Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django@1.11.21
Typepypi
Namespace
Namedjango
Version1.11.21
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.2.30
Latest_non_vulnerable_version6.0.6
Affected_by_vulnerabilities
0
url VCID-2dx7-qahc-d3ex
vulnerability_id VCID-2dx7-qahc-d3ex
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12781.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12781.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12781
reference_id
reference_type
scores
0
value 0.04217
scoring_system epss
scoring_elements 0.89
published_at 2026-06-11T12:55:00Z
1
value 0.04217
scoring_system epss
scoring_elements 0.89038
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12781
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12308
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12308
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12781
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12781
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6975
5
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-10.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-10.yaml
9
reference_url https://groups.google.com/forum/#!topic/django-announce/Is4kLY9ZcZQ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/Is4kLY9ZcZQ
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL/
12
reference_url https://seclists.org/bugtraq/2019/Jul/10
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Jul/10
13
reference_url https://security.netapp.com/advisory/ntap-20190705-0002
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190705-0002
14
reference_url https://security.netapp.com/advisory/ntap-20190705-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190705-0002/
15
reference_url https://usn.ubuntu.com/4043-1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4043-1
16
reference_url https://usn.ubuntu.com/4043-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4043-1/
17
reference_url https://www.debian.org/security/2019/dsa-4476
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4476
18
reference_url https://www.djangoproject.com/weblog/2019/jul/01/security-releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/jul/01/security-releases
19
reference_url https://www.djangoproject.com/weblog/2019/jul/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/jul/01/security-releases/
20
reference_url http://www.openwall.com/lists/oss-security/2019/07/01/3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/07/01/3
21
reference_url http://www.securityfocus.com/bid/109018
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/109018
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1724497
reference_id 1724497
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1724497
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931316
reference_id 931316
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931316
24
reference_url https://security.archlinux.org/ASA-201907-2
reference_id ASA-201907-2
reference_type
scores
url https://security.archlinux.org/ASA-201907-2
25
reference_url https://security.archlinux.org/AVG-1000
reference_id AVG-1000
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1000
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12781
reference_id CVE-2019-12781
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12781
27
reference_url https://github.com/advisories/GHSA-6c7v-2f49-8h26
reference_id GHSA-6c7v-2f49-8h26
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-6c7v-2f49-8h26
28
reference_url https://access.redhat.com/errata/RHSA-2020:1324
reference_id RHSA-2020:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1324
29
reference_url https://access.redhat.com/errata/RHSA-2020:4366
reference_id RHSA-2020:4366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4366
30
reference_url https://access.redhat.com/errata/RHSA-2020:4390
reference_id RHSA-2020:4390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4390
fixed_packages
0
url pkg:pypi/django@1.11.22
purl pkg:pypi/django@1.11.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hue-z18t-nkbf
1
vulnerability VCID-3n19-vhd3-1qgw
2
vulnerability VCID-7xx2-z2tg-7khd
3
vulnerability VCID-8uyx-7dub-hka9
4
vulnerability VCID-beas-dwx6-1ffp
5
vulnerability VCID-bymm-qrt6-37d4
6
vulnerability VCID-dahb-k16x-vuf8
7
vulnerability VCID-db6w-yj8t-sfg4
8
vulnerability VCID-embu-nr2v-8ka8
9
vulnerability VCID-jg94-y9zx-dfaw
10
vulnerability VCID-rr1h-qzgv-q7d5
11
vulnerability VCID-tudc-7sgh-nkda
12
vulnerability VCID-u9dr-ca2g-e3hk
13
vulnerability VCID-v9gk-3pqk-a7cr
14
vulnerability VCID-vcqt-n2pk-kyeb
15
vulnerability VCID-wpt2-535q-3yfe
16
vulnerability VCID-xkrz-p214-hqhp
17
vulnerability VCID-xmun-auq2-mqhw
18
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.22
1
url pkg:pypi/django@2.1.10
purl pkg:pypi/django@2.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hue-z18t-nkbf
1
vulnerability VCID-3n19-vhd3-1qgw
2
vulnerability VCID-7xx2-z2tg-7khd
3
vulnerability VCID-b5wa-f184-b3da
4
vulnerability VCID-beas-dwx6-1ffp
5
vulnerability VCID-bymm-qrt6-37d4
6
vulnerability VCID-dahb-k16x-vuf8
7
vulnerability VCID-db6w-yj8t-sfg4
8
vulnerability VCID-embu-nr2v-8ka8
9
vulnerability VCID-jg94-y9zx-dfaw
10
vulnerability VCID-rcfr-czct-xucv
11
vulnerability VCID-rr1h-qzgv-q7d5
12
vulnerability VCID-tudc-7sgh-nkda
13
vulnerability VCID-u9dr-ca2g-e3hk
14
vulnerability VCID-v9gk-3pqk-a7cr
15
vulnerability VCID-wpt2-535q-3yfe
16
vulnerability VCID-xkrz-p214-hqhp
17
vulnerability VCID-xmun-auq2-mqhw
18
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.10
2
url pkg:pypi/django@2.2.3
purl pkg:pypi/django@2.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2hue-z18t-nkbf
2
vulnerability VCID-2qu4-qayw-a7ec
3
vulnerability VCID-2sve-8b9b-hud7
4
vulnerability VCID-38w8-jbku-eugu
5
vulnerability VCID-3n19-vhd3-1qgw
6
vulnerability VCID-5zzj-9ez5-6ub1
7
vulnerability VCID-6uja-brvn-rufw
8
vulnerability VCID-7xx2-z2tg-7khd
9
vulnerability VCID-8uyx-7dub-hka9
10
vulnerability VCID-9qxj-9mb9-7bcv
11
vulnerability VCID-b5wa-f184-b3da
12
vulnerability VCID-beas-dwx6-1ffp
13
vulnerability VCID-bymm-qrt6-37d4
14
vulnerability VCID-cece-1mun-ckgh
15
vulnerability VCID-dahb-k16x-vuf8
16
vulnerability VCID-db6w-yj8t-sfg4
17
vulnerability VCID-djh3-m1t4-2qe1
18
vulnerability VCID-dttw-t3a9-gbbn
19
vulnerability VCID-embu-nr2v-8ka8
20
vulnerability VCID-gtkn-prux-vbdb
21
vulnerability VCID-j3bz-6jqe-ffgm
22
vulnerability VCID-jg94-y9zx-dfaw
23
vulnerability VCID-nwtr-br34-qkbv
24
vulnerability VCID-rcfr-czct-xucv
25
vulnerability VCID-rr1h-qzgv-q7d5
26
vulnerability VCID-tudc-7sgh-nkda
27
vulnerability VCID-u9dr-ca2g-e3hk
28
vulnerability VCID-v9gk-3pqk-a7cr
29
vulnerability VCID-vc8c-7qn1-9uaz
30
vulnerability VCID-vcqt-n2pk-kyeb
31
vulnerability VCID-w3dy-chny-5fbc
32
vulnerability VCID-wpt2-535q-3yfe
33
vulnerability VCID-x1qk-bs7j-63ch
34
vulnerability VCID-x91x-cxp9-4fgp
35
vulnerability VCID-xkrz-p214-hqhp
36
vulnerability VCID-xmun-auq2-mqhw
37
vulnerability VCID-ycc8-7k6j-4kbf
38
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.3
aliases CVE-2019-12781, GHSA-6c7v-2f49-8h26, PYSEC-2019-10
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2dx7-qahc-d3ex
1
url VCID-2hue-z18t-nkbf
vulnerability_id VCID-2hue-z18t-nkbf
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14235.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14235.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14235
reference_id
reference_type
scores
0
value 0.06773
scoring_system epss
scoring_elements 0.91541
published_at 2026-06-12T12:55:00Z
1
value 0.06773
scoring_system epss
scoring_elements 0.91511
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14235
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
6
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-14.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-14.yaml
10
reference_url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
13
reference_url https://security.netapp.com/advisory/ntap-20190828-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190828-0002
14
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1734422
reference_id 1734422
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1734422
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
reference_id 934026
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
17
reference_url https://security.archlinux.org/ASA-201908-2
reference_id ASA-201908-2
reference_type
scores
url https://security.archlinux.org/ASA-201908-2
18
reference_url https://security.archlinux.org/AVG-1015
reference_id AVG-1015
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1015
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14235
reference_id CVE-2019-14235
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14235
20
reference_url https://github.com/advisories/GHSA-v9qg-3j8p-r63v
reference_id GHSA-v9qg-3j8p-r63v
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-v9qg-3j8p-r63v
21
reference_url https://access.redhat.com/errata/RHSA-2020:1324
reference_id RHSA-2020:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1324
22
reference_url https://access.redhat.com/errata/RHSA-2020:4390
reference_id RHSA-2020:4390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4390
23
reference_url https://usn.ubuntu.com/4084-1/
reference_id USN-4084-1
reference_type
scores
url https://usn.ubuntu.com/4084-1/
fixed_packages
0
url pkg:pypi/django@1.11.23
purl pkg:pypi/django@1.11.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-8uyx-7dub-hka9
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-tudc-7sgh-nkda
5
vulnerability VCID-u9dr-ca2g-e3hk
6
vulnerability VCID-v9gk-3pqk-a7cr
7
vulnerability VCID-vcqt-n2pk-kyeb
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23
1
url pkg:pypi/django@2.1.11
purl pkg:pypi/django@2.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-b5wa-f184-b3da
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-rcfr-czct-xucv
5
vulnerability VCID-tudc-7sgh-nkda
6
vulnerability VCID-u9dr-ca2g-e3hk
7
vulnerability VCID-v9gk-3pqk-a7cr
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11
2
url pkg:pypi/django@2.2.4
purl pkg:pypi/django@2.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2qu4-qayw-a7ec
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-5zzj-9ez5-6ub1
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-7xx2-z2tg-7khd
7
vulnerability VCID-8uyx-7dub-hka9
8
vulnerability VCID-9qxj-9mb9-7bcv
9
vulnerability VCID-b5wa-f184-b3da
10
vulnerability VCID-beas-dwx6-1ffp
11
vulnerability VCID-cece-1mun-ckgh
12
vulnerability VCID-db6w-yj8t-sfg4
13
vulnerability VCID-djh3-m1t4-2qe1
14
vulnerability VCID-dttw-t3a9-gbbn
15
vulnerability VCID-gtkn-prux-vbdb
16
vulnerability VCID-j3bz-6jqe-ffgm
17
vulnerability VCID-nwtr-br34-qkbv
18
vulnerability VCID-rcfr-czct-xucv
19
vulnerability VCID-tudc-7sgh-nkda
20
vulnerability VCID-u9dr-ca2g-e3hk
21
vulnerability VCID-v9gk-3pqk-a7cr
22
vulnerability VCID-vc8c-7qn1-9uaz
23
vulnerability VCID-vcqt-n2pk-kyeb
24
vulnerability VCID-w3dy-chny-5fbc
25
vulnerability VCID-wpt2-535q-3yfe
26
vulnerability VCID-x1qk-bs7j-63ch
27
vulnerability VCID-x91x-cxp9-4fgp
28
vulnerability VCID-xkrz-p214-hqhp
29
vulnerability VCID-ycc8-7k6j-4kbf
30
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4
aliases CVE-2019-14235, GHSA-v9qg-3j8p-r63v, PYSEC-2019-14
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2hue-z18t-nkbf
2
url VCID-3952-bt3z-7qem
vulnerability_id VCID-3952-bt3z-7qem
summary An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.
