
41
reference_url https://access.redhat.com/errata/RHSA-2024:6428
reference_id RHSA-2024:6428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6428
42
reference_url https://access.redhat.com/errata/RHSA-2024:8906
reference_id RHSA-2024:8906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8906
43
reference_url https://access.redhat.com/errata/RHSA-2025:1335
reference_id RHSA-2025:1335
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1335
44
reference_url https://usn.ubuntu.com/6946-1/
reference_id USN-6946-1
reference_type
scores
url https://usn.ubuntu.com/6946-1/
fixed_packages
aliases BIT-django-2024-42005, CVE-2024-42005, GHSA-pv4p-cwwg-4rph, PYSEC-2024-70
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m91a-6235-nye9
3
url VCID-q12d-kv8p-8ff7
vulnerability_id VCID-q12d-kv8p-8ff7
summary An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate() method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39329.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39329.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39329
reference_id
reference_type
scores
0
value 0.00165
scoring_system epss
scoring_elements 0.37652
published_at 2026-04-02T12:55:00Z
1
value 0.00165
scoring_system epss
scoring_elements 0.37615
published_at 2026-04-16T12:55:00Z
2
value 0.00165
scoring_system epss
scoring_elements 0.37571
published_at 2026-04-13T12:55:00Z
3
value 0.00165
scoring_system epss
scoring_elements 0.37599
published_at 2026-04-12T12:55:00Z
4
value 0.00165
scoring_system epss
scoring_elements 0.37619
published_at 2026-04-09T12:55:00Z
5
value 0.00165
scoring_system epss
scoring_elements 0.37676
published_at 2026-04-04T12:55:00Z
6
value 0.00165
scoring_system epss
scoring_elements 0.37555
published_at 2026-04-07T12:55:00Z
7
value 0.00165
scoring_system epss
scoring_elements 0.37607
published_at 2026-04-08T12:55:00Z
8
value 0.00165
scoring_system epss
scoring_elements 0.37632
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39329
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-10T16:17:00Z/
url https://docs.djangoproject.com/en/dev/releases/security/
27
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
28
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
29
reference_url https://github.com/django/django/commit/07cefdee4a9d1fcd9a3a631cbd07c78defd1923b
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/07cefdee4a9d1fcd9a3a631cbd07c78defd1923b
30
reference_url https://github.com/django/django/commit/156d3186c96e3ec2ca73b8b25dc2ef366e38df14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/156d3186c96e3ec2ca73b8b25dc2ef366e38df14
31
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-57.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-57.yaml
32
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-10T16:17:00Z/
url https://groups.google.com/forum/#%21forum/django-announce
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39329
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39329
34
reference_url https://security.netapp.com/advisory/ntap-20240808-0005
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240808-0005
35
reference_url https://www.djangoproject.com/weblog/2024/jul/09/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/jul/09/security-releases
36
reference_url https://www.djangoproject.com/weblog/2024/jul/09/security-releases/
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-10T16:17:00Z/
url https://www.djangoproject.com/weblog/2024/jul/09/security-releases/
37
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076069
reference_id 1076069
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076069
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295936
reference_id 2295936
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295936
39
reference_url https://github.com/advisories/GHSA-x7q2-wr7g-xqmf
reference_id GHSA-x7q2-wr7g-xqmf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x7q2-wr7g-xqmf
40
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
41
reference_url https://access.redhat.com/errata/RHSA-2024:6428
reference_id RHSA-2024:6428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6428
42
reference_url https://access.redhat.com/errata/RHSA-2024:8906
reference_id RHSA-2024:8906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8906
43
reference_url https://access.redhat.com/errata/RHSA-2024:9481
reference_id RHSA-2024:9481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9481
44
reference_url https://usn.ubuntu.com/6888-1/
reference_id USN-6888-1
reference_type
scores
url https://usn.ubuntu.com/6888-1/
45
reference_url https://usn.ubuntu.com/6888-2/
reference_id USN-6888-2
reference_type
scores
url https://usn.ubuntu.com/6888-2/
fixed_packages
aliases BIT-django-2024-39329, CVE-2024-39329, GHSA-x7q2-wr7g-xqmf, PYSEC-2024-57
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q12d-kv8p-8ff7
4
url VCID-u3zk-tff2-aua9
vulnerability_id VCID-u3zk-tff2-aua9
summary An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. get_supported_language_variant() was subject to a potential denial-of-service attack when used with very long strings containing specific characters.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39614.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39614.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39614
