Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/10564?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/10564?format=api", "purl": "pkg:pypi/django@1.11.12", "type": "pypi", "namespace": "", "name": "django", "version": "1.11.12", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.11.19", "latest_non_vulnerable_version": "6.0.5", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6026?format=api", "vulnerability_id": "VCID-2bh9-k4at-r7hz", "summary": "sql injection", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7471", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09442", "scoring_system": "epss", "scoring_elements": "0.92943", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7471" }, { "reference_url": "https://docs.djangoproject.com/en/3.0/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/3.0/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/3.0/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/3.0/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-hmr4-m2h5-33qx", "reference_id": "", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hmr4-m2h5-33qx" }, { "reference_url": "https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd" }, { "reference_url": "https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b" }, { "reference_url": "https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147" }, { "reference_url": "https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml" }, { "reference_url": "https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/" }, { "reference_url": "https://seclists.org/bugtraq/2020/Feb/30", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Feb/30" }, { "reference_url": "https://security.gentoo.org/glsa/202004-17", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-17" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200221-0006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200221-0006" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200221-0006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200221-0006/" }, { "reference_url": "https://usn.ubuntu.com/4264-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4264-1" }, { "reference_url": "https://usn.ubuntu.com/4264-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4264-1/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4629" }, { "reference_url": "https://www.djangoproject.com/weblog/2020/feb/03/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2020/feb/03/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2020/feb/03/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2020/feb/03/security-releases/" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2020/02/03/1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openwall.com/lists/oss-security/2020/02/03/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2020/02/03/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2020/02/03/1" }, { "reference_url": "https://security.archlinux.org/ASA-202002-1", "reference_id": "ASA-202002-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202002-1" }, { "reference_url": "https://security.archlinux.org/AVG-1091", "reference_id": "AVG-1091", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1091" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7471", "reference_id": "CVE-2020-7471", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7471" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/13755?format=api", "purl": "pkg:pypi/django@1.11.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/13756?format=api", "purl": "pkg:pypi/django@2.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2f2p-wfbs-73hz" }, { "vulnerability": "VCID-5a2y-2m62-1qfa" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-81q1-gytk-2uaq" }, { "vulnerability": "VCID-9hp4-hn21-zkg8" }, { "vulnerability": "VCID-b81v-3drw-xudf" }, { "vulnerability": "VCID-bbxx-48nj-pqcd" }, { "vulnerability": "VCID-dcv2-gx5a-pfe2" }, { "vulnerability": "VCID-dqkn-1888-y3er" }, { "vulnerability": "VCID-fc6y-y2b1-v3d5" }, { "vulnerability": "VCID-gxju-xjh2-z7bn" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-jzbk-uswz-8ucg" }, { "vulnerability": "VCID-nxbs-37dx-rbbh" }, { "vulnerability": "VCID-punr-dfy5-v3g1" }, { "vulnerability": "VCID-u53d-8afk-c3gq" }, { "vulnerability": "VCID-vyzr-dkz3-vfg6" }, { "vulnerability": "VCID-xb3c-6rew-z3ba" }, { "vulnerability": "VCID-xu9t-qtjz-bud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/13757?format=api", "purl": "pkg:pypi/django@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5a2y-2m62-1qfa" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-9hp4-hn21-zkg8" }, { "vulnerability": "VCID-b81v-3drw-xudf" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-nxbs-37dx-rbbh" }, { "vulnerability": "VCID-punr-dfy5-v3g1" }, { "vulnerability": "VCID-xb3c-6rew-z3ba" }, { "vulnerability": "VCID-xu9t-qtjz-bud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.3" } ], "aliases": [ "CVE-2020-7471", "GHSA-hmr4-m2h5-33qx", "PYSEC-2020-35" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2bh9-k4at-r7hz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6144?format=api", "vulnerability_id": "VCID-2jvg-udsm-nkax", "summary": "open redirect", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0265", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0265" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14574", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0748", "scoring_system": "epss", "scoring_elements": "0.91901", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14574" }, { "reference_url": "https://github.com/advisories/GHSA-5hg3-6c2f-f3wr", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5hg3-6c2f-f3wr" }, { "reference_url": "https://github.com/django/django/commit/6fffc3c6d420e44f4029d5643f38d00a39b08525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/6fffc3c6d420e44f4029d5643f38d00a39b08525" }, { "reference_url": "https://github.com/django/django/commit/c4e5ff7fdb5fce447675e90291fd33fddd052b3c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/c4e5ff7fdb5fce447675e90291fd33fddd052b3c" }, { "reference_url": "https://github.com/django/django/commit/d6eaee092709aad477a9894598496c6deec532ff", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/d6eaee092709aad477a9894598496c6deec532ff" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2018-2.