references
0
reference_url https://groups.google.com/forum/#!topic/django-announce/Is4kLY9ZcZQ
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/django-announce/Is4kLY9ZcZQ
1
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL/
2
reference_url https://seclists.org/bugtraq/2019/Jul/10
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2019/Jul/10
3
reference_url https://security.netapp.com/advisory/ntap-20190705-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190705-0002/
4
reference_url https://usn.ubuntu.com/4043-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4043-1/
5
reference_url https://www.debian.org/security/2019/dsa-4476
reference_id
reference_type
scores
url https://www.debian.org/security/2019/dsa-4476
6
reference_url https://www.djangoproject.com/weblog/2019/jul/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/jul/01/security-releases/
7
reference_url http://www.openwall.com/lists/oss-security/2019/07/01/3
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2019/07/01/3
8
reference_url http://www.securityfocus.com/bid/109018
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/109018
fixed_packages
0
url pkg:pypi/django@1.11.22
purl pkg:pypi/django@1.11.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hue-z18t-nkbf
1
vulnerability VCID-3n19-vhd3-1qgw
2
vulnerability VCID-7xx2-z2tg-7khd
3
vulnerability VCID-8uyx-7dub-hka9
4
vulnerability VCID-beas-dwx6-1ffp
5
vulnerability VCID-bymm-qrt6-37d4
6
vulnerability VCID-dahb-k16x-vuf8
7
vulnerability VCID-db6w-yj8t-sfg4
8
vulnerability VCID-embu-nr2v-8ka8
9
vulnerability VCID-jg94-y9zx-dfaw
10
vulnerability VCID-rr1h-qzgv-q7d5
11
vulnerability VCID-tudc-7sgh-nkda
12
vulnerability VCID-u9dr-ca2g-e3hk
13
vulnerability VCID-v9gk-3pqk-a7cr
14
vulnerability VCID-vcqt-n2pk-kyeb
15
vulnerability VCID-wpt2-535q-3yfe
16
vulnerability VCID-xkrz-p214-hqhp
17
vulnerability VCID-xmun-auq2-mqhw
18
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.22
1
url pkg:pypi/django@2.1.10
purl pkg:pypi/django@2.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hue-z18t-nkbf
1
vulnerability VCID-3n19-vhd3-1qgw
2
vulnerability VCID-7xx2-z2tg-7khd
3
vulnerability VCID-b5wa-f184-b3da
4
vulnerability VCID-beas-dwx6-1ffp
5
vulnerability VCID-bymm-qrt6-37d4
6
vulnerability VCID-dahb-k16x-vuf8
7
vulnerability VCID-db6w-yj8t-sfg4
8
vulnerability VCID-embu-nr2v-8ka8
9
vulnerability VCID-jg94-y9zx-dfaw
10
vulnerability VCID-rcfr-czct-xucv
11
vulnerability VCID-rr1h-qzgv-q7d5
12
vulnerability VCID-tudc-7sgh-nkda
13
vulnerability VCID-u9dr-ca2g-e3hk
14
vulnerability VCID-v9gk-3pqk-a7cr
15
vulnerability VCID-wpt2-535q-3yfe
16
vulnerability VCID-xkrz-p214-hqhp
17
vulnerability VCID-xmun-auq2-mqhw
18
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.10
2
url pkg:pypi/django@2.2.3
purl pkg:pypi/django@2.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2hue-z18t-nkbf
2
vulnerability VCID-2qu4-qayw-a7ec
3
vulnerability VCID-2sve-8b9b-hud7
4
vulnerability VCID-38w8-jbku-eugu
5
vulnerability VCID-3n19-vhd3-1qgw
6
vulnerability VCID-5zzj-9ez5-6ub1
7
vulnerability VCID-6uja-brvn-rufw
8
vulnerability VCID-7xx2-z2tg-7khd
9
vulnerability VCID-8uyx-7dub-hka9
10
vulnerability VCID-9qxj-9mb9-7bcv
11
vulnerability VCID-b5wa-f184-b3da
12
vulnerability VCID-beas-dwx6-1ffp
13
vulnerability VCID-bymm-qrt6-37d4
14
vulnerability VCID-cece-1mun-ckgh
15
vulnerability VCID-dahb-k16x-vuf8
16
vulnerability VCID-db6w-yj8t-sfg4
17
vulnerability VCID-djh3-m1t4-2qe1
18
vulnerability VCID-dttw-t3a9-gbbn
19
vulnerability VCID-embu-nr2v-8ka8
20
vulnerability VCID-gtkn-prux-vbdb
21
vulnerability VCID-j3bz-6jqe-ffgm
22
vulnerability VCID-jg94-y9zx-dfaw
23
vulnerability VCID-nwtr-br34-qkbv
24
vulnerability VCID-rcfr-czct-xucv
25
vulnerability VCID-rr1h-qzgv-q7d5
26
vulnerability VCID-tudc-7sgh-nkda
27
vulnerability VCID-u9dr-ca2g-e3hk
28
vulnerability VCID-v9gk-3pqk-a7cr
29
vulnerability VCID-vc8c-7qn1-9uaz
30
vulnerability VCID-vcqt-n2pk-kyeb
31
vulnerability VCID-w3dy-chny-5fbc
32
vulnerability VCID-wpt2-535q-3yfe
33
vulnerability VCID-x1qk-bs7j-63ch
34
vulnerability VCID-x91x-cxp9-4fgp
35
vulnerability VCID-xkrz-p214-hqhp
36
vulnerability VCID-xmun-auq2-mqhw
37
vulnerability VCID-ycc8-7k6j-4kbf
38
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.3
aliases PYSEC-2019-80
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3952-bt3z-7qem
3
url VCID-3n19-vhd3-1qgw
vulnerability_id VCID-3n19-vhd3-1qgw
summary An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.
references
0
reference_url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
1
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
fixed_packages
0
url pkg:pypi/django@1.11.23
purl pkg:pypi/django@1.11.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-8uyx-7dub-hka9
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-tudc-7sgh-nkda
5
vulnerability VCID-u9dr-ca2g-e3hk
6
vulnerability VCID-v9gk-3pqk-a7cr
7
vulnerability VCID-vcqt-n2pk-kyeb
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23
1
url pkg:pypi/django@2.1.11
purl pkg:pypi/django@2.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-b5wa-f184-b3da
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-rcfr-czct-xucv
5
vulnerability VCID-tudc-7sgh-nkda
6
vulnerability VCID-u9dr-ca2g-e3hk
7
vulnerability VCID-v9gk-3pqk-a7cr
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11
2
url pkg:pypi/django@2.2.4
purl pkg:pypi/django@2.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2qu4-qayw-a7ec
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-5zzj-9ez5-6ub1
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-7xx2-z2tg-7khd
7
vulnerability VCID-8uyx-7dub-hka9
8
vulnerability VCID-9qxj-9mb9-7bcv
9
vulnerability VCID-b5wa-f184-b3da
10
vulnerability VCID-beas-dwx6-1ffp
11
vulnerability VCID-cece-1mun-ckgh
12
vulnerability VCID-db6w-yj8t-sfg4
13
vulnerability VCID-djh3-m1t4-2qe1
14
vulnerability VCID-dttw-t3a9-gbbn
15
vulnerability VCID-gtkn-prux-vbdb
16
vulnerability VCID-j3bz-6jqe-ffgm
17
vulnerability VCID-nwtr-br34-qkbv
18
vulnerability VCID-rcfr-czct-xucv
19
vulnerability VCID-tudc-7sgh-nkda
20
vulnerability VCID-u9dr-ca2g-e3hk
21
vulnerability VCID-v9gk-3pqk-a7cr
22
vulnerability VCID-vc8c-7qn1-9uaz
23
vulnerability VCID-vcqt-n2pk-kyeb
24
vulnerability VCID-w3dy-chny-5fbc
25
vulnerability VCID-wpt2-535q-3yfe
26
vulnerability VCID-x1qk-bs7j-63ch
27
vulnerability VCID-x91x-cxp9-4fgp
28
vulnerability VCID-xkrz-p214-hqhp
29
vulnerability VCID-ycc8-7k6j-4kbf
30
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4
aliases PYSEC-2019-81
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3n19-vhd3-1qgw
4
url VCID-7xx2-z2tg-7khd
vulnerability_id VCID-7xx2-z2tg-7khd
summary
references
0
reference_url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19844.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19844.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19844
reference_id
reference_type
scores
0
value 0.15418
scoring_system epss
scoring_elements 0.94801
published_at 2026-06-11T12:55:00Z
1
value 0.15418
scoring_system epss
scoring_elements 0.94819
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19844
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844
4
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26
8
reference_url https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e
9
reference_url https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
10
reference_url https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml
12
reference_url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
15
reference_url https://seclists.org/bugtraq/2020/Jan/9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2020/Jan/9
16
reference_url https://security.netapp.com/advisory/ntap-20200110-0003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200110-0003
17
reference_url https://security.netapp.com/advisory/ntap-20200110-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200110-0003/
18
reference_url https://usn.ubuntu.com/4224-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4224-1
19
reference_url https://usn.ubuntu.com/4224-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4224-1/
20
reference_url https://www.debian.org/security/2020/dsa-4598
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4598
21
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases
22
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1788425
reference_id 1788425
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1788425
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937
reference_id 946937
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937
25
reference_url https://security.archlinux.org/AVG-1080
reference_id AVG-1080
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1080
26
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md
reference_id CVE-2019-19844
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19844
reference_id CVE-2019-19844
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19844
28
reference_url https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
reference_id CVE-2019-19844
reference_type exploit
scores
url https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
29
reference_url https://github.com/advisories/GHSA-vfq6-hq5r-27r6
reference_id GHSA-vfq6-hq5r-27r6
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-vfq6-hq5r-27r6
30
reference_url https://usn.ubuntu.com/6722-1/
reference_id USN-6722-1
reference_type
scores
url https://usn.ubuntu.com/6722-1/
fixed_packages
0
url pkg:pypi/django@1.11.27
purl pkg:pypi/django@1.11.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-tudc-7sgh-nkda
3
vulnerability VCID-u9dr-ca2g-e3hk
4
vulnerability VCID-v9gk-3pqk-a7cr
5
vulnerability VCID-vcqt-n2pk-kyeb
6
vulnerability VCID-wpt2-535q-3yfe
7
vulnerability VCID-xkrz-p214-hqhp
8
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.27
1
url pkg:pypi/django@2.2.9
purl pkg:pypi/django@2.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2qu4-qayw-a7ec
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-5zzj-9ez5-6ub1
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-9qxj-9mb9-7bcv
7
vulnerability VCID-beas-dwx6-1ffp
8
vulnerability VCID-cece-1mun-ckgh
9
vulnerability VCID-db6w-yj8t-sfg4
10
vulnerability VCID-djh3-m1t4-2qe1
11
vulnerability VCID-dttw-t3a9-gbbn
12
vulnerability VCID-gtkn-prux-vbdb
13
vulnerability VCID-j3bz-6jqe-ffgm
14
vulnerability VCID-nwtr-br34-qkbv
15
vulnerability VCID-tudc-7sgh-nkda
16
vulnerability VCID-u9dr-ca2g-e3hk
17
vulnerability VCID-v9gk-3pqk-a7cr
18
vulnerability VCID-vc8c-7qn1-9uaz
19
vulnerability VCID-vcqt-n2pk-kyeb
20
vulnerability VCID-w3dy-chny-5fbc
21
vulnerability VCID-wpt2-535q-3yfe
22
vulnerability VCID-x1qk-bs7j-63ch
23
vulnerability VCID-x91x-cxp9-4fgp
24
vulnerability VCID-xkrz-p214-hqhp
25
vulnerability VCID-ycc8-7k6j-4kbf
26
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9
2
url pkg:pypi/django@3.0.1
purl pkg:pypi/django@3.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-28ff-ng96-5ugk
2
vulnerability VCID-2qu4-qayw-a7ec
3
vulnerability VCID-9qxj-9mb9-7bcv
4
vulnerability VCID-beas-dwx6-1ffp
5
vulnerability VCID-db6w-yj8t-sfg4
6
vulnerability VCID-djh3-m1t4-2qe1
7
vulnerability VCID-dttw-t3a9-gbbn
8
vulnerability VCID-j3bz-6jqe-ffgm
9
vulnerability VCID-nwtr-br34-qkbv
10
vulnerability VCID-tudc-7sgh-nkda
11
vulnerability VCID-u9dr-ca2g-e3hk
12
vulnerability VCID-v9gk-3pqk-a7cr
13
vulnerability VCID-vc8c-7qn1-9uaz
14
vulnerability VCID-vcqt-n2pk-kyeb
15
vulnerability VCID-wpt2-535q-3yfe
16
vulnerability VCID-x1qk-bs7j-63ch
17
vulnerability VCID-x91x-cxp9-4fgp
18
vulnerability VCID-xkrz-p214-hqhp
19
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.1
aliases CVE-2019-19844, GHSA-vfq6-hq5r-27r6, PYSEC-2019-16
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7xx2-z2tg-7khd
5
url VCID-8uyx-7dub-hka9
vulnerability_id VCID-8uyx-7dub-hka9
summary Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)
references
0
reference_url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
1
reference_url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
2
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
3
reference_url https://seclists.org/bugtraq/2020/Jan/9
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2020/Jan/9
4
reference_url https://security.netapp.com/advisory/ntap-20200110-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200110-0003/
5
reference_url https://usn.ubuntu.com/4224-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4224-1/
6
reference_url https://www.debian.org/security/2020/dsa-4598
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4598
7
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
fixed_packages
0
url pkg:pypi/django@1.11.27
purl pkg:pypi/django@1.11.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-tudc-7sgh-nkda
3
vulnerability VCID-u9dr-ca2g-e3hk
4
vulnerability VCID-v9gk-3pqk-a7cr
5
vulnerability VCID-vcqt-n2pk-kyeb
6
vulnerability VCID-wpt2-535q-3yfe
7
vulnerability VCID-xkrz-p214-hqhp
8
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.27
1
url pkg:pypi/django@2.2.9
purl pkg:pypi/django@2.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2qu4-qayw-a7ec
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-5zzj-9ez5-6ub1
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-9qxj-9mb9-7bcv
7
vulnerability VCID-beas-dwx6-1ffp
8
vulnerability VCID-cece-1mun-ckgh
9
vulnerability VCID-db6w-yj8t-sfg4
10
vulnerability VCID-djh3-m1t4-2qe1
11
vulnerability VCID-dttw-t3a9-gbbn
12
vulnerability VCID-gtkn-prux-vbdb
13
vulnerability VCID-j3bz-6jqe-ffgm
14
vulnerability VCID-nwtr-br34-qkbv
15
vulnerability VCID-tudc-7sgh-nkda
16
vulnerability VCID-u9dr-ca2g-e3hk
17
vulnerability VCID-v9gk-3pqk-a7cr
18
vulnerability VCID-vc8c-7qn1-9uaz
19
vulnerability VCID-vcqt-n2pk-kyeb
20
vulnerability VCID-w3dy-chny-5fbc
21
vulnerability VCID-wpt2-535q-3yfe
22
vulnerability VCID-x1qk-bs7j-63ch
23
vulnerability VCID-x91x-cxp9-4fgp
24
vulnerability VCID-xkrz-p214-hqhp
25
vulnerability VCID-ycc8-7k6j-4kbf
26
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9
aliases PYSEC-2019-86
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8uyx-7dub-hka9
6
url VCID-beas-dwx6-1ffp
vulnerability_id VCID-beas-dwx6-1ffp
summary 
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.