reference_id
reference_type
scores
0
value 0.06838
scoring_system epss
scoring_elements 0.91373
published_at 2026-04-16T12:55:00Z
1
value 0.06838
scoring_system epss
scoring_elements 0.91321
published_at 2026-04-07T12:55:00Z
2
value 0.06838
scoring_system epss
scoring_elements 0.91348
published_at 2026-04-13T12:55:00Z
3
value 0.06838
scoring_system epss
scoring_elements 0.91349
published_at 2026-04-12T12:55:00Z
4
value 0.06838
scoring_system epss
scoring_elements 0.91346
published_at 2026-04-11T12:55:00Z
5
value 0.06838
scoring_system epss
scoring_elements 0.91339
published_at 2026-04-09T12:55:00Z
6
value 0.06838
scoring_system epss
scoring_elements 0.91334
published_at 2026-04-08T12:55:00Z
7
value 0.06838
scoring_system epss
scoring_elements 0.91314
published_at 2026-04-04T12:55:00Z
8
value 0.06838
scoring_system epss
scoring_elements 0.91304
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39614
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-10T13:29:40Z/
url https://docs.djangoproject.com/en/dev/releases/security/
27
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
28
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
29
reference_url https://github.com/django/django/commit/17358fb35fb7217423d4c4877ccb6d1a3a40b1c3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/17358fb35fb7217423d4c4877ccb6d1a3a40b1c3
30
reference_url https://github.com/django/django/commit/8e7a44e4bec0f11474699c3111a5e0a45afe7f49
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/8e7a44e4bec0f11474699c3111a5e0a45afe7f49
31
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-59.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-59.yaml
32
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-10T13:29:40Z/
url https://groups.google.com/forum/#%21forum/django-announce
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39614
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39614
34
reference_url https://security.netapp.com/advisory/ntap-20240808-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240808-0005
35
reference_url https://www.djangoproject.com/weblog/2024/jul/09/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/jul/09/security-releases
36
reference_url https://www.djangoproject.com/weblog/2024/jul/09/security-releases/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-10T13:29:40Z/
url https://www.djangoproject.com/weblog/2024/jul/09/security-releases/
37
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076069
reference_id 1076069
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076069
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295938
reference_id 2295938
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295938
39
reference_url https://github.com/advisories/GHSA-f6f8-9mx6-9mx2
reference_id GHSA-f6f8-9mx6-9mx2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f6f8-9mx6-9mx2
40
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
41
reference_url https://access.redhat.com/errata/RHSA-2024:6428
reference_id RHSA-2024:6428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6428
42
reference_url https://access.redhat.com/errata/RHSA-2024:8906
reference_id RHSA-2024:8906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8906
43
reference_url https://access.redhat.com/errata/RHSA-2024:9481
reference_id RHSA-2024:9481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9481
44
reference_url https://access.redhat.com/errata/RHSA-2025:1335
reference_id RHSA-2025:1335
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1335
45
reference_url https://usn.ubuntu.com/6888-1/
reference_id USN-6888-1
reference_type
scores
url https://usn.ubuntu.com/6888-1/
46
reference_url https://usn.ubuntu.com/6888-2/
reference_id USN-6888-2
reference_type
scores
url https://usn.ubuntu.com/6888-2/
fixed_packages
aliases BIT-django-2024-39614, CVE-2024-39614, GHSA-f6f8-9mx6-9mx2, PYSEC-2024-59
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u3zk-tff2-aua9
5
url VCID-v1xr-z4zu-yfb4
vulnerability_id VCID-v1xr-z4zu-yfb4
summary An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41989.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41989.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-41989
reference_id
reference_type
scores
0
value 0.01386
scoring_system epss
scoring_elements 0.80354
published_at 2026-04-16T12:55:00Z
1
value 0.01386
scoring_system epss
scoring_elements 0.80324
published_at 2026-04-13T12:55:00Z
2
value 0.01386
scoring_system epss
scoring_elements 0.80327
published_at 2026-04-09T12:55:00Z
3
value 0.01386
scoring_system epss
scoring_elements 0.80331
published_at 2026-04-12T12:55:00Z
4
value 0.01386
scoring_system epss
scoring_elements 0.80346
published_at 2026-04-11T12:55:00Z
5
value 0.01386
scoring_system epss
scoring_elements 0.80316
published_at 2026-04-08T12:55:00Z
6
value 0.01386
scoring_system epss
scoring_elements 0.80288
published_at 2026-04-07T12:55:00Z
7
value 0.01386
scoring_system epss
scoring_elements 0.803
published_at 2026-04-04T12:55:00Z
8
value 0.01386
scoring_system epss
scoring_elements 0.80279
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-41989
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T19:34:43Z/
