Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/djangorestframework@2.1.3
purl pkg:pypi/djangorestframework@2.1.3
Next non-vulnerable version 3.15.2
Latest non-vulnerable version 3.15.2
Risk 3.1
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-az5u-1a5w-9ffa
Aliases:
CVE-2020-25626
GHSA-fx83-3ph3-9j2q
PYSEC-2020-263
A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious <script> tags, leading to a cross-site-scripting (XSS) vulnerability.
3.11.2
Affected by 1 other vulnerability.
VCID-exen-v4sg-mudc
Aliases:
CVE-2024-21520
GHSA-gw84-84pc-xp82
Cross-site Scripting in djangorestframework Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting (XSS) via the break_long_headers template filter due to improper input sanitization before splitting and joining with <br> tags.
3.15.2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T23:03:08.191158+00:00 GitLab Importer Affected by VCID-exen-v4sg-mudc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/djangorestframework/CVE-2024-21520.yml 38.4.0
2026-04-16T21:19:11.069840+00:00 GitLab Importer Affected by VCID-az5u-1a5w-9ffa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/djangorestframework/CVE-2020-25626.yml 38.4.0
2026-04-16T01:41:36.730221+00:00 GHSA Importer Affected by VCID-az5u-1a5w-9ffa https://github.com/advisories/GHSA-fx83-3ph3-9j2q 38.4.0
2026-04-12T00:20:58.813463+00:00 GitLab Importer Affected by VCID-exen-v4sg-mudc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/djangorestframework/CVE-2024-21520.yml 38.3.0
2026-04-11T22:31:28.194972+00:00 GitLab Importer Affected by VCID-az5u-1a5w-9ffa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/djangorestframework/CVE-2020-25626.yml 38.3.0
2026-04-11T13:10:42.904404+00:00 GHSA Importer Affected by VCID-az5u-1a5w-9ffa https://github.com/advisories/GHSA-fx83-3ph3-9j2q 38.3.0
2026-04-03T00:28:31.454561+00:00 GitLab Importer Affected by VCID-exen-v4sg-mudc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/djangorestframework/CVE-2024-21520.yml 38.1.0
2026-04-02T22:42:50.167801+00:00 GitLab Importer Affected by VCID-az5u-1a5w-9ffa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/djangorestframework/CVE-2020-25626.yml 38.1.0
2026-04-02T14:02:23.329659+00:00 GHSA Importer Affected by VCID-az5u-1a5w-9ffa https://github.com/advisories/GHSA-fx83-3ph3-9j2q 38.1.0
2026-04-01T17:00:31.474165+00:00 GitLab Importer Affected by VCID-az5u-1a5w-9ffa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/djangorestframework/CVE-2020-25626.yml 38.0.0
2026-04-01T15:02:40.860967+00:00 PyPI Importer Affected by VCID-az5u-1a5w-9ffa https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T12:42:54.370259+00:00 Pypa Importer Affected by VCID-az5u-1a5w-9ffa https://github.com/pypa/advisory-database/blob/main/vulns/djangorestframework/PYSEC-2020-263.yaml 38.0.0