Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/python-django@1.4.1-1?distro=trixie
Typedeb
Namespacedebian
Namepython-django
Version1.4.1-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.4.2-1
Latest_non_vulnerable_version3:4.2.30-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1pvd-3217-6ygv
vulnerability_id VCID-1pvd-3217-6ygv
summary The django.forms.ImageField class in the form system in Django before 1.3.2 and 1.4.x before 1.4.1 completely decompresses image data during image validation, which allows remote attackers to cause a denial of service (memory consumption) by uploading an image file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3443
reference_id
reference_type
scores
0
value 0.01382
scoring_system epss
scoring_elements 0.8025
published_at 2026-04-02T12:55:00Z
1
value 0.01382
scoring_system epss
scoring_elements 0.80296
published_at 2026-04-09T12:55:00Z
2
value 0.01382
scoring_system epss
scoring_elements 0.80286
published_at 2026-04-08T12:55:00Z
3
value 0.01382
scoring_system epss
scoring_elements 0.80259
published_at 2026-04-07T12:55:00Z
4
value 0.01382
scoring_system epss
scoring_elements 0.8027
published_at 2026-04-04T12:55:00Z
5
value 0.01382
scoring_system epss
scoring_elements 0.80243
published_at 2026-04-01T12:55:00Z
6
value 0.01382
scoring_system epss
scoring_elements 0.8033
published_at 2026-04-21T12:55:00Z
7
value 0.01382
scoring_system epss
scoring_elements 0.80326
published_at 2026-04-18T12:55:00Z
8
value 0.01382
scoring_system epss
scoring_elements 0.80324
published_at 2026-04-16T12:55:00Z
9
value 0.01382
scoring_system epss
scoring_elements 0.80294
published_at 2026-04-13T12:55:00Z
10
value 0.01382
scoring_system epss
scoring_elements 0.803
published_at 2026-04-12T12:55:00Z
11
value 0.01382
scoring_system epss
scoring_elements 0.80315
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3443
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3443
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3443
2
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
3
reference_url https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155
4
reference_url https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-3.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-3.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3443
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3443
7
reference_url https://www.debian.org/security/2012/dsa-2529
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2012/dsa-2529
8
reference_url https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued
9
reference_url https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
10
reference_url https://www.mandriva.com/security/advisories?name=MDVSA-2012:143
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.mandriva.com/security/advisories?name=MDVSA-2012:143
11
reference_url https://www.openwall.com/lists/oss-security/2012/07/31/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2012/07/31/1
12
reference_url https://www.openwall.com/lists/oss-security/2012/07/31/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2012/07/31/2
13
reference_url https://www.ubuntu.com/usn/USN-1560-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.ubuntu.com/usn/USN-1560-1
14
reference_url http://www.debian.org/security/2012/dsa-2529
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2529
15
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2012:143
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2012:143
16
reference_url http://www.openwall.com/lists/oss-security/2012/07/31/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/07/31/1
17
reference_url http://www.openwall.com/lists/oss-security/2012/07/31/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/07/31/2
18
reference_url http://www.ubuntu.com/usn/USN-1560-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1560-1
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364
reference_id 683364
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364
20
reference_url https://github.com/advisories/GHSA-59w8-4wm2-4xw8
reference_id GHSA-59w8-4wm2-4xw8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-59w8-4wm2-4xw8
21
reference_url https://usn.ubuntu.com/1560-1/
reference_id USN-1560-1
reference_type
scores
url https://usn.ubuntu.com/1560-1/
fixed_packages
0
url pkg:deb/debian/python-django@1.4.1-1?distro=trixie
purl pkg:deb/debian/python-django@1.4.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@1.4.1-1%3Fdistro=trixie
1
url pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie
purl pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ac4c-321h-tqfk
3
vulnerability VCID-ff2a-at5f-2qa8
4
vulnerability VCID-gfym-spzk-w7gk
5
vulnerability VCID-jzae-1awh-k7cm
6
vulnerability VCID-mga4-an1w-qqf9
7
vulnerability VCID-ssut-reka-r3f8
8
vulnerability VCID-xhpa-mffz-syfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2%3Fdistro=trixie
2
url pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ac4c-321h-tqfk
3
vulnerability VCID-ff2a-at5f-2qa8
4
vulnerability VCID-gfym-spzk-w7gk
5
vulnerability VCID-jzae-1awh-k7cm
6
vulnerability VCID-mga4-an1w-qqf9
7
vulnerability VCID-ssut-reka-r3f8
8
vulnerability VCID-xhpa-mffz-syfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.19-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ac4c-321h-tqfk
3
vulnerability VCID-ff2a-at5f-2qa8
4