url https://docs.djangoproject.com/en/dev/releases/security/
27
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
28
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
29
reference_url https://github.com/django/django/commit/27900fe56f3d3cabb4aeb6ccb82f92bab29073a8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/27900fe56f3d3cabb4aeb6ccb82f92bab29073a8
30
reference_url https://github.com/django/django/commit/fc76660f589ac07e45e9cd34ccb8087aeb11904b
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/fc76660f589ac07e45e9cd34ccb8087aeb11904b
31
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-67.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-67.yaml
32
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T19:34:43Z/
url https://groups.google.com/forum/#%21forum/django-announce
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-41989
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-41989
34
reference_url https://security.netapp.com/advisory/ntap-20240905-0007
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240905-0007
35
reference_url https://www.djangoproject.com/weblog/2024/aug/06/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/aug/06/security-releases
36
reference_url https://www.djangoproject.com/weblog/2024/aug/06/security-releases/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T19:34:43Z/
url https://www.djangoproject.com/weblog/2024/aug/06/security-releases/
37
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078074
reference_id 1078074
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078074
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2302433
reference_id 2302433
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2302433
39
reference_url https://github.com/advisories/GHSA-jh75-99hh-qvx9
reference_id GHSA-jh75-99hh-qvx9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jh75-99hh-qvx9
40
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
41
reference_url https://access.redhat.com/errata/RHSA-2024:6428
reference_id RHSA-2024:6428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6428
42
reference_url https://access.redhat.com/errata/RHSA-2024:8534
reference_id RHSA-2024:8534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8534
43
reference_url https://access.redhat.com/errata/RHSA-2025:1335
reference_id RHSA-2025:1335
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1335
44
reference_url https://usn.ubuntu.com/6946-1/
reference_id USN-6946-1
reference_type
scores
url https://usn.ubuntu.com/6946-1/
fixed_packages
aliases BIT-django-2024-41989, CVE-2024-41989, GHSA-jh75-99hh-qvx9, PYSEC-2024-67
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v1xr-z4zu-yfb4
6
url VCID-xhpa-mffz-syfy
vulnerability_id VCID-xhpa-mffz-syfy
summary An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41990.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-41990.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-41990
reference_id
reference_type
scores
0
value 0.01326
scoring_system epss
scoring_elements 0.79946
published_at 2026-04-16T12:55:00Z
1
value 0.01326
scoring_system epss
scoring_elements 0.79917
published_at 2026-04-13T12:55:00Z
2
value 0.01326
scoring_system epss
scoring_elements 0.79921
published_at 2026-04-09T12:55:00Z
3
value 0.01326
scoring_system epss
scoring_elements 0.79925
published_at 2026-04-12T12:55:00Z
4
value 0.01326
scoring_system epss
scoring_elements 0.79941
published_at 2026-04-11T12:55:00Z
5
value 0.01326
scoring_system epss
scoring_elements 0.79912
published_at 2026-04-08T12:55:00Z
6
value 0.01326
scoring_system epss
scoring_elements 0.79884
published_at 2026-04-07T12:55:00Z
7
value 0.01326
scoring_system epss
scoring_elements 0.79896
published_at 2026-04-04T12:55:00Z
8
value 0.01326
scoring_system epss
scoring_elements 0.79875
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-41990
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41990
3
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
4
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T15:20:51Z/
url https://docs.djangoproject.com/en/dev/releases/security/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/7b7b909579c8311c140c89b8a9431bf537febf93
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/7b7b909579c8311c140c89b8a9431bf537febf93
8
reference_url https://github.com/django/django/commit/d0a82e26a74940bf0c78204933c3bdd6a283eb88
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d0a82e26a74940bf0c78204933c3bdd6a283eb88
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-68.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-68.yaml
10
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T15:20:51Z/
url https://groups.google.com/forum/#%21forum/django-announce
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-41990
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-41990
12
reference_url https://security.netapp.com/advisory/ntap-20240905-0007
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240905-0007
13
reference_url https://www.djangoproject.com/weblog/2024/aug/06/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/aug/06/security-releases
14
reference_url https://www.djangoproject.com/weblog/2024/aug/06/security-releases/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-07T15:20:51Z/
