Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/python-django@3.2.21-1?arch=el8pc

Type rpm

Namespace redhat

Name python-django

Version 3.2.21-1

Qualifiers

arch	el8pc

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-42x9-8c3c-bug1

vulnerability_id

VCID-42x9-8c3c-bug1

summary

In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's "Uploading multiple files" documentation suggested otherwise.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31047.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31047.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-31047

reference_id

reference_type

scores

value	0.00122
scoring_system	epss
scoring_elements	0.30904
published_at	2026-04-29T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.30987
published_at	2026-04-26T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31109
published_at	2026-04-24T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31279
published_at	2026-04-21T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31306
published_at	2026-04-18T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31327
published_at	2026-04-16T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31293
published_at	2026-04-13T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31331
published_at	2026-04-12T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31375
published_at	2026-04-11T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31371
published_at	2026-04-09T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31286
published_at	2026-04-07T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31467
published_at	2026-04-04T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.3134
published_at	2026-04-08T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.31425
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-31047

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31047
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31047

reference_url

https://docs.djangoproject.com/en/4.2/releases/security

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://docs.djangoproject.com/en/4.2/releases/security

reference_url

https://docs.djangoproject.com/en/4.2/releases/security/

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-29T15:49:48Z/

url

https://docs.djangoproject.com/en/4.2/releases/security/

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/django/django

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django

reference_url

https://github.com/django/django/commit/21b1b1fc03e5f9e9f8c977ee6e35618dd3b353dd

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/21b1b1fc03e5f9e9f8c977ee6e35618dd3b353dd

reference_url

https://github.com/django/django/commit/e7c3a2ccc3a562328600be05068ed9149e12ce64

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/e7c3a2ccc3a562328600be05068ed9149e12ce64

reference_url

https://github.com/django/django/commit/eed53d0011622e70b936e203005f0e6f4ac48965

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/eed53d0011622e70b936e203005f0e6f4ac48965

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-61.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-61.yaml

reference_url

https://groups.google.com/forum/#!forum/django-announce

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#!forum/django-announce

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DNEHD6N435OE2XUFGDAAVAXSYWLCUBFD

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DNEHD6N435OE2XUFGDAAVAXSYWLCUBFD

reference_url

https://security.netapp.com/advisory/ntap-20230609-0008

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230609-0008

reference_url

https://www.djangoproject.com/weblog/2023/may/03/security-releases

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.djangoproject.com/weblog/2023/may/03/security-releases

reference_url

https://www.djangoproject.com/weblog/2023/may/03/security-releases/

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-29T15:49:48Z/

url

https://www.djangoproject.com/weblog/2023/may/03/security-releases/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035467
reference_id	1035467
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035467

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2192565
reference_id	2192565
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2192565

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW/

reference_id

A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-29T15:49:48Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-31047

reference_id

CVE-2023-31047

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-31047

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNEHD6N435OE2XUFGDAAVAXSYWLCUBFD/

reference_id

DNEHD6N435OE2XUFGDAAVAXSYWLCUBFD

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-29T15:49:48Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNEHD6N435OE2XUFGDAAVAXSYWLCUBFD/

reference_url

https://github.com/advisories/GHSA-r3xc-prgr-mg9p

reference_id

GHSA-r3xc-prgr-mg9p

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r3xc-prgr-mg9p

reference_url

https://security.netapp.com/advisory/ntap-20230609-0008/

reference_id

ntap-20230609-0008

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-29T15:49:48Z/

url

https://security.netapp.com/advisory/ntap-20230609-0008/

reference_url	https://access.redhat.com/errata/RHSA-2023:4591
reference_id	RHSA-2023:4591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4591

reference_url	https://access.redhat.com/errata/RHSA-2023:5931
reference_id	RHSA-2023:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5931

reference_url	https://access.redhat.com/errata/RHSA-2023:6818
reference_id	RHSA-2023:6818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6818

reference_url	https://usn.ubuntu.com/6054-1/
reference_id	USN-6054-1
reference_type
scores
url	https://usn.ubuntu.com/6054-1/

reference_url	https://usn.ubuntu.com/6054-2/
reference_id	USN-6054-2
reference_type
scores
url	https://usn.ubuntu.com/6054-2/

fixed_packages

aliases

BIT-django-2023-31047, CVE-2023-31047, GHSA-r3xc-prgr-mg9p, PYSEC-2023-61

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-42x9-8c3c-bug1

url

VCID-wz1q-1tjp-4qhw

vulnerability_id

VCID-wz1q-1tjp-4qhw

summary

In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36053.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36053.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-36053

reference_id

reference_type

scores

value	0.09595
scoring_system	epss
scoring_elements	0.92856
published_at	2026-04-02T12:55:00Z

value	0.09595
scoring_system	epss
scoring_elements	0.92857
published_at	2026-04-07T12:55:00Z

