Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-3ccr-92q5-aqfk
Summary
An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14.
Response headers do not vary on cookies if a session is not modified, but `SESSION_SAVE_EVERY_REQUEST` is `True`. A remote attacker can steal a user's session after that user visits a cached public page.
Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.
Django would like to thank Cantina for reporting this issue.
Aliases
0
alias BIT-django-2026-35192
1
alias CVE-2026-35192
2
alias GHSA-7h2m-m8vj-598h
3
alias PYSEC-2026-50
Fixed_packages
0
url pkg:deb/debian/python-django@3:3.2.25-0%2Bdeb12u3
purl pkg:deb/debian/python-django@3:3.2.25-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.25-0%252Bdeb12u3
1
url pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u2
purl pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u2
2
url pkg:deb/debian/python-django@3:5.2.14-2
purl pkg:deb/debian/python-django@3:5.2.14-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-2
3
url pkg:deb/debian/python-django@3:5.2.14-1?distro=trixie
purl pkg:deb/debian/python-django@3:5.2.14-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-1%3Fdistro=trixie
4
url pkg:deb/debian/python-django@3:5.2.14-2?distro=trixie
purl pkg:deb/debian/python-django@3:5.2.14-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-2%3Fdistro=trixie
5
url pkg:pypi/django@5.2.14
purl pkg:pypi/django@5.2.14
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.14
6
url pkg:pypi/django@6.0.5
purl pkg:pypi/django@6.0.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.5
Affected_packages
0
url pkg:deb/debian/python-django@2:2.2.28-1~deb11u2
purl pkg:deb/debian/python-django@2:2.2.28-1~deb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-63c7-mkxw-ufav
3
vulnerability VCID-92z2-3rbz-77h9
4
vulnerability VCID-ape9-66ck-nfez
5
vulnerability VCID-cg44-thdw-cygg
6
vulnerability VCID-dac4-fa2z-bkdq
7
vulnerability VCID-g22z-jue5-8udz
8
vulnerability VCID-heum-8mwz-sbcw
9
vulnerability VCID-j2uz-w2ur-7ud4
10
vulnerability VCID-jt9m-kd3k-uqca
11
vulnerability VCID-q4cv-2m7d-3qd5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2
1
url pkg:deb/debian/python-django@3:3.2.25-0%2Bdeb12u2
purl pkg:deb/debian/python-django@3:3.2.25-0%2Bdeb12u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-63c7-mkxw-ufav
3
vulnerability VCID-92z2-3rbz-77h9
4
vulnerability VCID-ape9-66ck-nfez
5
vulnerability VCID-cg44-thdw-cygg
6
vulnerability VCID-dac4-fa2z-bkdq
7
vulnerability VCID-g22z-jue5-8udz
8
vulnerability VCID-heum-8mwz-sbcw
9
vulnerability VCID-j2uz-w2ur-7ud4
10
vulnerability VCID-jt9m-kd3k-uqca
11
vulnerability VCID-q4cv-2m7d-3qd5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.25-0%252Bdeb12u2
2
url pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1
purl pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-63c7-mkxw-ufav
3
vulnerability VCID-92z2-3rbz-77h9
4
vulnerability VCID-cg44-thdw-cygg
5
vulnerability VCID-dac4-fa2z-bkdq
6
vulnerability VCID-g22z-jue5-8udz
7
vulnerability VCID-heum-8mwz-sbcw
8
vulnerability VCID-j2uz-w2ur-7ud4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u1
3
url pkg:deb/debian/python-django@3:4.2.30-1
purl pkg:deb/debian/python-django@3:4.2.30-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ccr-92q5-aqfk
1
vulnerability VCID-92z2-3rbz-77h9
2
vulnerability VCID-g22z-jue5-8udz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.30-1