url https://www.djangoproject.com/weblog/2024/aug/06/security-releases/
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078074
reference_id 1078074
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078074
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2302434
reference_id 2302434
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2302434
17
reference_url https://github.com/advisories/GHSA-795c-9xpc-xw6g
reference_id GHSA-795c-9xpc-xw6g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-795c-9xpc-xw6g
18
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
19
reference_url https://access.redhat.com/errata/RHSA-2024:6428
reference_id RHSA-2024:6428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6428
20
reference_url https://access.redhat.com/errata/RHSA-2025:1335
reference_id RHSA-2025:1335
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1335
21
reference_url https://usn.ubuntu.com/6946-1/
reference_id USN-6946-1
reference_type
scores
url https://usn.ubuntu.com/6946-1/
fixed_packages
aliases BIT-django-2024-41990, CVE-2024-41990, GHSA-795c-9xpc-xw6g, PYSEC-2024-68
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xhpa-mffz-syfy
7
url VCID-z27q-zfpz-ckby
vulnerability_id VCID-z27q-zfpz-ckby
summary An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39330.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39330.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39330
reference_id
reference_type
scores
0
value 0.00186
scoring_system epss
scoring_elements 0.40476
published_at 2026-04-16T12:55:00Z
1
value 0.00186
scoring_system epss
scoring_elements 0.40429
published_at 2026-04-13T12:55:00Z
2
value 0.00186
scoring_system epss
scoring_elements 0.40448
published_at 2026-04-12T12:55:00Z
3
value 0.00186
scoring_system epss
scoring_elements 0.40486
published_at 2026-04-11T12:55:00Z
4
value 0.00186
scoring_system epss
scoring_elements 0.40465
published_at 2026-04-09T12:55:00Z
5
value 0.00186
scoring_system epss
scoring_elements 0.40402
published_at 2026-04-07T12:55:00Z
6
value 0.00186
scoring_system epss
scoring_elements 0.4048
published_at 2026-04-04T12:55:00Z
7
value 0.00186
scoring_system epss
scoring_elements 0.40454
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39330
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-10T13:59:56Z/
url https://docs.djangoproject.com/en/dev/releases/security/
27
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
28
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
29
reference_url https://github.com/django/django/commit/2b00edc0151a660d1eb86da4059904a0fc4e095e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2b00edc0151a660d1eb86da4059904a0fc4e095e
30
reference_url https://github.com/django/django/commit/9f4f63e9ebb7bf6cb9547ee4e2526b9b96703270
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/9f4f63e9ebb7bf6cb9547ee4e2526b9b96703270
31
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-58.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-58.yaml
32
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-10T13:59:56Z/
url https://groups.google.com/forum/#%21forum/django-announce
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-39330
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-39330
34
reference_url https://security.netapp.com/advisory/ntap-20240808-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240808-0005
35
reference_url https://www.djangoproject.com/weblog/2024/jul/09/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/jul/09/security-releases
36
reference_url https://www.djangoproject.com/weblog/2024/jul/09/security-releases/
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-10T13:59:56Z/
url https://www.djangoproject.com/weblog/2024/jul/09/security-releases/
37
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076069
reference_id 1076069
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076069
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295937
reference_id 2295937
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295937
39
reference_url https://github.com/advisories/GHSA-9jmf-237g-qf46
reference_id GHSA-9jmf-237g-qf46
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9jmf-237g-qf46
40
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
41
reference_url https://access.redhat.com/errata/RHSA-2024:6428
reference_id RHSA-2024:6428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6428
42
reference_url https://access.redhat.com/errata/RHSA-2024:8906
reference_id RHSA-2024:8906
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8906
43
reference_url https://access.redhat.com/errata/RHSA-2024:9481
reference_id RHSA-2024:9481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9481
44
reference_url https://usn.ubuntu.com/6888-1/
reference_id USN-6888-1
reference_type
scores
url https://usn.ubuntu.com/6888-1/
45
reference_url https://usn.ubuntu.com/6888-2/
reference_id USN-6888-2
reference_type
scores
url https://usn.ubuntu.com/6888-2/
fixed_packages
aliases BIT-django-2024-39330, CVE-2024-39330, GHSA-9jmf-237g-qf46, PYSEC-2024-58
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z27q-zfpz-ckby
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-django@4.2.15-1%3Farch=el9ap