The methods `QuerySet.filter()`, `QuerySet.exclude()`, and `QuerySet.get()`, and the class `Q()`, are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the `_connector` argument.
Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.
Django would like to thank cyberstan for reporting this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64459.json
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64459.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-64459
reference_id
reference_type
scores
0
value 0.00282
scoring_system epss
scoring_elements 0.51956
published_at 2026-06-11T12:55:00Z
1
value 0.00282
scoring_system epss
scoring_elements 0.52086
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-64459
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
27
reference_url https://github.com/django/django/commit/06dd38324ac3d60d83d9f3adabf0dcdf423d2a85
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/06dd38324ac3d60d83d9f3adabf0dcdf423d2a85
28
reference_url https://github.com/django/django/commit/59ae82e67053d281ff4562a24bbba21299f0a7d4
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/59ae82e67053d281ff4562a24bbba21299f0a7d4
29
reference_url https://github.com/django/django/commit/6703f364d767e949c5b0e4016433ef75063b4f9b
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6703f364d767e949c5b0e4016433ef75063b4f9b
30
reference_url https://github.com/django/django/commit/72d2c87431f2ae0431d65d0ec792047f078c8241
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/72d2c87431f2ae0431d65d0ec792047f078c8241
31
reference_url https://github.com/omarkurt/django-connector-CVE-2025-64459-testbed
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/omarkurt/django-connector-CVE-2025-64459-testbed
32
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-108.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-108.yaml
33
reference_url https://shivasurya.me/security/django/2025/11/07/django-sql-injection-CVE-2025-64459.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://shivasurya.me/security/django/2025/11/07/django-sql-injection-CVE-2025-64459.html
34
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
35
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120139
reference_id 1120139
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120139
36
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2412651
reference_id 2412651
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2412651
37
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52456.py
reference_id CVE-2025-64459
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52456.py
38
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-64459
reference_id CVE-2025-64459
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-64459
39
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/
url https://groups.google.com/g/django-announce
40
reference_url https://github.com/advisories/GHSA-frmv-pr5f-9mcr
reference_id GHSA-frmv-pr5f-9mcr
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-frmv-pr5f-9mcr
41
reference_url https://access.redhat.com/errata/RHSA-2025:23069
reference_id RHSA-2025:23069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23069
42
reference_url https://access.redhat.com/errata/RHSA-2025:23070
reference_id RHSA-2025:23070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23070
43
reference_url https://access.redhat.com/errata/RHSA-2025:23130
reference_id RHSA-2025:23130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23130
44
reference_url https://access.redhat.com/errata/RHSA-2025:23131
reference_id RHSA-2025:23131
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23131
45
reference_url https://access.redhat.com/errata/RHSA-2025:23133
reference_id RHSA-2025:23133
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23133
46
reference_url https://access.redhat.com/errata/RHSA-2025:23196
reference_id RHSA-2025:23196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23196
47
reference_url https://access.redhat.com/errata/RHSA-2026:1596
reference_id RHSA-2026:1596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1596
48
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/
url https://docs.djangoproject.com/en/dev/releases/security/
49
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
reference_id security-releases
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
50
reference_url https://usn.ubuntu.com/7859-1/
reference_id USN-7859-1
reference_type
scores
url https://usn.ubuntu.com/7859-1/
fixed_packages
0
url pkg:pypi/django@4.2.26
purl pkg:pypi/django@4.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-72z9-v49q-vbcc
3
vulnerability VCID-81b9-uqyv-kkhm
4
vulnerability VCID-dh5p-grha-r7a2
5
vulnerability VCID-dqpz-q718-pkas
6
vulnerability VCID-e331-cbgc-hubm
7
vulnerability VCID-hb8n-gwz6-9yd9
8
vulnerability VCID-jdjc-ygtk-c7hv
9
vulnerability VCID-pn2d-2euz-pudt
10
vulnerability VCID-q3sw-jd7p-1yg1
11
vulnerability VCID-r3dj-t213-jyhh
12
vulnerability VCID-sbwy-buwj-gkd2
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.26
1
url pkg:pypi/django@5.1.14
purl pkg:pypi/django@5.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-72z9-v49q-vbcc
1
vulnerability VCID-81b9-uqyv-kkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.14
2
url pkg:pypi/django@5.2.8
purl pkg:pypi/django@5.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-1g9h-ryet-2ffs
2
vulnerability VCID-1mp4-kq35-1ba7
3
vulnerability VCID-4xtu-yeh2-pbc8
4
vulnerability VCID-72z9-v49q-vbcc
5
vulnerability VCID-81b9-uqyv-kkhm
6
vulnerability VCID-8tz7-vjwz-rycs
7
vulnerability VCID-dh5p-grha-r7a2
8
vulnerability VCID-dqpz-q718-pkas
9
vulnerability VCID-e331-cbgc-hubm
10
vulnerability VCID-h5qf-zbcz-qygg
11
vulnerability VCID-hb8n-gwz6-9yd9
12
vulnerability VCID-jdjc-ygtk-c7hv
13
vulnerability VCID-m4mg-yd86-dyfw
14
vulnerability VCID-n915-wj16-wka6
15
vulnerability VCID-pn2d-2euz-pudt
16
vulnerability VCID-q3sw-jd7p-1yg1
17
vulnerability VCID-r3dj-t213-jyhh
18
vulnerability VCID-sbwy-buwj-gkd2
19
vulnerability VCID-tvk1-4am9-f3cf
20
vulnerability VCID-z7sj-r61n-qbcd
21
vulnerability VCID-zr7g-1xkm-fqdw
22
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.8
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
aliases BIT-django-2025-64459, CVE-2025-64459, GHSA-frmv-pr5f-9mcr, PYSEC-2025-108
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-beas-dwx6-1ffp
7
url VCID-bymm-qrt6-37d4
vulnerability_id VCID-bymm-qrt6-37d4
summary An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.
references
0
reference_url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
1
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
fixed_packages
0
url pkg:pypi/django@1.11.23
purl pkg:pypi/django@1.11.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-8uyx-7dub-hka9
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-tudc-7sgh-nkda
5
vulnerability VCID-u9dr-ca2g-e3hk
6
vulnerability VCID-v9gk-3pqk-a7cr
7
vulnerability VCID-vcqt-n2pk-kyeb
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23
1
url pkg:pypi/django@2.1.11
purl pkg:pypi/django@2.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-b5wa-f184-b3da
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-rcfr-czct-xucv
5
vulnerability VCID-tudc-7sgh-nkda
6
vulnerability VCID-u9dr-ca2g-e3hk
7
vulnerability VCID-v9gk-3pqk-a7cr
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11
2
url pkg:pypi/django@2.2.4
purl pkg:pypi/django@2.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2qu4-qayw-a7ec
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-5zzj-9ez5-6ub1
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-7xx2-z2tg-7khd
7
vulnerability VCID-8uyx-7dub-hka9
8
vulnerability VCID-9qxj-9mb9-7bcv
9
vulnerability VCID-b5wa-f184-b3da
10
vulnerability VCID-beas-dwx6-1ffp
11
vulnerability VCID-cece-1mun-ckgh
12
vulnerability VCID-db6w-yj8t-sfg4
13
vulnerability VCID-djh3-m1t4-2qe1
14
vulnerability VCID-dttw-t3a9-gbbn
15
vulnerability VCID-gtkn-prux-vbdb
16
vulnerability VCID-j3bz-6jqe-ffgm
17
vulnerability VCID-nwtr-br34-qkbv
18
vulnerability VCID-rcfr-czct-xucv
19
vulnerability VCID-tudc-7sgh-nkda
20
vulnerability VCID-u9dr-ca2g-e3hk
21
vulnerability VCID-v9gk-3pqk-a7cr
22
vulnerability VCID-vc8c-7qn1-9uaz
23
vulnerability VCID-vcqt-n2pk-kyeb
24
vulnerability VCID-w3dy-chny-5fbc
25
vulnerability VCID-wpt2-535q-3yfe
26
vulnerability VCID-x1qk-bs7j-63ch
27
vulnerability VCID-x91x-cxp9-4fgp
28
vulnerability VCID-xkrz-p214-hqhp
29
vulnerability VCID-ycc8-7k6j-4kbf
30
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4
aliases PYSEC-2019-82
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bymm-qrt6-37d4
8
url VCID-dahb-k16x-vuf8
vulnerability_id VCID-dahb-k16x-vuf8
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14234.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14234.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14234
reference_id
reference_type
scores
0
value 0.29723
scoring_system epss
scoring_elements 0.96744
published_at 2026-06-11T12:55:00Z
1
value 0.29723
scoring_system epss
scoring_elements 0.96755
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14234
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
6
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/django/django/commit/4f5b58f5cd3c57fee9972ab074f8dc6895d8f387
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4f5b58f5cd3c57fee9972ab074f8dc6895d8f387
10
reference_url https://github.com/django/django/commit/ed682a24fca774818542757651bfba576c3fc3ef
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/ed682a24fca774818542757651bfba576c3fc3ef
11
reference_url https://github.com/django/django/commit/f74b3ae3628c26e1b4f8db3d13a91d52a833a975
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f74b3ae3628c26e1b4f8db3d13a91d52a833a975
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-13.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-13.yaml
13
reference_url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
16
reference_url https://security.netapp.com/advisory/ntap-20190828-0002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190828-0002
17
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1734417
reference_id 1734417
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1734417
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
reference_id 934026
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
20
reference_url https://security.archlinux.org/ASA-201908-2
reference_id ASA-201908-2
reference_type
scores
url https://security.archlinux.org/ASA-201908-2
21
reference_url https://security.archlinux.org/AVG-1015
reference_id AVG-1015
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1015
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14234
reference_id CVE-2019-14234
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14234
23
reference_url https://github.com/advisories/GHSA-6r97-cj55-9hrq
reference_id GHSA-6r97-cj55-9hrq
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-6r97-cj55-9hrq
24
reference_url https://access.redhat.com/errata/RHSA-2020:1324
reference_id RHSA-2020:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1324
25
reference_url https://access.redhat.com/errata/RHSA-2020:4390
reference_id RHSA-2020:4390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4390
26
reference_url https://usn.ubuntu.com/4084-1/
reference_id USN-4084-1
reference_type
scores
url https://usn.ubuntu.com/4084-1/
fixed_packages
0
url pkg:pypi/django@1.11.23
purl pkg:pypi/django@1.11.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-8uyx-7dub-hka9
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-tudc-7sgh-nkda
5
vulnerability VCID-u9dr-ca2g-e3hk
6
vulnerability VCID-v9gk-3pqk-a7cr
7
vulnerability VCID-vcqt-n2pk-kyeb
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23
1
url pkg:pypi/django@2.1.11
purl pkg:pypi/django@2.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-b5wa-f184-b3da
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-rcfr-czct-xucv
5
vulnerability VCID-tudc-7sgh-nkda
6
vulnerability VCID-u9dr-ca2g-e3hk
7
vulnerability VCID-v9gk-3pqk-a7cr
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11
2
url pkg:pypi/django@2.2.4
purl pkg:pypi/django@2.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2qu4-qayw-a7ec
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-5zzj-9ez5-6ub1
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-7xx2-z2tg-7khd
7
vulnerability VCID-8uyx-7dub-hka9
8
vulnerability VCID-9qxj-9mb9-7bcv
9
vulnerability VCID-b5wa-f184-b3da
10
vulnerability VCID-beas-dwx6-1ffp
11
vulnerability VCID-cece-1mun-ckgh
12
vulnerability VCID-db6w-yj8t-sfg4
13
vulnerability VCID-djh3-m1t4-2qe1
14
vulnerability VCID-dttw-t3a9-gbbn
15
vulnerability VCID-gtkn-prux-vbdb
16
vulnerability VCID-j3bz-6jqe-ffgm
17
vulnerability VCID-nwtr-br34-qkbv
18
vulnerability VCID-rcfr-czct-xucv
19
vulnerability VCID-tudc-7sgh-nkda
20
vulnerability VCID-u9dr-ca2g-e3hk
21
vulnerability VCID-v9gk-3pqk-a7cr
22
vulnerability VCID-vc8c-7qn1-9uaz
23
vulnerability VCID-vcqt-n2pk-kyeb
24
vulnerability VCID-w3dy-chny-5fbc
25
vulnerability VCID-wpt2-535q-3yfe
26
vulnerability VCID-x1qk-bs7j-63ch
27
vulnerability VCID-x91x-cxp9-4fgp
28
vulnerability VCID-xkrz-p214-hqhp
29
vulnerability VCID-ycc8-7k6j-4kbf
30
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4
aliases CVE-2019-14234, GHSA-6r97-cj55-9hrq, PYSEC-2019-13
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dahb-k16x-vuf8
9
url VCID-db6w-yj8t-sfg4
vulnerability_id VCID-db6w-yj8t-sfg4
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57833.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57833.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-57833
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22648
published_at 2026-06-12T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22452
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-57833
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/advisories/GHSA-6w2r-r2m5-xq5w
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://github.com/advisories/GHSA-6w2r-r2m5-xq5w
28
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
29
reference_url https://github.com/django/django/commit/102965ea93072fe3c39a30be437c683ec1106ef5
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/102965ea93072fe3c39a30be437c683ec1106ef5
30
reference_url https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92
31
reference_url https://github.com/django/django/commit/4c044fcc866ec226f612c475950b690b0139d243
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4c044fcc866ec226f612c475950b690b0139d243
32
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-105.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-105.yaml
33
reference_url https://lists.debian.org/debian-lts-announce/2025/09/msg00017.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/09/msg00017.html
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-57833
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-57833
35