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2018-2.yaml" }, { "reference_url": "https://usn.ubuntu.com/3726-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3726-1" }, { "reference_url": "https://usn.ubuntu.com/3726-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3726-1/" }, { "reference_url": "https://web.archive.org/web/20190901075632/http://www.securitytracker.com/id/1041403", "reference_id": "", "reference_type": "", "scores": [], "url": "https://web.archive.org/web/20190901075632/http://www.securitytracker.com/id/1041403" }, { "reference_url": "https://web.archive.org/web/20200227115315/http://www.securityfocus.com/bid/104970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://web.archive.org/web/20200227115315/http://www.securityfocus.com/bid/104970" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4264" }, { "reference_url": "https://www.djangoproject.com/weblog/2018/aug/01/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2018/aug/01/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2018/aug/01/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2018/aug/01/security-releases/" }, { "reference_url": "http://www.securityfocus.com/bid/104970", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104970" }, { "reference_url": "http://www.securitytracker.com/id/1041403", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041403" }, { "reference_url": "https://security.archlinux.org/ASA-201808-1", "reference_id": "ASA-201808-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201808-1" }, { "reference_url": "https://security.archlinux.org/AVG-743", "reference_id": "AVG-743", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-743" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14574", "reference_id": "CVE-2018-14574", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14574" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/10572?format=api", "purl": "pkg:pypi/django@1.11.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-bxu2-wqcg-1ueh" }, { "vulnerability": "VCID-evu1-efcj-gfc5" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-n9cz-g44c-4fht" }, { "vulnerability": "VCID-v8hg-78p1-87bh" }, { "vulnerability": "VCID-wj2g-v6dz-2yeq" }, { "vulnerability": "VCID-wsx7-6bfa-pugr" }, { "vulnerability": "VCID-x2hp-rmcn-gbah" }, { "vulnerability": "VCID-ypwa-2rh9-gyex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/10571?format=api", "purl": "pkg:pypi/django@2.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-wj2g-v6dz-2yeq" }, { "vulnerability": "VCID-wsx7-6bfa-pugr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.8" } ], "aliases": [ "CVE-2018-14574", "GHSA-5hg3-6c2f-f3wr", "PYSEC-2018-2" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2jvg-udsm-nkax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6016?format=api", "vulnerability_id": "VCID-7b47-vsfh-y3gh", "summary": "sql injection", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9402", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.84997", "scoring_system": "epss", "scoring_elements": "0.99364", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9402" }, { "reference_url": "https://docs.djangoproject.com/en/3.0/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/3.0/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/3.0/releases/security/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://docs.djangoproject.com/en/3.0/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-3gh2-xw74-jmcw", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3gh2-xw74-jmcw" }, { "reference_url": "https://github.com/django/django/commit/6695d29b1c1ce979725816295a26ecc64ae0e927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/6695d29b1c1ce979725816295a26ecc64ae0e927" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-345.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-345.yaml" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-36.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-36.yaml" }, { "reference_url": "https://groups.google.com/forum/#%21topic/django-announce/fLUh_pOaKrY", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://groups.google.com/forum/#%21topic/django-announce/fLUh_pOaKrY" }, { "reference_url": "https://groups.google.com/forum/#!topic/django-announce/fLUh_pOaKrY", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/django-announce/fLUh_pOaKrY" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00035.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00035.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY" }, { "reference_url": "https://security.gentoo.org/glsa/202004-17", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://security.gentoo.org/glsa/202004-17" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200327-0004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200327-0004" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200327-0004/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://security.netapp.com/advisory/ntap-20200327-0004/" }, { "reference_url": "https://usn.ubuntu.com/4296-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4296-1" }, { "reference_url": "https://usn.ubuntu.com/4296-1/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://usn.ubuntu.com/4296-1/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4705", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://www.debian.org/security/2020/dsa-4705" }, { "reference_url": "https://www.djangoproject.com/weblog/2020/mar/04/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2020/mar/04/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2020/mar/04/security-releases/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://www.djangoproject.com/weblog/2020/mar/04/security-releases/" }, { "reference_url": "https://security.archlinux.org/ASA-202003-5", "reference_id": "ASA-202003-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202003-5" }, { "reference_url": "https://security.archlinux.org/AVG-1111", "reference_id": "AVG-1111", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1111" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9402", "reference_id": "CVE-2020-9402", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9402" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/13763?format=api", "purl": "pkg:pypi/django@1.11.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzcv-euwq-eqeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/13764?format=api", "purl": "pkg:pypi/django@2.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2f2p-wfbs-73hz" }, { "vulnerability": "VCID-5a2y-2m62-1qfa" }, { "vulnerability": "VCID-81q1-gytk-2uaq" }, { "vulnerability": "VCID-9hp4-hn21-zkg8" }, { "vulnerability": "VCID-b81v-3drw-xudf" }, { "vulnerability": "VCID-bbxx-48nj-pqcd" }, { "vulnerability": "VCID-dcv2-gx5a-pfe2" }, { "vulnerability": "VCID-dqkn-1888-y3er" }, { "vulnerability": "VCID-fc6y-y2b1-v3d5" }, { "vulnerability": "VCID-gxju-xjh2-z7bn" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-jzbk-uswz-8ucg" }, { "vulnerability": "VCID-nxbs-37dx-rbbh" }, { "vulnerability": "VCID-punr-dfy5-v3g1" }, { "vulnerability": "VCID-u53d-8afk-c3gq" }, { "vulnerability": "VCID-vyzr-dkz3-vfg6" }, { "vulnerability": "VCID-xb3c-6rew-z3ba" }, { "vulnerability": "VCID-xu9t-qtjz-bud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/13765?format=api", "purl": "pkg:pypi/django@3.