4
url pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie
purl pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-63c7-mkxw-ufav
3
vulnerability VCID-92z2-3rbz-77h9
4
vulnerability VCID-ape9-66ck-nfez
5
vulnerability VCID-cg44-thdw-cygg
6
vulnerability VCID-dac4-fa2z-bkdq
7
vulnerability VCID-g22z-jue5-8udz
8
vulnerability VCID-heum-8mwz-sbcw
9
vulnerability VCID-j2uz-w2ur-7ud4
10
vulnerability VCID-jt9m-kd3k-uqca
11
vulnerability VCID-q4cv-2m7d-3qd5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2%3Fdistro=trixie
5
url pkg:deb/debian/python-django@3:3.2.25-0%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/python-django@3:3.2.25-0%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-63c7-mkxw-ufav
3
vulnerability VCID-92z2-3rbz-77h9
4
vulnerability VCID-ape9-66ck-nfez
5
vulnerability VCID-cg44-thdw-cygg
6
vulnerability VCID-dac4-fa2z-bkdq
7
vulnerability VCID-g22z-jue5-8udz
8
vulnerability VCID-heum-8mwz-sbcw
9
vulnerability VCID-j2uz-w2ur-7ud4
10
vulnerability VCID-jt9m-kd3k-uqca
11
vulnerability VCID-q4cv-2m7d-3qd5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.25-0%252Bdeb12u2%3Fdistro=trixie
6
url pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-63c7-mkxw-ufav
3
vulnerability VCID-92z2-3rbz-77h9
4
vulnerability VCID-cg44-thdw-cygg
5
vulnerability VCID-dac4-fa2z-bkdq
6
vulnerability VCID-g22z-jue5-8udz
7
vulnerability VCID-heum-8mwz-sbcw
8
vulnerability VCID-j2uz-w2ur-7ud4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u1%3Fdistro=trixie
7
url pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie
purl pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ccr-92q5-aqfk
1
vulnerability VCID-92z2-3rbz-77h9
2
vulnerability VCID-g22z-jue5-8udz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.30-1%3Fdistro=trixie
8
url pkg:pypi/django@5.2
purl pkg:pypi/django@5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-3vk6-hdbc-2bhz
4
vulnerability VCID-5fbx-3yfb-fudx
5
vulnerability VCID-62jv-ab6d-sqdb
6
vulnerability VCID-63c7-mkxw-ufav
7
vulnerability VCID-7jbt-5zw2-vff2
8
vulnerability VCID-92bp-6kte-tyfs
9
vulnerability VCID-92z2-3rbz-77h9
10
vulnerability VCID-9udu-eqvn-mqbj
11
vulnerability VCID-ax7m-uv4s-zkc1
12
vulnerability VCID-cbsj-1qqg-1ba6
13
vulnerability VCID-cg44-thdw-cygg
14
vulnerability VCID-dac4-fa2z-bkdq
15
vulnerability VCID-em3c-ceug-cubp
16
vulnerability VCID-enen-3w2h-g3b8
17
vulnerability VCID-fbee-vj2y-cfeb
18
vulnerability VCID-g22z-jue5-8udz
19
vulnerability VCID-heum-8mwz-sbcw
20
vulnerability VCID-j2uz-w2ur-7ud4
21
vulnerability VCID-jma1-9ags-xbfm
22
vulnerability VCID-u15a-4ste-43cy
23
vulnerability VCID-vpgq-jhzc-j7h2
24
vulnerability VCID-xmq2-18at-y3gj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2
9
url pkg:pypi/django@5.2.1
purl pkg:pypi/django@5.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-7jbt-5zw2-vff2
7
vulnerability VCID-92bp-6kte-tyfs
8
vulnerability VCID-92z2-3rbz-77h9
9
vulnerability VCID-9udu-eqvn-mqbj
10
vulnerability VCID-ax7m-uv4s-zkc1
11
vulnerability VCID-cbsj-1qqg-1ba6
12
vulnerability VCID-cg44-thdw-cygg
13
vulnerability VCID-enen-3w2h-g3b8
14
vulnerability VCID-fbee-vj2y-cfeb
15
vulnerability VCID-g22z-jue5-8udz
16
vulnerability VCID-heum-8mwz-sbcw
17
vulnerability VCID-j2uz-w2ur-7ud4
18
vulnerability VCID-jma1-9ags-xbfm
19
vulnerability VCID-u15a-4ste-43cy
20
vulnerability VCID-vpgq-jhzc-j7h2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.1
10