reference_url https://www.djangoproject.com/weblog/2025/sep/03/security-releases
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/sep/03/security-releases
36
reference_url http://www.openwall.com/lists/oss-security/2025/09/03/3
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/09/03/3
37
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113865
reference_id 1113865
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113865
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2392990
reference_id 2392990
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2392990
39
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/
url https://groups.google.com/g/django-announce
40
reference_url https://medium.com/@EyalSec/django-unauthenticated-0-click-rce-and-sql-injection-using-default-configuration-059964f3f898
reference_id django-unauthenticated-0-click-rce-and-sql-injection-using-default-configuration-059964f3f898
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/
url https://medium.com/@EyalSec/django-unauthenticated-0-click-rce-and-sql-injection-using-default-configuration-059964f3f898
41
reference_url https://access.redhat.com/errata/RHSA-2025:16403
reference_id RHSA-2025:16403
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16403
42
reference_url https://access.redhat.com/errata/RHSA-2025:16404
reference_id RHSA-2025:16404
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16404
43
reference_url https://access.redhat.com/errata/RHSA-2025:16487
reference_id RHSA-2025:16487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16487
44
reference_url https://access.redhat.com/errata/RHSA-2025:16514
reference_id RHSA-2025:16514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16514
45
reference_url https://access.redhat.com/errata/RHSA-2025:17498
reference_id RHSA-2025:17498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17498
46
reference_url https://access.redhat.com/errata/RHSA-2025:17499
reference_id RHSA-2025:17499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17499
47
reference_url https://access.redhat.com/errata/RHSA-2025:17500
reference_id RHSA-2025:17500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17500
48
reference_url https://access.redhat.com/errata/RHSA-2025:17606
reference_id RHSA-2025:17606
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17606
49
reference_url https://access.redhat.com/errata/RHSA-2025:17613
reference_id RHSA-2025:17613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17613
50
reference_url https://access.redhat.com/errata/RHSA-2025:17614
reference_id RHSA-2025:17614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17614
51
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/
url https://docs.djangoproject.com/en/dev/releases/security/
52
reference_url https://www.djangoproject.com/weblog/2025/sep/03/security-releases/
reference_id security-releases
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/
url https://www.djangoproject.com/weblog/2025/sep/03/security-releases/
53
reference_url https://usn.ubuntu.com/7736-1/
reference_id USN-7736-1
reference_type
scores
url https://usn.ubuntu.com/7736-1/
fixed_packages
0
url pkg:pypi/django@4.2.24
purl pkg:pypi/django@4.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-72z9-v49q-vbcc
3
vulnerability VCID-81b9-uqyv-kkhm
4
vulnerability VCID-beas-dwx6-1ffp
5
vulnerability VCID-dh5p-grha-r7a2
6
vulnerability VCID-dqpz-q718-pkas
7
vulnerability VCID-e331-cbgc-hubm
8
vulnerability VCID-fwwm-7y13-y3dx
9
vulnerability VCID-hb8n-gwz6-9yd9
10
vulnerability VCID-jdjc-ygtk-c7hv
11
vulnerability VCID-pmhc-yu6r-uudy
12
vulnerability VCID-pn2d-2euz-pudt
13
vulnerability VCID-q3sw-jd7p-1yg1
14
vulnerability VCID-r3dj-t213-jyhh
15
vulnerability VCID-sbwy-buwj-gkd2
16
vulnerability VCID-xkrz-p214-hqhp
17
vulnerability VCID-zr7g-1xkm-fqdw
18
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.24
1
url pkg:pypi/django@5.1.12
purl pkg:pypi/django@5.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-72z9-v49q-vbcc
1
vulnerability VCID-81b9-uqyv-kkhm
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-fwwm-7y13-y3dx
4
vulnerability VCID-pmhc-yu6r-uudy
5
vulnerability VCID-xkrz-p214-hqhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.12
2
url pkg:pypi/django@5.2.6
purl pkg:pypi/django@5.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-1g9h-ryet-2ffs
2
vulnerability VCID-1mp4-kq35-1ba7
3
vulnerability VCID-4xtu-yeh2-pbc8
4
vulnerability VCID-72z9-v49q-vbcc
5
vulnerability VCID-81b9-uqyv-kkhm
6
vulnerability VCID-8tz7-vjwz-rycs
7
vulnerability VCID-beas-dwx6-1ffp
8
vulnerability VCID-dh5p-grha-r7a2
9
vulnerability VCID-dqpz-q718-pkas
10
vulnerability VCID-e331-cbgc-hubm
11
vulnerability VCID-fwwm-7y13-y3dx
12
vulnerability VCID-h5qf-zbcz-qygg
13
vulnerability VCID-hb8n-gwz6-9yd9
14
vulnerability VCID-jdjc-ygtk-c7hv
15
vulnerability VCID-m4mg-yd86-dyfw
16
vulnerability VCID-n915-wj16-wka6
17
vulnerability VCID-pmhc-yu6r-uudy
18
vulnerability VCID-pn2d-2euz-pudt
19
vulnerability VCID-q3sw-jd7p-1yg1
20
vulnerability VCID-r3dj-t213-jyhh
21
vulnerability VCID-sbwy-buwj-gkd2
22
vulnerability VCID-tvk1-4am9-f3cf
23
vulnerability VCID-xkrz-p214-hqhp
24
vulnerability VCID-z7sj-r61n-qbcd
25
vulnerability VCID-zr7g-1xkm-fqdw
26
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.6
aliases BIT-django-2025-57833, CVE-2025-57833, GHSA-6w2r-r2m5-xq5w, PYSEC-2025-105
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-db6w-yj8t-sfg4
10
url VCID-embu-nr2v-8ka8
vulnerability_id VCID-embu-nr2v-8ka8
summary An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.
references
0
reference_url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
1
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
fixed_packages
0
url pkg:pypi/django@1.11.23
purl pkg:pypi/django@1.11.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-8uyx-7dub-hka9
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-tudc-7sgh-nkda
5
vulnerability VCID-u9dr-ca2g-e3hk
6
vulnerability VCID-v9gk-3pqk-a7cr
7
vulnerability VCID-vcqt-n2pk-kyeb
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23
1
url pkg:pypi/django@2.1.11
purl pkg:pypi/django@2.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-b5wa-f184-b3da
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-rcfr-czct-xucv
5
vulnerability VCID-tudc-7sgh-nkda
6
vulnerability VCID-u9dr-ca2g-e3hk
7
vulnerability VCID-v9gk-3pqk-a7cr
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11
2
url pkg:pypi/django@2.2.4
purl pkg:pypi/django@2.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2qu4-qayw-a7ec
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-5zzj-9ez5-6ub1
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-7xx2-z2tg-7khd
7
vulnerability VCID-8uyx-7dub-hka9
8
vulnerability VCID-9qxj-9mb9-7bcv
9
vulnerability VCID-b5wa-f184-b3da
10
vulnerability VCID-beas-dwx6-1ffp
11
vulnerability VCID-cece-1mun-ckgh
12
vulnerability VCID-db6w-yj8t-sfg4
13
vulnerability VCID-djh3-m1t4-2qe1
14
vulnerability VCID-dttw-t3a9-gbbn
15
vulnerability VCID-gtkn-prux-vbdb
16
vulnerability VCID-j3bz-6jqe-ffgm
17
vulnerability VCID-nwtr-br34-qkbv
18
vulnerability VCID-rcfr-czct-xucv
19
vulnerability VCID-tudc-7sgh-nkda
20
vulnerability VCID-u9dr-ca2g-e3hk
21
vulnerability VCID-v9gk-3pqk-a7cr
22
vulnerability VCID-vc8c-7qn1-9uaz
23
vulnerability VCID-vcqt-n2pk-kyeb
24
vulnerability VCID-w3dy-chny-5fbc
25
vulnerability VCID-wpt2-535q-3yfe
26
vulnerability VCID-x1qk-bs7j-63ch
27
vulnerability VCID-x91x-cxp9-4fgp
28
vulnerability VCID-xkrz-p214-hqhp
29
vulnerability VCID-ycc8-7k6j-4kbf
30
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4
aliases PYSEC-2019-84
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-embu-nr2v-8ka8
11
url VCID-jg94-y9zx-dfaw
vulnerability_id VCID-jg94-y9zx-dfaw
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14232.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14232.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14232
reference_id
reference_type
scores
0
value 0.0297
scoring_system epss
scoring_elements 0.86855
published_at 2026-06-12T12:55:00Z
1
value 0.0297
scoring_system epss
scoring_elements 0.86807
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14232
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
27
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
28
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
29
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
30
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
31
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-11.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-11.yaml
32
reference_url https://github.com/pypa/advisory-db/tree/main/vulns/django/PYSEC-2019-11.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-db/tree/main/vulns/django/PYSEC-2019-11.yaml
33
reference_url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
34
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
35
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
36
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
37
reference_url https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ
38
reference_url https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW
39
reference_url https://security.netapp.com/advisory/ntap-20190828-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190828-0002
40
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
41
reference_url https://www.openwall.com/lists/oss-security/2023/10/04/6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2023/10/04/6
42
reference_url http://www.openwall.com/lists/oss-security/2024/03/04/1
reference_id 1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url http://www.openwall.com/lists/oss-security/2024/03/04/1
43
reference_url https://seclists.org/bugtraq/2019/Aug/15
reference_id 15
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://seclists.org/bugtraq/2019/Aug/15
44
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1734405
reference_id 1734405
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1734405
45
reference_url https://security.gentoo.org/glsa/202004-17
reference_id 202004-17
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://security.gentoo.org/glsa/202004-17
46
reference_url http://www.openwall.com/lists/oss-security/2023/10/04/6
reference_id 6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url http://www.openwall.com/lists/oss-security/2023/10/04/6
47
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
reference_id 934026
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
48
reference_url https://security.archlinux.org/ASA-201908-2
reference_id ASA-201908-2
reference_type
scores
url https://security.archlinux.org/ASA-201908-2
49
reference_url https://security.archlinux.org/AVG-1015
reference_id AVG-1015
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1015
50
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14232
reference_id CVE-2019-14232
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14232
51
reference_url https://www.debian.org/security/2019/dsa-4498
reference_id dsa-4498
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://www.debian.org/security/2019/dsa-4498
52
reference_url https://github.com/advisories/GHSA-c4qh-4vgv-qc6g
reference_id GHSA-c4qh-4vgv-qc6g
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-c4qh-4vgv-qc6g
53
reference_url https://groups.google.com/forum/#%21topic/django-announce/jIoju2-KLDs
reference_id jIoju2-KLDs
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://groups.google.com/forum/#%21topic/django-announce/jIoju2-KLDs
54
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
reference_id msg00006.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html
55
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
reference_id msg00025.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html
56
reference_url https://security.netapp.com/advisory/ntap-20190828-0002/
reference_id ntap-20190828-0002
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://security.netapp.com/advisory/ntap-20190828-0002/
57
reference_url https://access.redhat.com/errata/RHSA-2020:1324
reference_id RHSA-2020:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1324
58
reference_url https://access.redhat.com/errata/RHSA-2020:4390
reference_id RHSA-2020:4390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4390
59
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://docs.djangoproject.com/en/dev/releases/security/
60
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
reference_id security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
61
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-02T18:04:48Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
62
reference_url https://usn.ubuntu.com/4084-1/
reference_id USN-4084-1
reference_type
scores
url https://usn.ubuntu.com/4084-1/
fixed_packages
0
url pkg:pypi/django@1.11.23
purl pkg:pypi/django@1.11.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-8uyx-7dub-hka9
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-tudc-7sgh-nkda
5
vulnerability VCID-u9dr-ca2g-e3hk
6
vulnerability VCID-v9gk-3pqk-a7cr
7
vulnerability VCID-vcqt-n2pk-kyeb
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23
1
url pkg:pypi/django@2.1.11
purl pkg:pypi/django@2.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-b5wa-f184-b3da
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-rcfr-czct-xucv
5
vulnerability VCID-tudc-7sgh-nkda
6
vulnerability VCID-u9dr-ca2g-e3hk
7
vulnerability VCID-v9gk-3pqk-a7cr
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11
2
url pkg:pypi/django@2.2.4
purl pkg:pypi/django@2.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2qu4-qayw-a7ec
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-5zzj-9ez5-6ub1
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-7xx2-z2tg-7khd
7
vulnerability VCID-8uyx-7dub-hka9
8
vulnerability VCID-9qxj-9mb9-7bcv
9
vulnerability VCID-b5wa-f184-b3da
10
vulnerability VCID-beas-dwx6-1ffp
11
vulnerability VCID-cece-1mun-ckgh
12
vulnerability VCID-db6w-yj8t-sfg4
13
vulnerability VCID-djh3-m1t4-2qe1
14
vulnerability VCID-dttw-t3a9-gbbn
15
vulnerability VCID-gtkn-prux-vbdb
16
vulnerability VCID-j3bz-6jqe-ffgm
17
vulnerability VCID-nwtr-br34-qkbv
18
vulnerability VCID-rcfr-czct-xucv
19
vulnerability VCID-tudc-7sgh-nkda
20
vulnerability VCID-u9dr-ca2g-e3hk
21
vulnerability VCID-v9gk-3pqk-a7cr
22
vulnerability VCID-vc8c-7qn1-9uaz
23
vulnerability VCID-vcqt-n2pk-kyeb
24
vulnerability VCID-w3dy-chny-5fbc
25
vulnerability VCID-wpt2-535q-3yfe
26
vulnerability VCID-x1qk-bs7j-63ch
27
vulnerability VCID-x91x-cxp9-4fgp
28
vulnerability VCID-xkrz-p214-hqhp
29
vulnerability VCID-ycc8-7k6j-4kbf
30
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4
aliases CVE-2019-14232, GHSA-c4qh-4vgv-qc6g, PYSEC-2019-11
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jg94-y9zx-dfaw
12
url VCID-rr1h-qzgv-q7d5
vulnerability_id VCID-rr1h-qzgv-q7d5
summary An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.