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5a2y-2m62-1qfa" }, { "vulnerability": "VCID-9hp4-hn21-zkg8" }, { "vulnerability": "VCID-b81v-3drw-xudf" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-nxbs-37dx-rbbh" }, { "vulnerability": "VCID-punr-dfy5-v3g1" }, { "vulnerability": "VCID-xb3c-6rew-z3ba" }, { "vulnerability": "VCID-xu9t-qtjz-bud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.4" } ], "aliases": [ "CVE-2020-9402", "GHSA-3gh2-xw74-jmcw", "PYSEC-2020-345", "PYSEC-2020-36" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7b47-vsfh-y3gh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6075?format=api", "vulnerability_id": "VCID-bxu2-wqcg-1ueh", "summary": "cross-site scripting", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12308", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01603", "scoring_system": "epss", "scoring_elements": "0.8203", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12308" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/1.11.21", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/1.11.21" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/1.11.21/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/1.11.21/" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/2.1.9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/2.1.9" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/2.1.9/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/2.1.9/" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/2.2.2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/2.2.2" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/2.2.2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/2.2.2/" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-7rp2-fm2h-wchj", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7rp2-fm2h-wchj" }, { "reference_url": "https://github.com/django/django", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django" }, { "reference_url": "https://github.com/django/django/commit/09186a13d975de6d049f8b3e05484f66b01ece62", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/09186a13d975de6d049f8b3e05484f66b01ece62" }, { "reference_url": "https://github.com/django/django/commit/afddabf8428ddc89a332f7a78d0d21eaf2b5a673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/afddabf8428ddc89a332f7a78d0d21eaf2b5a673" }, { "reference_url": "https://github.com/django/django/commit/c238701859a52d584f349cce15d56c8e8137c52b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/c238701859a52d584f349cce15d56c8e8137c52b" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-79.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-79.yaml" }, { "reference_url": "https://groups.google.com/forum/#!topic/django-announce/GEbHU7YoVz8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/django-announce/GEbHU7YoVz8" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00001.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00001.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Jul/10", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Jul/10" }, { "reference_url": "https://security.gentoo.org/glsa/202004-17", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-17" }, { "reference_url": "https://usn.ubuntu.com/4043-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4043-1" }, { "reference_url": "https://usn.ubuntu.com/4043-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4043-1/" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4476" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/jun/03/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/jun/03/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/jun/03/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/jun/03/security-releases/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/06/03/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/06/03/2" }, { "reference_url": "http://www.securityfocus.com/bid/108559", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/108559" }, { "reference_url": "https://security.archlinux.org/ASA-201906-2", "reference_id": "ASA-201906-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201906-2" }, { "reference_url": "https://security.archlinux.org/AVG-969", "reference_id": "AVG-969", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-969" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12308", "reference_id": "CVE-2019-12308", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12308" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/12244?format=api", "purl": "pkg:pypi/django@1.11.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-evu1-efcj-gfc5" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-n9cz-g44c-4fht" }, { "vulnerability": "VCID-v8hg-78p1-87bh" }, { "vulnerability": "VCID-x2hp-rmcn-gbah" }, { "vulnerability": "VCID-ypwa-2rh9-gyex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/12243?format=api", "purl": "pkg:pypi/django@2.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-evu1-efcj-gfc5" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-n9cz-g44c-4fht" }, { "vulnerability": "VCID-v8hg-78p1-87bh" }, { "vulnerability": "VCID-x2hp-rmcn-gbah" }, { "vulnerability": "VCID-ypwa-2rh9-gyex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/12245?format=api", "purl": "pkg:pypi/django@2.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-2f2p-wfbs-73hz" }, { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-5a2y-2m62-1qfa" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-81q1-gytk-2uaq" }, { "vulnerability": "VCID-9hp4-hn21-zkg8" }, { "vulnerability": "VCID-b81v-3drw-xudf" }, { "vulnerability": "VCID-bbxx-48nj-pqcd" }, { "vulnerability": "VCID-dcv2-gx5a-pfe2" }, { "vulnerability": "VCID-dqkn-1888-y3er" }, { "vulnerability": "VCID-evu1-efcj-gfc5" }, { "vulnerability": "VCID-fc6y-y2b1-v3d5" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-gxju-xjh2-z7bn" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-jzbk-uswz-8ucg" }, { "vulnerability": "VCID-n9cz-g44c-4fht" }, { "vulnerability": "VCID-nxbs-37dx-rbbh" }, { "vulnerability": "VCID-punr-dfy5-v3g1" }, { "vulnerability": "VCID-u53d-8afk-c3gq" }, { "vulnerability": "VCID-v8hg-78p1-87bh" }, { "vulnerability": "VCID-vyzr-dkz3-vfg6" }, { "vulnerability": "VCID-x2hp-rmcn-gbah" }, { "vulnerability": "VCID-xb3c-6rew-z3ba" }, { "vulnerability": "VCID-xu9t-qtjz-bud8" }, { "vulnerability": "VCID-ypwa-2rh9-gyex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.2" } ], "aliases": [ "CVE-2019-12308", "GHSA-7rp2-fm2h-wchj", "PYSEC-2019-79" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bxu2-wqcg-1ueh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6060?format=api", "vulnerability_id": "VCID-evu1-efcj-gfc5", "summary": "multiple issues", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14235", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06773", "scoring_system": "epss", "scoring_elements": "0.91447", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14235" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-v9qg-3j8p-r63v", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v9qg-3j8p-r63v" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-14.