url pkg:pypi/django@5.2.2
purl pkg:pypi/django@5.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-7jbt-5zw2-vff2
7
vulnerability VCID-92bp-6kte-tyfs
8
vulnerability VCID-92z2-3rbz-77h9
9
vulnerability VCID-9udu-eqvn-mqbj
10
vulnerability VCID-ax7m-uv4s-zkc1
11
vulnerability VCID-cbsj-1qqg-1ba6
12
vulnerability VCID-cg44-thdw-cygg
13
vulnerability VCID-enen-3w2h-g3b8
14
vulnerability VCID-g22z-jue5-8udz
15
vulnerability VCID-heum-8mwz-sbcw
16
vulnerability VCID-j2uz-w2ur-7ud4
17
vulnerability VCID-jma1-9ags-xbfm
18
vulnerability VCID-u15a-4ste-43cy
19
vulnerability VCID-vpgq-jhzc-j7h2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.2
11
url pkg:pypi/django@5.2.3
purl pkg:pypi/django@5.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-7jbt-5zw2-vff2
7
vulnerability VCID-92bp-6kte-tyfs
8
vulnerability VCID-92z2-3rbz-77h9
9
vulnerability VCID-9udu-eqvn-mqbj
10
vulnerability VCID-ax7m-uv4s-zkc1
11
vulnerability VCID-cbsj-1qqg-1ba6
12
vulnerability VCID-cg44-thdw-cygg
13
vulnerability VCID-enen-3w2h-g3b8
14
vulnerability VCID-g22z-jue5-8udz
15
vulnerability VCID-heum-8mwz-sbcw
16
vulnerability VCID-j2uz-w2ur-7ud4
17
vulnerability VCID-jma1-9ags-xbfm
18
vulnerability VCID-u15a-4ste-43cy
19
vulnerability VCID-vpgq-jhzc-j7h2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.3
12
url pkg:pypi/django@5.2.4
purl pkg:pypi/django@5.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-7jbt-5zw2-vff2
7
vulnerability VCID-92bp-6kte-tyfs
8
vulnerability VCID-92z2-3rbz-77h9
9
vulnerability VCID-9udu-eqvn-mqbj
10
vulnerability VCID-ax7m-uv4s-zkc1
11
vulnerability VCID-cbsj-1qqg-1ba6
12
vulnerability VCID-cg44-thdw-cygg
13
vulnerability VCID-enen-3w2h-g3b8
14
vulnerability VCID-g22z-jue5-8udz
15
vulnerability VCID-heum-8mwz-sbcw
16
vulnerability VCID-j2uz-w2ur-7ud4
17
vulnerability VCID-jma1-9ags-xbfm
18
vulnerability VCID-u15a-4ste-43cy
19
vulnerability VCID-vpgq-jhzc-j7h2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.4
13
url pkg:pypi/django@5.2.5
purl pkg:pypi/django@5.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-7jbt-5zw2-vff2
7
vulnerability VCID-92bp-6kte-tyfs
8
vulnerability VCID-92z2-3rbz-77h9
9
vulnerability VCID-9udu-eqvn-mqbj
10
vulnerability VCID-ax7m-uv4s-zkc1
11
vulnerability VCID-cbsj-1qqg-1ba6
12
vulnerability VCID-cg44-thdw-cygg
13
vulnerability VCID-enen-3w2h-g3b8
14
vulnerability VCID-g22z-jue5-8udz
15
vulnerability VCID-heum-8mwz-sbcw
16
vulnerability VCID-j2uz-w2ur-7ud4
17
vulnerability VCID-jma1-9ags-xbfm
18
vulnerability VCID-u15a-4ste-43cy
19
vulnerability VCID-vpgq-jhzc-j7h2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.5
14
url pkg:pypi/django@5.2.6
purl pkg:pypi/django@5.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-7jbt-5zw2-vff2
7
vulnerability VCID-92bp-6kte-tyfs
8
vulnerability VCID-92z2-3rbz-77h9
9
vulnerability VCID-9udu-eqvn-mqbj
10
vulnerability VCID-cbsj-1qqg-1ba6
11
vulnerability VCID-cg44-thdw-cygg
12
vulnerability VCID-enen-3w2h-g3b8
13
vulnerability VCID-g22z-jue5-8udz
14
vulnerability VCID-heum-8mwz-sbcw
15
vulnerability VCID-j2uz-w2ur-7ud4
16
vulnerability VCID-jma1-9ags-xbfm
17
vulnerability VCID-u15a-4ste-43cy
18
vulnerability VCID-vpgq-jhzc-j7h2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.6
15
url pkg:pypi/django@5.2.7
purl pkg:pypi/django@5.2.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-7jbt-5zw2-vff2
7
vulnerability VCID-92bp-6kte-tyfs
8
vulnerability VCID-92z2-3rbz-77h9
9