references
0
reference_url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
1
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
fixed_packages
0
url pkg:pypi/django@1.11.23
purl pkg:pypi/django@1.11.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-8uyx-7dub-hka9
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-tudc-7sgh-nkda
5
vulnerability VCID-u9dr-ca2g-e3hk
6
vulnerability VCID-v9gk-3pqk-a7cr
7
vulnerability VCID-vcqt-n2pk-kyeb
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23
1
url pkg:pypi/django@2.1.11
purl pkg:pypi/django@2.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-b5wa-f184-b3da
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-rcfr-czct-xucv
5
vulnerability VCID-tudc-7sgh-nkda
6
vulnerability VCID-u9dr-ca2g-e3hk
7
vulnerability VCID-v9gk-3pqk-a7cr
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11
2
url pkg:pypi/django@2.2.4
purl pkg:pypi/django@2.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2qu4-qayw-a7ec
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-5zzj-9ez5-6ub1
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-7xx2-z2tg-7khd
7
vulnerability VCID-8uyx-7dub-hka9
8
vulnerability VCID-9qxj-9mb9-7bcv
9
vulnerability VCID-b5wa-f184-b3da
10
vulnerability VCID-beas-dwx6-1ffp
11
vulnerability VCID-cece-1mun-ckgh
12
vulnerability VCID-db6w-yj8t-sfg4
13
vulnerability VCID-djh3-m1t4-2qe1
14
vulnerability VCID-dttw-t3a9-gbbn
15
vulnerability VCID-gtkn-prux-vbdb
16
vulnerability VCID-j3bz-6jqe-ffgm
17
vulnerability VCID-nwtr-br34-qkbv
18
vulnerability VCID-rcfr-czct-xucv
19
vulnerability VCID-tudc-7sgh-nkda
20
vulnerability VCID-u9dr-ca2g-e3hk
21
vulnerability VCID-v9gk-3pqk-a7cr
22
vulnerability VCID-vc8c-7qn1-9uaz
23
vulnerability VCID-vcqt-n2pk-kyeb
24
vulnerability VCID-w3dy-chny-5fbc
25
vulnerability VCID-wpt2-535q-3yfe
26
vulnerability VCID-x1qk-bs7j-63ch
27
vulnerability VCID-x91x-cxp9-4fgp
28
vulnerability VCID-xkrz-p214-hqhp
29
vulnerability VCID-ycc8-7k6j-4kbf
30
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4
aliases PYSEC-2019-83
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rr1h-qzgv-q7d5
13
url VCID-tudc-7sgh-nkda
vulnerability_id VCID-tudc-7sgh-nkda
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45231.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45231.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-45231
reference_id
reference_type
scores
0
value 0.00235
scoring_system epss
scoring_elements 0.46576
published_at 2026-06-11T12:55:00Z
1
value 0.00235
scoring_system epss
scoring_elements 0.46721
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-45231
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
28
reference_url https://github.com/django/django/commit/3c733c78d6f8e50296d6e248968b6516c92a53ca
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/3c733c78d6f8e50296d6e248968b6516c92a53ca
29
reference_url https://github.com/django/django/commit/96d84047715ea1715b4bd1594e46122b8a77b9e2
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/96d84047715ea1715b4bd1594e46122b8a77b9e2
30
reference_url https://github.com/django/django/commit/bf4888d317ba4506d091eeac6e8b4f1fcc731199
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/bf4888d317ba4506d091eeac6e8b4f1fcc731199
31
reference_url https://www.djangoproject.com/weblog/2024/sep/03/security-releases
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/sep/03/security-releases
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2314496
reference_id 2314496
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2314496
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-45231
reference_id CVE-2024-45231
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-45231
34
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id django-announce
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:35:34Z/
url https://groups.google.com/forum/#%21forum/django-announce
35
reference_url https://github.com/advisories/GHSA-rrqc-c2jx-6jgv
reference_id GHSA-rrqc-c2jx-6jgv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rrqc-c2jx-6jgv
36
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
37
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:35:34Z/
url https://docs.djangoproject.com/en/dev/releases/security/
38
reference_url https://www.djangoproject.com/weblog/2024/sep/03/security-releases/
reference_id security-releases
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:35:34Z/
url https://www.djangoproject.com/weblog/2024/sep/03/security-releases/
39
reference_url https://usn.ubuntu.com/6987-1/
reference_id USN-6987-1
reference_type
scores
url https://usn.ubuntu.com/6987-1/
fixed_packages
0
url pkg:pypi/django@4.2.16
purl pkg:pypi/django@4.2.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-72z9-v49q-vbcc
3
vulnerability VCID-81b9-uqyv-kkhm
4
vulnerability VCID-a4fn-xf8s-tye5
5
vulnerability VCID-beas-dwx6-1ffp
6
vulnerability VCID-db6w-yj8t-sfg4
7
vulnerability VCID-dh5p-grha-r7a2
8
vulnerability VCID-dqpz-q718-pkas
9
vulnerability VCID-e331-cbgc-hubm
10
vulnerability VCID-fwwm-7y13-y3dx
11
vulnerability VCID-hb8n-gwz6-9yd9
12
vulnerability VCID-jdjc-ygtk-c7hv
13
vulnerability VCID-mja4-jz67-kbh6
14
vulnerability VCID-pmhc-yu6r-uudy
15
vulnerability VCID-pn2d-2euz-pudt
16
vulnerability VCID-q3sw-jd7p-1yg1
17
vulnerability VCID-r3dj-t213-jyhh
18
vulnerability VCID-s9u4-39qe-pkh2
19
vulnerability VCID-sbwy-buwj-gkd2
20
vulnerability VCID-wwzx-eujh-sye1
21
vulnerability VCID-xkrz-p214-hqhp
22
vulnerability VCID-ycc8-7k6j-4kbf
23
vulnerability VCID-z3vg-rtt7-vuem
24
vulnerability VCID-zr7g-1xkm-fqdw
25
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.16
1
url pkg:pypi/django@5.0.9
purl pkg:pypi/django@5.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6wvp-47qa-m7bc
1
vulnerability VCID-a4fn-xf8s-tye5
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-mja4-jz67-kbh6
5
vulnerability VCID-wwzx-eujh-sye1
6
vulnerability VCID-xkrz-p214-hqhp
7
vulnerability VCID-ycc8-7k6j-4kbf
8
vulnerability VCID-z3vg-rtt7-vuem
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.9
2
url pkg:pypi/django@5.1.1
purl pkg:pypi/django@5.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6wvp-47qa-m7bc
1
vulnerability VCID-72z9-v49q-vbcc
2
vulnerability VCID-81b9-uqyv-kkhm
3
vulnerability VCID-a4fn-xf8s-tye5
4
vulnerability VCID-beas-dwx6-1ffp
5
vulnerability VCID-db6w-yj8t-sfg4
6
vulnerability VCID-fwwm-7y13-y3dx
7
vulnerability VCID-mja4-jz67-kbh6
8
vulnerability VCID-pmhc-yu6r-uudy
9
vulnerability VCID-s9u4-39qe-pkh2
10
vulnerability VCID-wwzx-eujh-sye1
11
vulnerability VCID-xkrz-p214-hqhp
12
vulnerability VCID-ycc8-7k6j-4kbf
13
vulnerability VCID-z3vg-rtt7-vuem
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.1
aliases CVE-2024-45231, GHSA-rrqc-c2jx-6jgv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tudc-7sgh-nkda
14
url VCID-u9dr-ca2g-e3hk
vulnerability_id VCID-u9dr-ca2g-e3hk
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33203.json
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33203.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33203
reference_id
reference_type
scores
0
value 0.00143
scoring_system epss
scoring_elements 0.34403
published_at 2026-06-12T12:55:00Z
1
value 0.00143
scoring_system epss
scoring_elements 0.34225
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33203
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33203
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33203
3
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.2/releases/security
4
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90
9
reference_url https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f
10
reference_url https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml
12
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33203
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33203
15
reference_url https://security.netapp.com/advisory/ntap-20210727-0004
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210727-0004
16
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
17
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966251
reference_id 1966251
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966251
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
reference_id 989394
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
20
reference_url https://security.archlinux.org/ASA-202106-41
reference_id ASA-202106-41
reference_type
scores
url https://security.archlinux.org/ASA-202106-41
21
reference_url https://security.archlinux.org/AVG-2026
reference_id AVG-2026
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2026
22
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
23
reference_url https://access.redhat.com/errata/RHSA-2021:3490
reference_id RHSA-2021:3490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3490
24
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
25
reference_url https://access.redhat.com/errata/RHSA-2021:5070
reference_id RHSA-2021:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5070
26
reference_url https://usn.ubuntu.com/4975-1/
reference_id USN-4975-1
reference_type
scores
url https://usn.ubuntu.com/4975-1/
27
reference_url https://usn.ubuntu.com/4975-2/
reference_id USN-4975-2
reference_type
scores
url https://usn.ubuntu.com/4975-2/
fixed_packages
0
url pkg:pypi/django@2.2.24
purl pkg:pypi/django@2.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sve-8b9b-hud7
1
vulnerability VCID-38w8-jbku-eugu
2
vulnerability VCID-6uja-brvn-rufw
3
vulnerability VCID-beas-dwx6-1ffp
4
vulnerability VCID-cece-1mun-ckgh
5
vulnerability VCID-db6w-yj8t-sfg4
6
vulnerability VCID-gtkn-prux-vbdb
7
vulnerability VCID-j3bz-6jqe-ffgm
8
vulnerability VCID-tudc-7sgh-nkda
9
vulnerability VCID-w3dy-chny-5fbc
10
vulnerability VCID-wpt2-535q-3yfe
11
vulnerability VCID-xkrz-p214-hqhp
12
vulnerability VCID-ycc8-7k6j-4kbf
13
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24
1
url pkg:pypi/django@3.1.12
purl pkg:pypi/django@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28ff-ng96-5ugk
1
vulnerability VCID-beas-dwx6-1ffp
2
vulnerability VCID-db6w-yj8t-sfg4
3
vulnerability VCID-j3bz-6jqe-ffgm
4
vulnerability VCID-tudc-7sgh-nkda
5
vulnerability VCID-wpt2-535q-3yfe
6
vulnerability VCID-xkrz-p214-hqhp
7
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12
2
url pkg:pypi/django@3.2.4
purl pkg:pypi/django@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19se-3ng9-c7bw
1
vulnerability VCID-28ff-ng96-5ugk
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-6tdg-t4nv-sbha
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-7spe-cayc-4qb4
7
vulnerability VCID-9ge1-u71f-rbaw
8
vulnerability VCID-beas-dwx6-1ffp
9
vulnerability VCID-cece-1mun-ckgh
10
vulnerability VCID-d2cw-526n-mbem
11
vulnerability VCID-db6w-yj8t-sfg4
12
vulnerability VCID-fmpr-bhrf-17gm
13
vulnerability VCID-gtkn-prux-vbdb
14
vulnerability VCID-j3bz-6jqe-ffgm
15
vulnerability VCID-j4rs-235r-dkfj
16
vulnerability VCID-jspj-r34n-jubz
17
vulnerability VCID-nhzy-7qdm-wbg8
18
vulnerability VCID-qsme-8a2n-23fs
19
vulnerability VCID-tudc-7sgh-nkda
20
vulnerability VCID-ufv7-y5a7-fugg
21
vulnerability VCID-w3dy-chny-5fbc
22
vulnerability VCID-wpt2-535q-3yfe
23
vulnerability VCID-xkrz-p214-hqhp
24
vulnerability VCID-ycc8-7k6j-4kbf
25
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4
aliases BIT-django-2021-33203, CVE-2021-33203, GHSA-68w8-qjq3-2gfm, PYSEC-2021-98
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u9dr-ca2g-e3hk
15
url VCID-v9gk-3pqk-a7cr
vulnerability_id VCID-v9gk-3pqk-a7cr
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7471.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7471.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7471
reference_id
reference_type
scores
0
value 0.1537
scoring_system epss
scoring_elements 0.94811
published_at 2026-06-12T12:55:00Z
1
value 0.1537
scoring_system epss
scoring_elements 0.94794
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7471
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7471
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7471
3
reference_url https://docs.djangoproject.com/en/3.0/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.0/releases/security