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-14.yaml" }, { "reference_url": "https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/15", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Aug/15" }, { "reference_url": "https://security.gentoo.org/glsa/202004-17", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-17" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190828-0002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190828-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190828-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190828-0002/" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4498" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases/" }, { "reference_url": "https://security.archlinux.org/ASA-201908-2", "reference_id": "ASA-201908-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-2" }, { "reference_url": "https://security.archlinux.org/AVG-1015", "reference_id": "AVG-1015", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1015" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14235", "reference_id": "CVE-2019-14235", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14235" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/12700?format=api", "purl": "pkg:pypi/django@1.11.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/12701?format=api", "purl": "pkg:pypi/django@2.1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/12702?format=api", "purl": "pkg:pypi/django@2.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-2f2p-wfbs-73hz" }, { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-5a2y-2m62-1qfa" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-81q1-gytk-2uaq" }, { "vulnerability": "VCID-9hp4-hn21-zkg8" }, { "vulnerability": "VCID-b81v-3drw-xudf" }, { "vulnerability": "VCID-bbxx-48nj-pqcd" }, { "vulnerability": "VCID-dcv2-gx5a-pfe2" }, { "vulnerability": "VCID-dqkn-1888-y3er" }, { "vulnerability": "VCID-fc6y-y2b1-v3d5" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-gxju-xjh2-z7bn" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-jzbk-uswz-8ucg" }, { "vulnerability": "VCID-nxbs-37dx-rbbh" }, { "vulnerability": "VCID-punr-dfy5-v3g1" }, { "vulnerability": "VCID-u53d-8afk-c3gq" }, { "vulnerability": "VCID-vyzr-dkz3-vfg6" }, { "vulnerability": "VCID-xb3c-6rew-z3ba" }, { "vulnerability": "VCID-xu9t-qtjz-bud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4" } ], "aliases": [ "CVE-2019-14235", "GHSA-v9qg-3j8p-r63v", "PYSEC-2019-14" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-evu1-efcj-gfc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4216?format=api", "vulnerability_id": "VCID-fynq-usj6-rfd3", "summary": "insufficient validation", "references": [ { "reference_url": "http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13973", "scoring_system": "epss", "scoring_elements": "0.94448", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19844" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-vfq6-hq5r-27r6", "reference_id": "", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vfq6-hq5r-27r6" }, { "reference_url": "https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26" }, { "reference_url": "https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e" }, { "reference_url": "https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70" }, { "reference_url": "https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml" }, { "reference_url": "https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/" }, { "reference_url": "https://seclists.org/bugtraq/2020/Jan/9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Jan/9" }, { "reference_url": "https://security.gentoo.org/glsa/202004-17", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-17" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200110-0003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200110-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200110-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200110-0003/" }, { "reference_url": "https://usn.ubuntu.com/4224-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4224-1" }, { "reference_url": "https://usn.ubuntu.com/4224-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4224-1/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4598" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/dec/18/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/dec/18/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/dec/18/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/dec/18/security-releases/" }, { "reference_url": "https://security.archlinux.org/AVG-1080", "reference_id": "AVG-1080", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1080" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19844", "reference_id": "CVE-2019-19844", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19844" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/13511?format=api", "purl": "pkg:pypi/django@1.11.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/13512?format=api", "purl": "pkg:pypi/django@2.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-2f2p-wfbs-73hz" }, { "vulnerability": "VCID-5a2y-2m62-1qfa" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-81q1-gytk-2uaq" }, { "vulnerability": "VCID-9hp4-hn21-zkg8" }, { "vulnerability": "VCID-b81v-3drw-xudf" }, { "vulnerability": "VCID-bbxx-48nj-pqcd" }, { "vulnerability": "VCID-dcv2-gx5a-pfe2" }, { "vulnerability": "VCID-dqkn-1888-y3er" }, { "vulnerability": "VCID-fc6y-y2b1-v3d5" }, { "vulnerability": "VCID-gxju-xjh2-z7bn" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-jzbk-uswz-8ucg" }, { "vulnerability": "VCID-nxbs-37dx-rbbh" }, { "vulnerability": "VCID-punr-dfy5-v3g1" }, { "vulnerability": "VCID-u53d-8afk-c3gq" }, { "vulnerability": "VCID-vyzr-dkz3-vfg6" }, { "vulnerability": "VCID-xb3c-6rew-z3ba" }, { "vulnerability": "VCID-xu9t-qtjz-bud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/13753?format=api", "purl": "pkg:pypi/django@3.