vulnerability VCID-gfym-spzk-w7gk
5
vulnerability VCID-ssut-reka-r3f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ff2a-at5f-2qa8
3
vulnerability VCID-gfym-spzk-w7gk
4
vulnerability VCID-ssut-reka-r3f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.29-1%3Fdistro=trixie
5
url pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.30-1%3Fdistro=trixie
aliases CVE-2012-3443, GHSA-59w8-4wm2-4xw8, PYSEC-2012-3
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1pvd-3217-6ygv
1
url VCID-7bu3-ckpj-gbf8
vulnerability_id VCID-7bu3-ckpj-gbf8
summary The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service (process or thread consumption) via a large TIFF image.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3444
reference_id
reference_type
scores
0
value 0.0119
scoring_system epss
scoring_elements 0.78794
published_at 2026-04-02T12:55:00Z
1
value 0.0119
scoring_system epss
scoring_elements 0.78846
published_at 2026-04-12T12:55:00Z
2
value 0.0119
scoring_system epss
scoring_elements 0.78863
published_at 2026-04-11T12:55:00Z
3
value 0.0119
scoring_system epss
scoring_elements 0.78839
published_at 2026-04-09T12:55:00Z
4
value 0.0119
scoring_system epss
scoring_elements 0.78833
published_at 2026-04-08T12:55:00Z
5
value 0.0119
scoring_system epss
scoring_elements 0.78807
published_at 2026-04-07T12:55:00Z
6
value 0.0119
scoring_system epss
scoring_elements 0.78825
published_at 2026-04-04T12:55:00Z
7
value 0.0119
scoring_system epss
scoring_elements 0.78787
published_at 2026-04-01T12:55:00Z
8
value 0.0119
scoring_system epss
scoring_elements 0.78858
published_at 2026-04-21T12:55:00Z
9
value 0.0119
scoring_system epss
scoring_elements 0.78861
published_at 2026-04-18T12:55:00Z
10
value 0.0119
scoring_system epss
scoring_elements 0.78864
published_at 2026-04-16T12:55:00Z
11
value 0.0119
scoring_system epss
scoring_elements 0.78836
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3444
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3444
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3444
2
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
3
reference_url https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155
4
reference_url https://github.com/django/django/commit/b2eb4787a0fff9c9993b78be5c698e85108f3446
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/b2eb4787a0fff9c9993b78be5c698e85108f3446
5
reference_url https://github.com/django/django/commit/c14f325c4eef628bc7bfd8873c3a72aeb0219141
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c14f325c4eef628bc7bfd8873c3a72aeb0219141
6
reference_url https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6
7
reference_url https://github.com/django/django/commit/dd16b17099b7d86f27773df048c5014cf439b282
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/dd16b17099b7d86f27773df048c5014cf439b282
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-4.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-4.yaml
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3444
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3444
10
reference_url https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued
11
reference_url https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
12
reference_url http://www.debian.org/security/2012/dsa-2529
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2529
13
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2012:143
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2012:143
14
reference_url http://www.openwall.com/lists/oss-security/2012/07/31/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/07/31/1
15
reference_url http://www.openwall.com/lists/oss-security/2012/07/31/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/07/31/2
16
reference_url http://www.ubuntu.com/usn/USN-1560-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1560-1
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364
reference_id 683364
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364
18
reference_url https://github.com/advisories/GHSA-5h2q-4hrp-v9rr
reference_id GHSA-5h2q-4hrp-v9rr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5h2q-4hrp-v9rr
19
reference_url https://usn.ubuntu.com/1560-1/
reference_id USN-1560-1
reference_type
scores
url https://usn.ubuntu.com/1560-1/
fixed_packages
0
url pkg:deb/debian/python-django@1.4.1-1?distro=trixie
purl pkg:deb/debian/python-django@1.4.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@1.4.1-1%3Fdistro=trixie
1
url pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie
purl pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ac4c-321h-tqfk
3
vulnerability VCID-ff2a-at5f-2qa8
4
vulnerability VCID-gfym-spzk-w7gk
5
vulnerability VCID-jzae-1awh-k7cm
6
vulnerability VCID-mga4-an1w-qqf9
7
vulnerability VCID-ssut-reka-r3f8
8
vulnerability VCID-xhpa-mffz-syfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2%3Fdistro=trixie
2
url pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ac4c-321h-tqfk
3
vulnerability VCID-ff2a-at5f-2qa8
4
vulnerability VCID-gfym-spzk-w7gk
5
vulnerability VCID-jzae-1awh-k7cm
6
vulnerability VCID-mga4-an1w-qqf9
7
vulnerability VCID-ssut-reka-r3f8
8
vulnerability VCID-xhpa-mffz-syfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.19-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ac4c-321h-tqfk
3
vulnerability VCID-ff2a-at5f-2qa8
4
vulnerability VCID-gfym-spzk-w7gk
5