4
reference_url https://docs.djangoproject.com/en/3.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.0/releases/security/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd
8
reference_url https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b
9
reference_url https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147
10
reference_url https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml
12
reference_url https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
15
reference_url https://seclists.org/bugtraq/2020/Feb/30
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2020/Feb/30
16
reference_url https://security.netapp.com/advisory/ntap-20200221-0006
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200221-0006
17
reference_url https://security.netapp.com/advisory/ntap-20200221-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200221-0006/
18
reference_url https://usn.ubuntu.com/4264-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4264-1
19
reference_url https://usn.ubuntu.com/4264-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4264-1/
20
reference_url https://www.debian.org/security/2020/dsa-4629
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4629
21
reference_url https://www.djangoproject.com/weblog/2020/feb/03/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/feb/03/security-releases
22
reference_url https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
23
reference_url https://www.openwall.com/lists/oss-security/2020/02/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/02/03/1
24
reference_url http://www.openwall.com/lists/oss-security/2020/02/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/02/03/1
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1798515
reference_id 1798515
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1798515
26
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581
reference_id 950581
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581
27
reference_url https://security.archlinux.org/ASA-202002-1
reference_id ASA-202002-1
reference_type
scores
url https://security.archlinux.org/ASA-202002-1
28
reference_url https://security.archlinux.org/AVG-1091
reference_id AVG-1091
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1091
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7471
reference_id CVE-2020-7471
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7471
30
reference_url https://github.com/advisories/GHSA-hmr4-m2h5-33qx
reference_id GHSA-hmr4-m2h5-33qx
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hmr4-m2h5-33qx
fixed_packages
0
url pkg:pypi/django@1.11.28
purl pkg:pypi/django@1.11.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-tudc-7sgh-nkda
3
vulnerability VCID-u9dr-ca2g-e3hk
4
vulnerability VCID-vcqt-n2pk-kyeb
5
vulnerability VCID-wpt2-535q-3yfe
6
vulnerability VCID-xkrz-p214-hqhp
7
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.28
1
url pkg:pypi/django@2.2.10
purl pkg:pypi/django@2.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2qu4-qayw-a7ec
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-5zzj-9ez5-6ub1
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-9qxj-9mb9-7bcv
7
vulnerability VCID-beas-dwx6-1ffp
8
vulnerability VCID-cece-1mun-ckgh
9
vulnerability VCID-db6w-yj8t-sfg4
10
vulnerability VCID-djh3-m1t4-2qe1
11
vulnerability VCID-dttw-t3a9-gbbn
12
vulnerability VCID-gtkn-prux-vbdb
13
vulnerability VCID-j3bz-6jqe-ffgm
14
vulnerability VCID-nwtr-br34-qkbv
15
vulnerability VCID-tudc-7sgh-nkda
16
vulnerability VCID-u9dr-ca2g-e3hk
17
vulnerability VCID-vc8c-7qn1-9uaz
18
vulnerability VCID-vcqt-n2pk-kyeb
19
vulnerability VCID-w3dy-chny-5fbc
20
vulnerability VCID-wpt2-535q-3yfe
21
vulnerability VCID-x1qk-bs7j-63ch
22
vulnerability VCID-x91x-cxp9-4fgp
23
vulnerability VCID-xkrz-p214-hqhp
24
vulnerability VCID-ycc8-7k6j-4kbf
25
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.10
2
url pkg:pypi/django@3.0.3
purl pkg:pypi/django@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-28ff-ng96-5ugk
2
vulnerability VCID-2qu4-qayw-a7ec
3
vulnerability VCID-9qxj-9mb9-7bcv
4
vulnerability VCID-beas-dwx6-1ffp
5
vulnerability VCID-db6w-yj8t-sfg4
6
vulnerability VCID-djh3-m1t4-2qe1
7
vulnerability VCID-dttw-t3a9-gbbn
8
vulnerability VCID-j3bz-6jqe-ffgm
9
vulnerability VCID-nwtr-br34-qkbv
10
vulnerability VCID-tudc-7sgh-nkda
11
vulnerability VCID-u9dr-ca2g-e3hk
12
vulnerability VCID-vc8c-7qn1-9uaz
13
vulnerability VCID-vcqt-n2pk-kyeb
14
vulnerability VCID-wpt2-535q-3yfe
15
vulnerability VCID-x1qk-bs7j-63ch
16
vulnerability VCID-x91x-cxp9-4fgp
17
vulnerability VCID-xkrz-p214-hqhp
18
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.3
aliases BIT-django-2020-7471, CVE-2020-7471, GHSA-hmr4-m2h5-33qx, PYSEC-2020-35
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v9gk-3pqk-a7cr
16
url VCID-vcqt-n2pk-kyeb
vulnerability_id VCID-vcqt-n2pk-kyeb
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9402.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9402.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-9402
reference_id
reference_type
scores
0
value 0.84644
scoring_system epss
scoring_elements 0.99356
published_at 2026-06-12T12:55:00Z
1
value 0.84644
scoring_system epss
scoring_elements 0.99353
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-9402
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9402
3
reference_url https://docs.djangoproject.com/en/3.0/releases/security
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.0/releases/security
4
reference_url https://docs.djangoproject.com/en/3.0/releases/security/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://docs.djangoproject.com/en/3.0/releases/security/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/6695d29b1c1ce979725816295a26ecc64ae0e927
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6695d29b1c1ce979725816295a26ecc64ae0e927
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-345.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-345.yaml
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-36.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-36.yaml
10
reference_url https://groups.google.com/forum/#%21topic/django-announce/fLUh_pOaKrY
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#%21topic/django-announce/fLUh_pOaKrY
11
reference_url https://groups.google.com/forum/#!topic/django-announce/fLUh_pOaKrY
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/fLUh_pOaKrY
12
reference_url https://lists.debian.org/debian-lts-announce/2022/05/msg00035.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/05/msg00035.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY
20
reference_url https://security.netapp.com/advisory/ntap-20200327-0004
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200327-0004
21
reference_url https://security.netapp.com/advisory/ntap-20200327-0004/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://security.netapp.com/advisory/ntap-20200327-0004/
22
reference_url https://usn.ubuntu.com/4296-1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4296-1
23
reference_url https://usn.ubuntu.com/4296-1/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://usn.ubuntu.com/4296-1/
24
reference_url https://www.debian.org/security/2020/dsa-4705
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4705
25
reference_url https://www.djangoproject.com/weblog/2020/mar/04/security-releases
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/mar/04/security-releases
26
reference_url https://www.djangoproject.com/weblog/2020/mar/04/security-releases/
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://www.djangoproject.com/weblog/2020/mar/04/security-releases/
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1810088
reference_id 1810088
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1810088
28
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953102
reference_id 953102
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953102
29
reference_url https://security.archlinux.org/ASA-202003-5
reference_id ASA-202003-5
reference_type
scores
url https://security.archlinux.org/ASA-202003-5
30
reference_url https://security.archlinux.org/AVG-1111
reference_id AVG-1111
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1111
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-9402
reference_id CVE-2020-9402
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-9402
32
reference_url https://github.com/advisories/GHSA-3gh2-xw74-jmcw
reference_id GHSA-3gh2-xw74-jmcw
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-3gh2-xw74-jmcw
33
reference_url https://access.redhat.com/errata/RHSA-2021:1313
reference_id RHSA-2021:1313
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1313
fixed_packages
0
url pkg:pypi/django@1.11.29
purl pkg:pypi/django@1.11.29
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-beas-dwx6-1ffp
1
vulnerability VCID-db6w-yj8t-sfg4
2
vulnerability VCID-tudc-7sgh-nkda
3
vulnerability VCID-u9dr-ca2g-e3hk
4
vulnerability VCID-wpt2-535q-3yfe
5
vulnerability VCID-xkrz-p214-hqhp
6
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.29
1
url pkg:pypi/django@2.2.11
purl pkg:pypi/django@2.2.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2qu4-qayw-a7ec
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-5zzj-9ez5-6ub1
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-9qxj-9mb9-7bcv
7
vulnerability VCID-beas-dwx6-1ffp
8
vulnerability VCID-cece-1mun-ckgh
9
vulnerability VCID-db6w-yj8t-sfg4
10
vulnerability VCID-djh3-m1t4-2qe1
11
vulnerability VCID-dttw-t3a9-gbbn
12
vulnerability VCID-gtkn-prux-vbdb
13
vulnerability VCID-j3bz-6jqe-ffgm
14
vulnerability VCID-nwtr-br34-qkbv
15
vulnerability VCID-tudc-7sgh-nkda
16
vulnerability VCID-u9dr-ca2g-e3hk
17
vulnerability VCID-vc8c-7qn1-9uaz
18
vulnerability VCID-w3dy-chny-5fbc
19
vulnerability VCID-wpt2-535q-3yfe
20
vulnerability VCID-x1qk-bs7j-63ch
21
vulnerability VCID-x91x-cxp9-4fgp
22
vulnerability VCID-xkrz-p214-hqhp
23
vulnerability VCID-ycc8-7k6j-4kbf
24
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.11
2
url pkg:pypi/django@3.0.4
purl pkg:pypi/django@3.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-28ff-ng96-5ugk
2
vulnerability VCID-2qu4-qayw-a7ec
3
vulnerability VCID-9qxj-9mb9-7bcv
4
vulnerability VCID-beas-dwx6-1ffp
5
vulnerability VCID-db6w-yj8t-sfg4
6
vulnerability VCID-djh3-m1t4-2qe1
7
vulnerability VCID-dttw-t3a9-gbbn
8
vulnerability VCID-j3bz-6jqe-ffgm
9
vulnerability VCID-nwtr-br34-qkbv
10
vulnerability VCID-tudc-7sgh-nkda
11
vulnerability VCID-u9dr-ca2g-e3hk
12
vulnerability VCID-vc8c-7qn1-9uaz
13
vulnerability VCID-wpt2-535q-3yfe
14
vulnerability VCID-x1qk-bs7j-63ch
15
vulnerability VCID-x91x-cxp9-4fgp
16
vulnerability VCID-xkrz-p214-hqhp
17
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.4
aliases BIT-django-2020-9402, CVE-2020-9402, GHSA-3gh2-xw74-jmcw, PYSEC-2020-345, PYSEC-2020-36
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vcqt-n2pk-kyeb
17
url VCID-wpt2-535q-3yfe
vulnerability_id VCID-wpt2-535q-3yfe
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36359
reference_id
reference_type
scores
0
value 0.0113
scoring_system epss
scoring_elements 0.78797
published_at 2026-06-12T12:55:00Z
1
value 0.0113
scoring_system epss
scoring_elements 0.78732
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36359
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22818
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22818
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23833
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28346
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28346
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28347
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28347
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34265
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34265
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36359
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36359
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41323
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41323