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-5a2y-2m62-1qfa" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-9hp4-hn21-zkg8" }, { "vulnerability": "VCID-b81v-3drw-xudf" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-nxbs-37dx-rbbh" }, { "vulnerability": "VCID-punr-dfy5-v3g1" }, { "vulnerability": "VCID-xb3c-6rew-z3ba" }, { "vulnerability": "VCID-xu9t-qtjz-bud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.1" } ], "aliases": [ "CVE-2019-19844", "GHSA-vfq6-hq5r-27r6", "PYSEC-2019-16" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fynq-usj6-rfd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5556?format=api", "vulnerability_id": "VCID-hzcv-euwq-eqeg", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-33203", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.5585", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-33203" }, { "reference_url": "https://docs.djangoproject.com/en/3.2/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/3.2/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-68w8-qjq3-2gfm", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-68w8-qjq3-2gfm" }, { "reference_url": "https://groups.google.com/forum/#!forum/django-announce", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!forum/django-announce" }, { "reference_url": "https://www.djangoproject.com/weblog/2021/jun/02/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2021/jun/02/security-releases/" }, { "reference_url": "https://security.archlinux.org/ASA-202106-41", "reference_id": "ASA-202106-41", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-41" }, { "reference_url": "https://security.archlinux.org/AVG-2026", "reference_id": "AVG-2026", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2026" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/21276?format=api", "purl": "pkg:pypi/django@2.2.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2f2p-wfbs-73hz" }, { "vulnerability": "VCID-81q1-gytk-2uaq" }, { "vulnerability": "VCID-bbxx-48nj-pqcd" }, { "vulnerability": "VCID-dcv2-gx5a-pfe2" }, { "vulnerability": "VCID-dqkn-1888-y3er" }, { "vulnerability": "VCID-fc6y-y2b1-v3d5" }, { "vulnerability": "VCID-jzbk-uswz-8ucg" }, { "vulnerability": "VCID-vyzr-dkz3-vfg6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/21277?format=api", "purl": "pkg:pypi/django@3.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-fc6y-y2b1-v3d5" }, { "vulnerability": "VCID-zvet-h29t-tub8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/21278?format=api", "purl": "pkg:pypi/django@3.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2f2p-wfbs-73hz" }, { "vulnerability": "VCID-5k3f-9smv-8bev" }, { "vulnerability": "VCID-6bct-bfhb-xugt" }, { "vulnerability": "VCID-7u6e-a3ng-fude" }, { "vulnerability": "VCID-81q1-gytk-2uaq" }, { "vulnerability": "VCID-bbxx-48nj-pqcd" }, { "vulnerability": "VCID-bjn5-qpmt-qffx" }, { "vulnerability": "VCID-ctk2-ykg7-h7ag" }, { "vulnerability": "VCID-dcv2-gx5a-pfe2" }, { "vulnerability": "VCID-dqkn-1888-y3er" }, { "vulnerability": "VCID-e2p6-m8gu-jbfu" }, { "vulnerability": "VCID-fc6y-y2b1-v3d5" }, { "vulnerability": "VCID-fwkd-bq8u-9kg8" }, { "vulnerability": "VCID-jzbk-uswz-8ucg" }, { "vulnerability": "VCID-kmv2-339j-8ugc" }, { "vulnerability": "VCID-nyy8-t17r-syex" }, { "vulnerability": "VCID-qg2s-fuw3-nbda" }, { "vulnerability": "VCID-rn9d-fd73-3kb9" }, { "vulnerability": "VCID-vyzr-dkz3-vfg6" }, { "vulnerability": "VCID-x4s4-qav9-xbet" }, { "vulnerability": "VCID-zvet-h29t-tub8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4" } ], "aliases": [ "CVE-2021-33203", "GHSA-68w8-qjq3-2gfm", "PYSEC-2021-98" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hzcv-euwq-eqeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6062?format=api", "vulnerability_id": "VCID-n9cz-g44c-4fht", "summary": "multiple issues", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14233", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06773", "scoring_system": "epss", "scoring_elements": "0.91447", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14233" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-h5jv-4p7w-64jg", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h5jv-4p7w-64jg" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-12.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-12.yaml" }, { "reference_url": "https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/15", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Aug/15" }, { "reference_url": "https://security.gentoo.org/glsa/202004-17", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-17" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190828-0002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190828-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190828-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190828-0002/" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4498" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases/" }, { "reference_url": "https://security.archlinux.org/ASA-201908-2", "reference_id": "ASA-201908-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-2" }, { "reference_url": "https://security.archlinux.org/AVG-1015", "reference_id": "AVG-1015", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1015" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14233", "reference_id": "CVE-2019-14233", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14233" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/12700?format=api", "purl": "pkg:pypi/django@1.11.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/12701?format=api", "purl": "pkg:pypi/django@2.1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/12702?format=api", "purl": "pkg:pypi/django@2.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-2f2p-wfbs-73hz" }, { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-5a2y-2m62-1qfa" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-81q1-gytk-2uaq" }, { "vulnerability": "VCID-9hp4-hn21-zkg8" }, { "vulnerability": "VCID-b81v-3drw-xudf" }, { "vulnerability": "VCID-bbxx-48nj-pqcd" }, { "vulnerability": "VCID-dcv2-gx5a-pfe2" }, { "vulnerability": "VCID-dqkn-1888-y3er" }, { "vulnerability": "VCID-fc6y-y2b1-v3d5" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-gxju-xjh2-z7bn" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-jzbk-uswz-8ucg" }, { "vulnerability": "VCID-nxbs-37dx-rbbh" }, { "vulnerability": "VCID-punr-dfy5-v3g1" }, { "vulnerability": "VCID-u53d-8afk-c3gq" }, { "vulnerability": "VCID-vyzr-dkz3-vfg6" }, { "vulnerability": "VCID-xb3c-6rew-z3ba" }, { "vulnerability": "VCID-xu9t-qtjz-bud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4" } ], "aliases": [ "CVE-2019-14233", "GHSA-h5jv-4p7w-64jg", "PYSEC-2019-12" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n9cz-g44c-4fht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6061?format=api", "vulnerability_id": "VCID-v8hg-78p1-87bh", "summary": "multiple issues", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14234", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.29723", "scoring_system": "epss", "scoring_elements": "0.96712", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14234" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-6r97-cj55-9hrq", "reference_id": "", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6r97-cj55-9hrq" }, { "reference_url": "https://github.com/django/django/commit/4f5b58f5cd3c57fee9972ab074f8dc6895d8f387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/4f5b58f5cd3c57fee9972ab074f8dc6895d8f387" }, { "reference_url": "https://github.com/django/django/commit/ed682a24fca774818542757651bfba576c3fc3ef", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/ed682a24fca774818542757651bfba576c3fc3ef" }, { "reference_url": "https://github.com/django/django/commit/f74b3ae3628c26e1b4f8db3d13a91d52a833a975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/f74b3ae3628c26e1b4f8db3d13a91d52a833a975" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-13.