vulnerability VCID-ssut-reka-r3f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ff2a-at5f-2qa8
3
vulnerability VCID-gfym-spzk-w7gk
4
vulnerability VCID-ssut-reka-r3f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.29-1%3Fdistro=trixie
5
url pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.30-1%3Fdistro=trixie
aliases CVE-2012-3444, GHSA-5h2q-4hrp-v9rr, PYSEC-2012-4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7bu3-ckpj-gbf8
2
url VCID-czkz-mcv8-mqfc
vulnerability_id VCID-czkz-mcv8-mqfc
summary The (1) django.http.HttpResponseRedirect and (2) django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a data: URL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3442
reference_id
reference_type
scores
0
value 0.00442
scoring_system epss
scoring_elements 0.6319
published_at 2026-04-01T12:55:00Z
1
value 0.00442
scoring_system epss
scoring_elements 0.63314
published_at 2026-04-16T12:55:00Z
2
value 0.00442
scoring_system epss
scoring_elements 0.6333
published_at 2026-04-11T12:55:00Z
3
value 0.00442
scoring_system epss
scoring_elements 0.63313
published_at 2026-04-09T12:55:00Z
4
value 0.00442
scoring_system epss
scoring_elements 0.63295
published_at 2026-04-08T12:55:00Z
5
value 0.00442
scoring_system epss
scoring_elements 0.63243
published_at 2026-04-07T12:55:00Z
6
value 0.00442
scoring_system epss
scoring_elements 0.63278
published_at 2026-04-13T12:55:00Z
7
value 0.00442
scoring_system epss
scoring_elements 0.63249
published_at 2026-04-02T12:55:00Z
8
value 0.00496
scoring_system epss
scoring_elements 0.65862
published_at 2026-04-18T12:55:00Z
9
value 0.00496
scoring_system epss
scoring_elements 0.65849
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3442
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3442
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3442
2
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
3
reference_url https://github.com/django/django/commit/4dea4883e6c50d75f215a6b9bcbd95273f57c72d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4dea4883e6c50d75f215a6b9bcbd95273f57c72d
4
reference_url https://github.com/django/django/commit/e34685034b60be1112160e76091e5aee60149fa1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/e34685034b60be1112160e76091e5aee60149fa1
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-2.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-2.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3442
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3442
7
reference_url https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued
8
reference_url https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
9
reference_url http://www.debian.org/security/2012/dsa-2529
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2529
10
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2012:143
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2012:143
11
reference_url http://www.openwall.com/lists/oss-security/2012/07/31/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/07/31/1
12
reference_url http://www.openwall.com/lists/oss-security/2012/07/31/2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/07/31/2
13
reference_url http://www.ubuntu.com/usn/USN-1560-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1560-1
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364
reference_id 683364
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364
15
reference_url https://github.com/advisories/GHSA-78vx-ggch-wghm
reference_id GHSA-78vx-ggch-wghm
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-78vx-ggch-wghm
16
reference_url https://usn.ubuntu.com/1560-1/
reference_id USN-1560-1
reference_type
scores
url https://usn.ubuntu.com/1560-1/
fixed_packages
0
url pkg:deb/debian/python-django@1.4.1-1?distro=trixie
purl pkg:deb/debian/python-django@1.4.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@1.4.1-1%3Fdistro=trixie
1
url pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie
purl pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ac4c-321h-tqfk
3
vulnerability VCID-ff2a-at5f-2qa8
4
vulnerability VCID-gfym-spzk-w7gk
5
vulnerability VCID-jzae-1awh-k7cm
6
vulnerability VCID-mga4-an1w-qqf9
7
vulnerability VCID-ssut-reka-r3f8
8
vulnerability VCID-xhpa-mffz-syfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2%3Fdistro=trixie
2
url pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ac4c-321h-tqfk
3
vulnerability VCID-ff2a-at5f-2qa8
4
vulnerability VCID-gfym-spzk-w7gk
5
vulnerability VCID-jzae-1awh-k7cm
6
vulnerability VCID-mga4-an1w-qqf9
7
vulnerability VCID-ssut-reka-r3f8
8
vulnerability VCID-xhpa-mffz-syfy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.19-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ac4c-321h-tqfk
3
vulnerability VCID-ff2a-at5f-2qa8
4
vulnerability VCID-gfym-spzk-w7gk
5
vulnerability VCID-ssut-reka-r3f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1adz-zw3h-pqek
1
vulnerability VCID-46pv-pzsu-jucd
2
vulnerability VCID-ff2a-at5f-2qa8
3
vulnerability VCID-gfym-spzk-w7gk
4
vulnerability VCID-ssut-reka-r3f8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.29-1%3Fdistro=trixie
5
url pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.30-1%3Fdistro=trixie
aliases CVE-2012-3442, GHSA-78vx-ggch-wghm, PYSEC-2012-2
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-czkz-mcv8-mqfc
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@1.4.1-1%3Fdistro=trixie