8
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
11
reference_url https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80
12
reference_url https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3
13
reference_url https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173
14
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml
15
reference_url https://groups.google.com/g/django-announce/c/8cz--gvaJr4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/django-announce/c/8cz--gvaJr4
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
18
reference_url https://security.netapp.com/advisory/ntap-20220915-0008
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220915-0008
19
reference_url https://www.debian.org/security/2022/dsa-5254
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5254
20
reference_url https://www.djangoproject.com/weblog/2022/aug/03/security-releases
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/aug/03/security-releases
21
reference_url https://www.djangoproject.com/weblog/2022/aug/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/aug/03/security-releases/
22
reference_url http://www.openwall.com/lists/oss-security/2022/08/03/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/08/03/1
23
reference_url https://security.archlinux.org/AVG-2810
reference_id AVG-2810
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2810
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36359
reference_id CVE-2022-36359
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36359
25
reference_url https://github.com/advisories/GHSA-8x94-hmjh-97hq
reference_id GHSA-8x94-hmjh-97hq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8x94-hmjh-97hq
26
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
27
reference_url https://usn.ubuntu.com/5549-1/
reference_id USN-5549-1
reference_type
scores
url https://usn.ubuntu.com/5549-1/
fixed_packages
0
url pkg:pypi/django@3.2.15
purl pkg:pypi/django@3.2.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19se-3ng9-c7bw
1
vulnerability VCID-6tdg-t4nv-sbha
2
vulnerability VCID-7spe-cayc-4qb4
3
vulnerability VCID-9ge1-u71f-rbaw
4
vulnerability VCID-beas-dwx6-1ffp
5
vulnerability VCID-d2cw-526n-mbem
6
vulnerability VCID-db6w-yj8t-sfg4
7
vulnerability VCID-j4rs-235r-dkfj
8
vulnerability VCID-jspj-r34n-jubz
9
vulnerability VCID-nhzy-7qdm-wbg8
10
vulnerability VCID-qsme-8a2n-23fs
11
vulnerability VCID-tudc-7sgh-nkda
12
vulnerability VCID-ufv7-y5a7-fugg
13
vulnerability VCID-xkrz-p214-hqhp
14
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.15
1
url pkg:pypi/django@4.0.7
purl pkg:pypi/django@4.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19se-3ng9-c7bw
1
vulnerability VCID-6tdg-t4nv-sbha
2
vulnerability VCID-7spe-cayc-4qb4
3
vulnerability VCID-beas-dwx6-1ffp
4
vulnerability VCID-db6w-yj8t-sfg4
5
vulnerability VCID-jspj-r34n-jubz
6
vulnerability VCID-nhzy-7qdm-wbg8
7
vulnerability VCID-tudc-7sgh-nkda
8
vulnerability VCID-xkrz-p214-hqhp
9
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.7
aliases BIT-django-2022-36359, CVE-2022-36359, GHSA-8x94-hmjh-97hq, PYSEC-2022-245
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wpt2-535q-3yfe
18
url VCID-xkrz-p214-hqhp
vulnerability_id VCID-xkrz-p214-hqhp
summary 
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.
NFKC normalization in Python is slow on Windows. As a consequence, `django.http.HttpResponseRedirect`, `django.http.HttpResponsePermanentRedirect`, and the shortcut `django.shortcuts.redirect`  were subject to a potential  denial-of-service attack via certain inputs with a very large number of Unicode characters.
Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.
Django would like to thank Seokchan Yoon for reporting this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64458.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64458.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-64458
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.07314
published_at 2026-06-11T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.07356
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-64458
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
4
reference_url https://github.com/django/django/commit/3790593781d26168e7306b5b2f8ea0309de16242
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/3790593781d26168e7306b5b2f8ea0309de16242
5
reference_url https://github.com/django/django/commit/4f5d904b63751dea9ffc3b0e046404a7fa5881ac
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4f5d904b63751dea9ffc3b0e046404a7fa5881ac
6
reference_url https://github.com/django/django/commit/6e13348436fccf8f22982921d6a3a3e65c956a9f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6e13348436fccf8f22982921d6a3a3e65c956a9f
7
reference_url https://github.com/django/django/commit/770eea38d7a0e9ba9455140b5a9a9e33618226a7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/770eea38d7a0e9ba9455140b5a9a9e33618226a7
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-107.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-107.yaml
9
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2412649
reference_id 2412649
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2412649
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-64458
reference_id CVE-2025-64458
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-64458
12
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/
url https://groups.google.com/g/django-announce
13
reference_url https://github.com/advisories/GHSA-qw25-v68c-qjf3
reference_id GHSA-qw25-v68c-qjf3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qw25-v68c-qjf3
14
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/
url https://docs.djangoproject.com/en/dev/releases/security/
15
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
reference_id security-releases
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
fixed_packages
0
url pkg:pypi/django@4.2.26
purl pkg:pypi/django@4.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-72z9-v49q-vbcc
3
vulnerability VCID-81b9-uqyv-kkhm
4
vulnerability VCID-dh5p-grha-r7a2
5
vulnerability VCID-dqpz-q718-pkas
6
vulnerability VCID-e331-cbgc-hubm
7
vulnerability VCID-hb8n-gwz6-9yd9
8
vulnerability VCID-jdjc-ygtk-c7hv
9
vulnerability VCID-pn2d-2euz-pudt
10
vulnerability VCID-q3sw-jd7p-1yg1
11
vulnerability VCID-r3dj-t213-jyhh
12
vulnerability VCID-sbwy-buwj-gkd2
13
vulnerability VCID-zr7g-1xkm-fqdw
14
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.26
1
url pkg:pypi/django@5.1.14
purl pkg:pypi/django@5.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-72z9-v49q-vbcc
1
vulnerability VCID-81b9-uqyv-kkhm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.14
2
url pkg:pypi/django@5.2.8
purl pkg:pypi/django@5.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-1g9h-ryet-2ffs
2
vulnerability VCID-1mp4-kq35-1ba7
3
vulnerability VCID-4xtu-yeh2-pbc8
4
vulnerability VCID-72z9-v49q-vbcc
5
vulnerability VCID-81b9-uqyv-kkhm
6
vulnerability VCID-8tz7-vjwz-rycs
7
vulnerability VCID-dh5p-grha-r7a2
8
vulnerability VCID-dqpz-q718-pkas
9
vulnerability VCID-e331-cbgc-hubm
10
vulnerability VCID-h5qf-zbcz-qygg
11
vulnerability VCID-hb8n-gwz6-9yd9
12
vulnerability VCID-jdjc-ygtk-c7hv
13
vulnerability VCID-m4mg-yd86-dyfw
14
vulnerability VCID-n915-wj16-wka6
15
vulnerability VCID-pn2d-2euz-pudt
16
vulnerability VCID-q3sw-jd7p-1yg1
17
vulnerability VCID-r3dj-t213-jyhh
18
vulnerability VCID-sbwy-buwj-gkd2
19
vulnerability VCID-tvk1-4am9-f3cf
20
vulnerability VCID-z7sj-r61n-qbcd
21
vulnerability VCID-zr7g-1xkm-fqdw
22
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.8
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-dqpz-q718-pkas
3
vulnerability VCID-e331-cbgc-hubm
4
vulnerability VCID-pn2d-2euz-pudt
5
vulnerability VCID-sbwy-buwj-gkd2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
aliases BIT-django-2025-64458, CVE-2025-64458, GHSA-qw25-v68c-qjf3, PYSEC-2025-107
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xkrz-p214-hqhp
19
url VCID-xmun-auq2-mqhw
vulnerability_id VCID-xmun-auq2-mqhw
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14233.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14233.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14233
reference_id
reference_type
scores
0
value 0.06773
scoring_system epss
scoring_elements 0.91511
published_at 2026-06-11T12:55:00Z
1
value 0.06773
scoring_system epss
scoring_elements 0.91541
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14233
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14233
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14234
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14235
6
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-12.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-12.yaml
10
reference_url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/
13
reference_url https://security.netapp.com/advisory/ntap-20190828-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190828-0002
14
reference_url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/aug/01/security-releases
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1734410
reference_id 1734410
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1734410
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
reference_id 934026
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026
17
reference_url https://security.archlinux.org/ASA-201908-2
reference_id ASA-201908-2
reference_type
scores
url https://security.archlinux.org/ASA-201908-2
18
reference_url https://security.archlinux.org/AVG-1015
reference_id AVG-1015
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1015
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14233
reference_id CVE-2019-14233
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14233
20
reference_url https://github.com/advisories/GHSA-h5jv-4p7w-64jg
reference_id GHSA-h5jv-4p7w-64jg
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-h5jv-4p7w-64jg
21
reference_url https://access.redhat.com/errata/RHSA-2020:1324
reference_id RHSA-2020:1324
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1324
22
reference_url https://access.redhat.com/errata/RHSA-2020:4390
reference_id RHSA-2020:4390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4390
23
reference_url https://usn.ubuntu.com/4084-1/
reference_id USN-4084-1
reference_type
scores
url https://usn.ubuntu.com/4084-1/
fixed_packages
0
url pkg:pypi/django@1.11.23
purl pkg:pypi/django@1.11.23
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-8uyx-7dub-hka9
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-tudc-7sgh-nkda
5
vulnerability VCID-u9dr-ca2g-e3hk
6
vulnerability VCID-v9gk-3pqk-a7cr
7
vulnerability VCID-vcqt-n2pk-kyeb
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23
1
url pkg:pypi/django@2.1.11
purl pkg:pypi/django@2.1.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7xx2-z2tg-7khd
1
vulnerability VCID-b5wa-f184-b3da
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-rcfr-czct-xucv
5
vulnerability VCID-tudc-7sgh-nkda
6
vulnerability VCID-u9dr-ca2g-e3hk
7
vulnerability VCID-v9gk-3pqk-a7cr
8
vulnerability VCID-wpt2-535q-3yfe
9
vulnerability VCID-xkrz-p214-hqhp
10
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11
2
url pkg:pypi/django@2.2.4
purl pkg:pypi/django@2.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2qu4-qayw-a7ec
2
vulnerability VCID-2sve-8b9b-hud7
3
vulnerability VCID-38w8-jbku-eugu
4
vulnerability VCID-5zzj-9ez5-6ub1
5
vulnerability VCID-6uja-brvn-rufw
6
vulnerability VCID-7xx2-z2tg-7khd
7
vulnerability VCID-8uyx-7dub-hka9
8
vulnerability VCID-9qxj-9mb9-7bcv
9
vulnerability VCID-b5wa-f184-b3da
10
vulnerability VCID-beas-dwx6-1ffp
11
vulnerability VCID-cece-1mun-ckgh
12
vulnerability VCID-db6w-yj8t-sfg4
13
vulnerability VCID-djh3-m1t4-2qe1
14
vulnerability VCID-dttw-t3a9-gbbn
15
vulnerability VCID-gtkn-prux-vbdb
16
vulnerability VCID-j3bz-6jqe-ffgm
17
vulnerability VCID-nwtr-br34-qkbv
18
vulnerability VCID-rcfr-czct-xucv
19
vulnerability VCID-tudc-7sgh-nkda
20
vulnerability VCID-u9dr-ca2g-e3hk
21
vulnerability VCID-v9gk-3pqk-a7cr
22
vulnerability VCID-vc8c-7qn1-9uaz