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-13.yaml" }, { "reference_url": "https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/15", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Aug/15" }, { "reference_url": "https://security.gentoo.org/glsa/202004-17", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-17" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190828-0002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190828-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190828-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190828-0002/" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4498" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases/" }, { "reference_url": "https://security.archlinux.org/ASA-201908-2", "reference_id": "ASA-201908-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-2" }, { "reference_url": "https://security.archlinux.org/AVG-1015", "reference_id": "AVG-1015", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1015" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14234", "reference_id": "CVE-2019-14234", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14234" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/12700?format=api", "purl": "pkg:pypi/django@1.11.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/12701?format=api", "purl": "pkg:pypi/django@2.1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/12702?format=api", "purl": "pkg:pypi/django@2.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-2f2p-wfbs-73hz" }, { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-5a2y-2m62-1qfa" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-81q1-gytk-2uaq" }, { "vulnerability": "VCID-9hp4-hn21-zkg8" }, { "vulnerability": "VCID-b81v-3drw-xudf" }, { "vulnerability": "VCID-bbxx-48nj-pqcd" }, { "vulnerability": "VCID-dcv2-gx5a-pfe2" }, { "vulnerability": "VCID-dqkn-1888-y3er" }, { "vulnerability": "VCID-fc6y-y2b1-v3d5" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-gxju-xjh2-z7bn" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-jzbk-uswz-8ucg" }, { "vulnerability": "VCID-nxbs-37dx-rbbh" }, { "vulnerability": "VCID-punr-dfy5-v3g1" }, { "vulnerability": "VCID-u53d-8afk-c3gq" }, { "vulnerability": "VCID-vyzr-dkz3-vfg6" }, { "vulnerability": "VCID-xb3c-6rew-z3ba" }, { "vulnerability": "VCID-xu9t-qtjz-bud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4" } ], "aliases": [ "CVE-2019-14234", "GHSA-6r97-cj55-9hrq", "PYSEC-2019-13" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v8hg-78p1-87bh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6092?format=api", "vulnerability_id": "VCID-wj2g-v6dz-2yeq", "summary": "denial of service", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07682", "scoring_system": "epss", "scoring_elements": "0.9203", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6975" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-wh4h-v3f2-r2pp", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wh4h-v3f2-r2pp" }, { "reference_url": "https://github.com/django/django", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django" }, { "reference_url": "https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227" }, { "reference_url": "https://github.com/django/django/commit/1f42f82566c9d2d73aff1c42790d6b1b243f7676", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/1f42f82566c9d2d73aff1c42790d6b1b243f7676" }, { "reference_url": "https://github.com/django/django/commit/40cd19055773705301c3428ed5e08a036d2091f3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django/commit/40cd19055773705301c3428ed5e08a036d2091f3" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-18.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-18.yaml" }, { "reference_url": "https://groups.google.com/forum/#!topic/django-announce/WTwEAprR0IQ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/django-announce/WTwEAprR0IQ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Jul/10", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Jul/10" }, { "reference_url": "https://usn.ubuntu.com/3890-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3890-1" }, { "reference_url": "https://usn.ubuntu.com/3890-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3890-1/" }, { "reference_url": "https://web.archive.org/web/20200227084713/http://www.securityfocus.com/bid/106964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://web.archive.org/web/20200227084713/http://www.securityfocus.com/bid/106964" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4476" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/feb/11/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/feb/11/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/feb/11/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/feb/11/security-releases/" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2019/02/11/1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openwall.com/lists/oss-security/2019/02/11/1" }, { "reference_url": "http://www.securityfocus.com/bid/106964", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106964" }, { "reference_url": "https://security.archlinux.org/ASA-201902-14", "reference_id": "ASA-201902-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201902-14" }, { "reference_url": "https://security.archlinux.org/AVG-881", "reference_id": "AVG-881", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-881" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6975", "reference_id": "CVE-2019-6975", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6975" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/11776?format=api", "purl": "pkg:pypi/django@1.11.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/56434?format=api", "purl": "pkg:pypi/django@2.0.