vulnerability VCID-9udu-eqvn-mqbj
10
vulnerability VCID-cbsj-1qqg-1ba6
11
vulnerability VCID-cg44-thdw-cygg
12
vulnerability VCID-enen-3w2h-g3b8
13
vulnerability VCID-g22z-jue5-8udz
14
vulnerability VCID-heum-8mwz-sbcw
15
vulnerability VCID-j2uz-w2ur-7ud4
16
vulnerability VCID-jma1-9ags-xbfm
17
vulnerability VCID-u15a-4ste-43cy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.7
16
url pkg:pypi/django@5.2.8
purl pkg:pypi/django@5.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-7jbt-5zw2-vff2
7
vulnerability VCID-92bp-6kte-tyfs
8
vulnerability VCID-92z2-3rbz-77h9
9
vulnerability VCID-cbsj-1qqg-1ba6
10
vulnerability VCID-cg44-thdw-cygg
11
vulnerability VCID-enen-3w2h-g3b8
12
vulnerability VCID-g22z-jue5-8udz
13
vulnerability VCID-heum-8mwz-sbcw
14
vulnerability VCID-j2uz-w2ur-7ud4
15
vulnerability VCID-jma1-9ags-xbfm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.8
17
url pkg:pypi/django@5.2.9
purl pkg:pypi/django@5.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-5fbx-3yfb-fudx
3
vulnerability VCID-62jv-ab6d-sqdb
4
vulnerability VCID-63c7-mkxw-ufav
5
vulnerability VCID-92bp-6kte-tyfs
6
vulnerability VCID-92z2-3rbz-77h9
7
vulnerability VCID-cbsj-1qqg-1ba6
8
vulnerability VCID-cg44-thdw-cygg
9
vulnerability VCID-enen-3w2h-g3b8
10
vulnerability VCID-g22z-jue5-8udz
11
vulnerability VCID-heum-8mwz-sbcw
12
vulnerability VCID-j2uz-w2ur-7ud4
13
vulnerability VCID-jma1-9ags-xbfm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.9
18
url pkg:pypi/django@5.2.10
purl pkg:pypi/django@5.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-5fbx-3yfb-fudx
3
vulnerability VCID-62jv-ab6d-sqdb
4
vulnerability VCID-63c7-mkxw-ufav
5
vulnerability VCID-92bp-6kte-tyfs
6
vulnerability VCID-92z2-3rbz-77h9
7
vulnerability VCID-cbsj-1qqg-1ba6
8
vulnerability VCID-cg44-thdw-cygg
9
vulnerability VCID-enen-3w2h-g3b8
10
vulnerability VCID-g22z-jue5-8udz
11
vulnerability VCID-heum-8mwz-sbcw
12
vulnerability VCID-j2uz-w2ur-7ud4
13
vulnerability VCID-jma1-9ags-xbfm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.10
19
url pkg:pypi/django@5.2.11
purl pkg:pypi/django@5.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-63c7-mkxw-ufav
3
vulnerability VCID-92z2-3rbz-77h9
4
vulnerability VCID-cg44-thdw-cygg
5
vulnerability VCID-g22z-jue5-8udz
6
vulnerability VCID-heum-8mwz-sbcw
7
vulnerability VCID-j2uz-w2ur-7ud4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.11
20
url pkg:pypi/django@5.2.12
purl pkg:pypi/django@5.2.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-63c7-mkxw-ufav
3
vulnerability VCID-92z2-3rbz-77h9
4
vulnerability VCID-cg44-thdw-cygg
5
vulnerability VCID-g22z-jue5-8udz
6
vulnerability VCID-heum-8mwz-sbcw
7
vulnerability VCID-j2uz-w2ur-7ud4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.12
21
url pkg:pypi/django@5.2.13
purl pkg:pypi/django@5.2.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ccr-92q5-aqfk
1
vulnerability VCID-92z2-3rbz-77h9
2
vulnerability VCID-g22z-jue5-8udz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.13
22
url pkg:pypi/django@6.0
purl pkg:pypi/django@6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3vk6-hdbc-2bhz
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-92bp-6kte-tyfs
7
vulnerability VCID-92z2-3rbz-77h9
8
vulnerability VCID-cbsj-1qqg-1ba6
9
vulnerability VCID-cg44-thdw-cygg
10
vulnerability VCID-dac4-fa2z-bkdq
11
vulnerability VCID-enen-3w2h-g3b8
12
vulnerability VCID-g22z-jue5-8udz
13
vulnerability VCID-heum-8mwz-sbcw