value	0.09595
scoring_system	epss
scoring_elements	0.92886
published_at	2026-04-18T12:55:00Z

value	0.09595
scoring_system	epss
scoring_elements	0.92884
published_at	2026-04-16T12:55:00Z

value	0.09595
scoring_system	epss
scoring_elements	0.92875
published_at	2026-04-13T12:55:00Z

value	0.09595
scoring_system	epss
scoring_elements	0.9287
published_at	2026-04-09T12:55:00Z

value	0.09595
scoring_system	epss
scoring_elements	0.92866
published_at	2026-04-08T12:55:00Z

value	0.09595
scoring_system	epss
scoring_elements	0.92859
published_at	2026-04-04T12:55:00Z

value	0.09595
scoring_system	epss
scoring_elements	0.92891
published_at	2026-04-21T12:55:00Z

value	0.0983
scoring_system	epss
scoring_elements	0.93001
published_at	2026-04-26T12:55:00Z

value	0.0983
scoring_system	epss
scoring_elements	0.92996
published_at	2026-04-29T12:55:00Z

value	0.0983
scoring_system	epss
scoring_elements	0.93
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-36053

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36053
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36053

reference_url

https://docs.djangoproject.com/en/4.2/releases/security

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://docs.djangoproject.com/en/4.2/releases/security

reference_url

https://docs.djangoproject.com/en/4.2/releases/security/

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/

url

https://docs.djangoproject.com/en/4.2/releases/security/

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/django/django

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django

reference_url

https://github.com/django/django/commit/454f2fb93437f98917283336201b4048293f7582

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/454f2fb93437f98917283336201b4048293f7582

reference_url

https://github.com/django/django/commit/ad0410ec4f458aa39803e5f6b9a3736527062dcd

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/ad0410ec4f458aa39803e5f6b9a3736527062dcd

reference_url

https://github.com/django/django/commit/b7c5feb35a31799de6e582ad6a5a91a9de74e0f9

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/b7c5feb35a31799de6e582ad6a5a91a9de74e0f9

reference_url

https://github.com/django/django/commit/beb3f3d55940d9aa7198bf9d424ab74e873aec3d

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/django/django/commit/beb3f3d55940d9aa7198bf9d424ab74e873aec3d

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-100.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-100.yaml

reference_url

https://groups.google.com/forum/#%21forum/django-announce

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/

url

https://groups.google.com/forum/#%21forum/django-announce

reference_url

https://groups.google.com/forum/#!forum/django-announce

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/forum/#!forum/django-announce

reference_url

https://lists.debian.org/debian-lts-announce/2023/07/msg00022.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/

url

https://lists.debian.org/debian-lts-announce/2023/07/msg00022.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D

reference_url

https://www.debian.org/security/2023/dsa-5465

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/

url

https://www.debian.org/security/2023/dsa-5465

reference_url

https://www.djangoproject.com/weblog/2023/jul/03/security-releases

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.djangoproject.com/weblog/2023/jul/03/security-releases

reference_url

https://www.djangoproject.com/weblog/2023/jul/03/security-releases/

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/

url

https://www.djangoproject.com/weblog/2023/jul/03/security-releases/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040225
reference_id	1040225
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040225

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2218004
reference_id	2218004
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2218004

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-36053

reference_id

CVE-2023-36053

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-36053

reference_url

https://github.com/advisories/GHSA-jh3w-4vvf-mjgr

reference_id

GHSA-jh3w-4vvf-mjgr

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jh3w-4vvf-mjgr

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A/

reference_id

NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A/

reference_url	https://access.redhat.com/errata/RHSA-2023:4692
reference_id	RHSA-2023:4692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4692

reference_url	https://access.redhat.com/errata/RHSA-2023:4693
reference_id	RHSA-2023:4693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4693

reference_url	https://access.redhat.com/errata/RHSA-2023:5931
reference_id	RHSA-2023:5931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5931

reference_url	https://access.redhat.com/errata/RHSA-2023:6818
reference_id	RHSA-2023:6818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6818

reference_url	https://access.redhat.com/errata/RHSA-2024:0212
reference_id	RHSA-2024:0212
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0212

reference_url	https://access.redhat.com/errata/RHSA-2024:1878
reference_id	RHSA-2024:1878
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1878

reference_url	https://usn.ubuntu.com/6203-1/
reference_id	USN-6203-1
reference_type
scores
url	https://usn.ubuntu.com/6203-1/

reference_url	https://usn.ubuntu.com/6203-2/
reference_id	USN-6203-2
reference_type
scores
url	https://usn.ubuntu.com/6203-2/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS/

reference_id

XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/

reference_id

ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/

fixed_packages

aliases

BIT-django-2023-36053, CVE-2023-36053, GHSA-jh3w-4vvf-mjgr, PYSEC-2023-100

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-wz1q-1tjp-4qhw

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-django@3.2.21-1%3Farch=el8pc

Package Instance