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/11777?format=api", "purl": "pkg:pypi/django@2.0.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzcv-euwq-eqeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/56435?format=api", "purl": "pkg:pypi/django@2.1.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/11778?format=api", "purl": "pkg:pypi/django@2.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-bxu2-wqcg-1ueh" }, { "vulnerability": "VCID-evu1-efcj-gfc5" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-n9cz-g44c-4fht" }, { "vulnerability": "VCID-v8hg-78p1-87bh" }, { "vulnerability": "VCID-x2hp-rmcn-gbah" }, { "vulnerability": "VCID-ypwa-2rh9-gyex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.7" } ], "aliases": [ "CVE-2019-6975", "GHSA-wh4h-v3f2-r2pp", "PYSEC-2019-18" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wj2g-v6dz-2yeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6108?format=api", "vulnerability_id": "VCID-wsx7-6bfa-pugr", "summary": "content spoofing", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3498", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.67199", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3498" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-337x-4q8g-prc5", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-337x-4q8g-prc5" }, { "reference_url": "https://github.com/django/django", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-17.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-17.yaml" }, { "reference_url": "https://groups.google.com/forum/#!topic/django-announce/VYU7xQQTEPQ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/django-announce/VYU7xQQTEPQ" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00005.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/" }, { "reference_url": "https://usn.ubuntu.com/3851-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3851-1" }, { "reference_url": "https://usn.ubuntu.com/3851-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3851-1/" }, { "reference_url": "https://web.archive.org/web/20200227094237/http://www.securityfocus.com/bid/106453", "reference_id": "", "reference_type": "", "scores": [], "url": "https://web.archive.org/web/20200227094237/http://www.securityfocus.com/bid/106453" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4363" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/jan/04/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/jan/04/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/jan/04/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/jan/04/security-releases/" }, { "reference_url": "http://www.securityfocus.com/bid/106453", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106453" }, { "reference_url": "https://security.archlinux.org/ASA-201901-6", "reference_id": "ASA-201901-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201901-6" }, { "reference_url": "https://security.archlinux.org/AVG-839", "reference_id": "AVG-839", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-839" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3498", "reference_id": "CVE-2019-3498", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3498" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/11480?format=api", "purl": "pkg:pypi/django@1.11.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-bxu2-wqcg-1ueh" }, { "vulnerability": "VCID-evu1-efcj-gfc5" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-n9cz-g44c-4fht" }, { "vulnerability": "VCID-v8hg-78p1-87bh" }, { "vulnerability": "VCID-wj2g-v6dz-2yeq" }, { "vulnerability": "VCID-x2hp-rmcn-gbah" }, { "vulnerability": "VCID-ypwa-2rh9-gyex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/11481?format=api", "purl": "pkg:pypi/django@2.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-wj2g-v6dz-2yeq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/11482?format=api", "purl": "pkg:pypi/django@2.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-bxu2-wqcg-1ueh" }, { "vulnerability": "VCID-evu1-efcj-gfc5" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-n9cz-g44c-4fht" }, { "vulnerability": "VCID-v8hg-78p1-87bh" }, { "vulnerability": "VCID-wj2g-v6dz-2yeq" }, { "vulnerability": "VCID-x2hp-rmcn-gbah" }, { "vulnerability": "VCID-ypwa-2rh9-gyex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.5" } ], "aliases": [ "CVE-2019-3498", "GHSA-337x-4q8g-prc5", "PYSEC-2019-17" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wsx7-6bfa-pugr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6063?format=api", "vulnerability_id": "VCID-x2hp-rmcn-gbah", "summary": "multiple issues", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14232", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0297", "scoring_system": "epss", "scoring_elements": "0.86745", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14232" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-c4qh-4vgv-qc6g", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c4qh-4vgv-qc6g" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-11.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-11.yaml" }, { "reference_url": "https://github.com/pypa/advisory-db/tree/main/vulns/django/PYSEC-2019-11.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-db/tree/main/vulns/django/PYSEC-2019-11.yaml" }, { "reference_url": "https://groups.google.com/forum/#%21topic/django-announce/jIoju2-KLDs", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21topic/django-announce/jIoju2-KLDs" }, { "reference_url": "https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/" }, { "reference_url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ" }, { "reference_url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/15", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Aug/15" }, { "reference_url": "https://security.gentoo.org/glsa/202004-17", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-17" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190828-0002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190828-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190828-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190828-0002/" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4498" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/aug/01/security-releases/" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2023/10/04/6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openwall.com/lists/oss-security/2023/10/04/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/04/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2023/10/04/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/04/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2024/03/04/1" }, { "reference_url": "https://security.archlinux.org/ASA-201908-2", "reference_id": "ASA-201908-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-2" }, { "reference_url": "https://security.archlinux.org/AVG-1015", "reference_id": "AVG-1015", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1015" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14232", "reference_id": "CVE-2019-14232", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14232" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/12700?format=api", "purl": "pkg:pypi/django@1.11.