14
vulnerability VCID-j2uz-w2ur-7ud4
15
vulnerability VCID-jma1-9ags-xbfm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0
23
url pkg:pypi/django@6.0.1
purl pkg:pypi/django@6.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-5fbx-3yfb-fudx
3
vulnerability VCID-62jv-ab6d-sqdb
4
vulnerability VCID-63c7-mkxw-ufav
5
vulnerability VCID-92bp-6kte-tyfs
6
vulnerability VCID-92z2-3rbz-77h9
7
vulnerability VCID-cbsj-1qqg-1ba6
8
vulnerability VCID-cg44-thdw-cygg
9
vulnerability VCID-enen-3w2h-g3b8
10
vulnerability VCID-g22z-jue5-8udz
11
vulnerability VCID-heum-8mwz-sbcw
12
vulnerability VCID-j2uz-w2ur-7ud4
13
vulnerability VCID-jma1-9ags-xbfm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.1
24
url pkg:pypi/django@6.0.2
purl pkg:pypi/django@6.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-63c7-mkxw-ufav
3
vulnerability VCID-92z2-3rbz-77h9
4
vulnerability VCID-cg44-thdw-cygg
5
vulnerability VCID-g22z-jue5-8udz
6
vulnerability VCID-heum-8mwz-sbcw
7
vulnerability VCID-j2uz-w2ur-7ud4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.2
25
url pkg:pypi/django@6.0.3
purl pkg:pypi/django@6.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-63c7-mkxw-ufav
3
vulnerability VCID-92z2-3rbz-77h9
4
vulnerability VCID-cg44-thdw-cygg
5
vulnerability VCID-g22z-jue5-8udz
6
vulnerability VCID-heum-8mwz-sbcw
7
vulnerability VCID-j2uz-w2ur-7ud4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.3
26
url pkg:pypi/django@6.0.4
purl pkg:pypi/django@6.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3ccr-92q5-aqfk
1
vulnerability VCID-92z2-3rbz-77h9
2
vulnerability VCID-g22z-jue5-8udz
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0.4
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35192
reference_id
reference_type
scores
0
value 0.00041
scoring_system epss
scoring_elements 0.1294
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35192
1
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
2
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T17:04:02Z/
url https://docs.djangoproject.com/en/dev/releases/security/
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
5
reference_url https://groups.google.com/g/django-announce
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T17:04:02Z/
url https://groups.google.com/g/django-announce
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35192
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35192
7
reference_url https://www.djangoproject.com/weblog/2026/may/05/security-releases
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2026/may/05/security-releases
8
reference_url https://www.djangoproject.com/weblog/2026/may/05/security-releases/
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T17:04:02Z/
url https://www.djangoproject.com/weblog/2026/may/05/security-releases/
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135755
reference_id 1135755
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135755
10
reference_url https://usn.ubuntu.com/8232-1/
reference_id USN-8232-1
reference_type
scores
url https://usn.ubuntu.com/8232-1/
Weaknesses
0
cwe_id 539
name Use of Persistent Cookies Containing Sensitive Information
description The web application uses persistent cookies, but the cookies contain sensitive information.
Exploits
Severity_range_score0.1 - 6.5
Exploitability0.5
Weighted_severity5.2
Risk_score2.6
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-3ccr-92q5-aqfk