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/12701?format=api", "purl": "pkg:pypi/django@2.1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/12702?format=api", "purl": "pkg:pypi/django@2.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-2f2p-wfbs-73hz" }, { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-5a2y-2m62-1qfa" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-81q1-gytk-2uaq" }, { "vulnerability": "VCID-9hp4-hn21-zkg8" }, { "vulnerability": "VCID-b81v-3drw-xudf" }, { "vulnerability": "VCID-bbxx-48nj-pqcd" }, { "vulnerability": "VCID-dcv2-gx5a-pfe2" }, { "vulnerability": "VCID-dqkn-1888-y3er" }, { "vulnerability": "VCID-fc6y-y2b1-v3d5" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-gxju-xjh2-z7bn" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-jzbk-uswz-8ucg" }, { "vulnerability": "VCID-nxbs-37dx-rbbh" }, { "vulnerability": "VCID-punr-dfy5-v3g1" }, { "vulnerability": "VCID-u53d-8afk-c3gq" }, { "vulnerability": "VCID-vyzr-dkz3-vfg6" }, { "vulnerability": "VCID-xb3c-6rew-z3ba" }, { "vulnerability": "VCID-xu9t-qtjz-bud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4" } ], "aliases": [ "CVE-2019-14232", "GHSA-c4qh-4vgv-qc6g", "PYSEC-2019-11" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x2hp-rmcn-gbah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4315?format=api", "vulnerability_id": "VCID-ypwa-2rh9-gyex", "summary": "silent downgrade", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12781", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04284", "scoring_system": "epss", "scoring_elements": "0.89026", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12781" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security" }, { "reference_url": "https://docs.djangoproject.com/en/dev/releases/security/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "reference_url": "https://github.com/advisories/GHSA-6c7v-2f49-8h26", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6c7v-2f49-8h26" }, { "reference_url": "https://github.com/django/django", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/django/django" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-10.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-10.yaml" }, { "reference_url": "https://groups.google.com/forum/#!topic/django-announce/Is4kLY9ZcZQ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#!topic/django-announce/Is4kLY9ZcZQ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Jul/10", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Jul/10" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190705-0002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190705-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190705-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190705-0002/" }, { "reference_url": "https://usn.ubuntu.com/4043-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4043-1" }, { "reference_url": "https://usn.ubuntu.com/4043-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4043-1/" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4476" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/jul/01/security-releases", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/jul/01/security-releases" }, { "reference_url": "https://www.djangoproject.com/weblog/2019/jul/01/security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2019/jul/01/security-releases/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/07/01/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/07/01/3" }, { "reference_url": "http://www.securityfocus.com/bid/109018", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/109018" }, { "reference_url": "https://security.archlinux.org/ASA-201907-2", "reference_id": "ASA-201907-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201907-2" }, { "reference_url": "https://security.archlinux.org/AVG-1000", "reference_id": "AVG-1000", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1000" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12781", "reference_id": "CVE-2019-12781", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12781" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/12372?format=api", "purl": "pkg:pypi/django@1.11.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-evu1-efcj-gfc5" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-n9cz-g44c-4fht" }, { "vulnerability": "VCID-v8hg-78p1-87bh" }, { "vulnerability": "VCID-x2hp-rmcn-gbah" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/12370?format=api", "purl": "pkg:pypi/django@2.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-evu1-efcj-gfc5" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-n9cz-g44c-4fht" }, { "vulnerability": "VCID-v8hg-78p1-87bh" }, { "vulnerability": "VCID-x2hp-rmcn-gbah" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/12371?format=api", "purl": "pkg:pypi/django@2.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2bh9-k4at-r7hz" }, { "vulnerability": "VCID-2f2p-wfbs-73hz" }, { "vulnerability": "VCID-3gvv-5jbs-cfc1" }, { "vulnerability": "VCID-5a2y-2m62-1qfa" }, { "vulnerability": "VCID-7b47-vsfh-y3gh" }, { "vulnerability": "VCID-81q1-gytk-2uaq" }, { "vulnerability": "VCID-9hp4-hn21-zkg8" }, { "vulnerability": "VCID-b81v-3drw-xudf" }, { "vulnerability": "VCID-bbxx-48nj-pqcd" }, { "vulnerability": "VCID-dcv2-gx5a-pfe2" }, { "vulnerability": "VCID-dqkn-1888-y3er" }, { "vulnerability": "VCID-evu1-efcj-gfc5" }, { "vulnerability": "VCID-fc6y-y2b1-v3d5" }, { "vulnerability": "VCID-fynq-usj6-rfd3" }, { "vulnerability": "VCID-gxju-xjh2-z7bn" }, { "vulnerability": "VCID-hzcv-euwq-eqeg" }, { "vulnerability": "VCID-jzbk-uswz-8ucg" }, { "vulnerability": "VCID-n9cz-g44c-4fht" }, { "vulnerability": "VCID-nxbs-37dx-rbbh" }, { "vulnerability": "VCID-punr-dfy5-v3g1" }, { "vulnerability": "VCID-u53d-8afk-c3gq" }, { "vulnerability": "VCID-v8hg-78p1-87bh" }, { "vulnerability": "VCID-vyzr-dkz3-vfg6" }, { "vulnerability": "VCID-x2hp-rmcn-gbah" }, { "vulnerability": "VCID-xb3c-6rew-z3ba" }, { "vulnerability": "VCID-xu9t-qtjz-bud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.3" } ], "aliases": [ "CVE-2019-12781", "GHSA-6c7v-2f49-8h26", "PYSEC-2019-10" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ypwa-2rh9-gyex" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.12" }