23
vulnerability VCID-vcqt-n2pk-kyeb
24
vulnerability VCID-w3dy-chny-5fbc
25
vulnerability VCID-wpt2-535q-3yfe
26
vulnerability VCID-x1qk-bs7j-63ch
27
vulnerability VCID-x91x-cxp9-4fgp
28
vulnerability VCID-xkrz-p214-hqhp
29
vulnerability VCID-ycc8-7k6j-4kbf
30
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4
aliases CVE-2019-14233, GHSA-h5jv-4p7w-64jg, PYSEC-2019-12
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xmun-auq2-mqhw
20
url VCID-ycc8-7k6j-4kbf
vulnerability_id VCID-ycc8-7k6j-4kbf
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48432.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48432.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48432
reference_id
reference_type
scores
0
value 0.00411
scoring_system epss
scoring_elements 0.61866
published_at 2026-06-11T12:55:00Z
1
value 0.00411
scoring_system epss
scoring_elements 0.61967
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48432
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460
25
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://github.com/advisories/GHSA-7xr5-9hcq-chf9
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-7xr5-9hcq-chf9
28
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
29
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-47.yaml
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-47.yaml
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-48432
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-48432
31
reference_url https://www.djangoproject.com/weblog/2025/jun/04/security-releases
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/jun/04/security-releases
32
reference_url https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases
33
reference_url http://www.openwall.com/lists/oss-security/2025/06/04/5
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/04/5
34
reference_url http://www.openwall.com/lists/oss-security/2025/06/10/2
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/10/2
35
reference_url http://www.openwall.com/lists/oss-security/2025/06/10/3
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/10/3
36
reference_url http://www.openwall.com/lists/oss-security/2025/06/10/4
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/10/4
37
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107282
reference_id 1107282
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107282
38
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2370365
reference_id 2370365
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2370365
39
reference_url https://security.archlinux.org/ASA-202506-6
reference_id ASA-202506-6
reference_type
scores
url https://security.archlinux.org/ASA-202506-6
40
reference_url https://security.archlinux.org/AVG-2894
reference_id AVG-2894
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2894
41
reference_url https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/
reference_id bugfix-releases
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/
url https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/
42
reference_url https://groups.google.com/g/django-announce
reference_id django-announce
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/
url https://groups.google.com/g/django-announce
43
reference_url https://access.redhat.com/errata/RHSA-2025:14686
reference_id RHSA-2025:14686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14686
44
reference_url https://access.redhat.com/errata/RHSA-2025:16487
reference_id RHSA-2025:16487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16487
45
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id security
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/
url https://docs.djangoproject.com/en/dev/releases/security/
46
reference_url https://www.djangoproject.com/weblog/2025/jun/04/security-releases/
reference_id security-releases
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/
url https://www.djangoproject.com/weblog/2025/jun/04/security-releases/
47
reference_url https://usn.ubuntu.com/7555-1/
reference_id USN-7555-1
reference_type
scores
url https://usn.ubuntu.com/7555-1/
fixed_packages
0
url pkg:pypi/django@4.2.22
purl pkg:pypi/django@4.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-4xtu-yeh2-pbc8
2
vulnerability VCID-72z9-v49q-vbcc
3
vulnerability VCID-81b9-uqyv-kkhm
4
vulnerability VCID-beas-dwx6-1ffp
5
vulnerability VCID-db6w-yj8t-sfg4
6
vulnerability VCID-dh5p-grha-r7a2
7
vulnerability VCID-dqpz-q718-pkas
8
vulnerability VCID-e331-cbgc-hubm
9
vulnerability VCID-fwwm-7y13-y3dx
10
vulnerability VCID-hb8n-gwz6-9yd9
11
vulnerability VCID-jdjc-ygtk-c7hv
12
vulnerability VCID-pmhc-yu6r-uudy
13
vulnerability VCID-pn2d-2euz-pudt
14
vulnerability VCID-q3sw-jd7p-1yg1
15
vulnerability VCID-r3dj-t213-jyhh
16
vulnerability VCID-sbwy-buwj-gkd2
17
vulnerability VCID-xkrz-p214-hqhp
18
vulnerability VCID-zr7g-1xkm-fqdw
19
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.22
1
url pkg:pypi/django@5.1.10
purl pkg:pypi/django@5.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-72z9-v49q-vbcc
1
vulnerability VCID-81b9-uqyv-kkhm
2
vulnerability VCID-beas-dwx6-1ffp
3
vulnerability VCID-db6w-yj8t-sfg4
4
vulnerability VCID-fwwm-7y13-y3dx
5
vulnerability VCID-pmhc-yu6r-uudy
6
vulnerability VCID-xkrz-p214-hqhp
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.10
2
url pkg:pypi/django@5.2.2
purl pkg:pypi/django@5.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-13q1-fzeg-bfd9
1
vulnerability VCID-1g9h-ryet-2ffs
2
vulnerability VCID-1mp4-kq35-1ba7
3
vulnerability VCID-4xtu-yeh2-pbc8
4
vulnerability VCID-72z9-v49q-vbcc
5
vulnerability VCID-81b9-uqyv-kkhm
6
vulnerability VCID-8tz7-vjwz-rycs
7
vulnerability VCID-beas-dwx6-1ffp
8
vulnerability VCID-db6w-yj8t-sfg4
9
vulnerability VCID-dh5p-grha-r7a2
10
vulnerability VCID-dqpz-q718-pkas
11
vulnerability VCID-e331-cbgc-hubm
12
vulnerability VCID-fwwm-7y13-y3dx
13
vulnerability VCID-h5qf-zbcz-qygg
14
vulnerability VCID-hb8n-gwz6-9yd9
15
vulnerability VCID-jdjc-ygtk-c7hv
16
vulnerability VCID-m4mg-yd86-dyfw
17
vulnerability VCID-n915-wj16-wka6
18
vulnerability VCID-pmhc-yu6r-uudy
19
vulnerability VCID-pn2d-2euz-pudt
20
vulnerability VCID-q3sw-jd7p-1yg1
21
vulnerability VCID-r3dj-t213-jyhh
22
vulnerability VCID-sbwy-buwj-gkd2
23
vulnerability VCID-tvk1-4am9-f3cf
24
vulnerability VCID-xkrz-p214-hqhp
25
vulnerability VCID-z7sj-r61n-qbcd
26
vulnerability VCID-zr7g-1xkm-fqdw
27
vulnerability VCID-zztc-4be5-fker
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.2
aliases BIT-django-2025-48432, CVE-2025-48432, GHSA-7xr5-9hcq-chf9, PYSEC-2025-47
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ycc8-7k6j-4kbf
Fixing_vulnerabilities
0
url VCID-c7he-58dt-gke1
vulnerability_id VCID-c7he-58dt-gke1
summary An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link.
references
0
reference_url https://docs.djangoproject.com/en/dev/releases/1.11.21/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/1.11.21/
1
reference_url https://docs.djangoproject.com/en/dev/releases/2.1.9/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/2.1.9/
2
reference_url https://docs.djangoproject.com/en/dev/releases/2.2.2/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/2.2.2/
3
reference_url https://groups.google.com/forum/#!topic/django-announce/GEbHU7YoVz8
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/django-announce/GEbHU7YoVz8
4
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00001.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/06/msg00001.html
5
reference_url https://lists.debian.org/debian-lts-announce/2019/07/msg00001.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/07/msg00001.html
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G/
7
reference_url https://seclists.org/bugtraq/2019/Jul/10
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2019/Jul/10
8
reference_url https://usn.ubuntu.com/4043-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4043-1/
9
reference_url https://www.debian.org/security/2019/dsa-4476
reference_id
reference_type
scores
url https://www.debian.org/security/2019/dsa-4476
10
reference_url https://www.djangoproject.com/weblog/2019/jun/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/jun/03/security-releases/
11
reference_url http://www.securityfocus.com/bid/108559
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/108559
fixed_packages
0
url pkg:pypi/django@1.11.21
purl pkg:pypi/django@1.11.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dx7-qahc-d3ex
1
vulnerability VCID-2hue-z18t-nkbf
2
vulnerability VCID-3952-bt3z-7qem
3
vulnerability VCID-3n19-vhd3-1qgw
4
vulnerability VCID-7xx2-z2tg-7khd
5
vulnerability VCID-8uyx-7dub-hka9
6
vulnerability VCID-beas-dwx6-1ffp
7
vulnerability VCID-bymm-qrt6-37d4
8
vulnerability VCID-dahb-k16x-vuf8
9
vulnerability VCID-db6w-yj8t-sfg4
10
vulnerability VCID-embu-nr2v-8ka8
11
vulnerability VCID-jg94-y9zx-dfaw
12
vulnerability VCID-rr1h-qzgv-q7d5
13
vulnerability VCID-tudc-7sgh-nkda
14
vulnerability VCID-u9dr-ca2g-e3hk
15
vulnerability VCID-v9gk-3pqk-a7cr
16
vulnerability VCID-vcqt-n2pk-kyeb
17
vulnerability VCID-wpt2-535q-3yfe
18
vulnerability VCID-xkrz-p214-hqhp
19
vulnerability VCID-xmun-auq2-mqhw
20
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.21
1
url pkg:pypi/django@2.1.9
purl pkg:pypi/django@2.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dx7-qahc-d3ex
1
vulnerability VCID-2hue-z18t-nkbf
2
vulnerability VCID-3952-bt3z-7qem
3
vulnerability VCID-3n19-vhd3-1qgw
4
vulnerability VCID-7xx2-z2tg-7khd
5
vulnerability VCID-b5wa-f184-b3da
6
vulnerability VCID-beas-dwx6-1ffp
7
vulnerability VCID-bymm-qrt6-37d4
8
vulnerability VCID-dahb-k16x-vuf8
9
vulnerability VCID-db6w-yj8t-sfg4
10
vulnerability VCID-embu-nr2v-8ka8
11
vulnerability VCID-jg94-y9zx-dfaw
12
vulnerability VCID-rcfr-czct-xucv
13
vulnerability VCID-rr1h-qzgv-q7d5
14
vulnerability VCID-tudc-7sgh-nkda
15
vulnerability VCID-u9dr-ca2g-e3hk
16
vulnerability VCID-v9gk-3pqk-a7cr
17
vulnerability VCID-wpt2-535q-3yfe
18
vulnerability VCID-xkrz-p214-hqhp
19
vulnerability VCID-xmun-auq2-mqhw
20
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.9
2
url pkg:pypi/django@2.2.2
purl pkg:pypi/django@2.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2dx7-qahc-d3ex
2
vulnerability VCID-2hue-z18t-nkbf
3
vulnerability VCID-2qu4-qayw-a7ec
4
vulnerability VCID-2sve-8b9b-hud7
5
vulnerability VCID-38w8-jbku-eugu
6
vulnerability VCID-3952-bt3z-7qem
7
vulnerability VCID-3n19-vhd3-1qgw
8
vulnerability VCID-5zzj-9ez5-6ub1
9
vulnerability VCID-6uja-brvn-rufw
10
vulnerability VCID-7xx2-z2tg-7khd
11
vulnerability VCID-8uyx-7dub-hka9
12
vulnerability VCID-9qxj-9mb9-7bcv
13
vulnerability VCID-b5wa-f184-b3da
14
vulnerability VCID-beas-dwx6-1ffp
15
vulnerability VCID-bymm-qrt6-37d4
16
vulnerability VCID-cece-1mun-ckgh
17
vulnerability VCID-dahb-k16x-vuf8
18
vulnerability VCID-db6w-yj8t-sfg4
19
vulnerability VCID-djh3-m1t4-2qe1
20
vulnerability VCID-dttw-t3a9-gbbn
21
vulnerability VCID-embu-nr2v-8ka8
22
vulnerability VCID-gtkn-prux-vbdb
23
vulnerability VCID-j3bz-6jqe-ffgm
24
vulnerability VCID-jg94-y9zx-dfaw
25
vulnerability VCID-nwtr-br34-qkbv
26
vulnerability VCID-rcfr-czct-xucv
27
vulnerability VCID-rr1h-qzgv-q7d5
28
vulnerability VCID-tudc-7sgh-nkda
29
vulnerability VCID-u9dr-ca2g-e3hk
30
vulnerability VCID-v9gk-3pqk-a7cr
31
vulnerability VCID-vc8c-7qn1-9uaz
32
vulnerability VCID-vcqt-n2pk-kyeb
33
vulnerability VCID-w3dy-chny-5fbc
34
vulnerability VCID-wpt2-535q-3yfe
35
vulnerability VCID-x1qk-bs7j-63ch
36
vulnerability VCID-x91x-cxp9-4fgp
37
vulnerability VCID-xkrz-p214-hqhp
38
vulnerability VCID-xmun-auq2-mqhw
39
vulnerability VCID-ycc8-7k6j-4kbf
40
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.2
aliases PYSEC-2019-9
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c7he-58dt-gke1
1
url VCID-y7dr-jvg4-xua8
vulnerability_id VCID-y7dr-jvg4-xua8
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12308.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12308.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12308
reference_id
reference_type
scores
0
value 0.02803
scoring_system epss
scoring_elements 0.86438
published_at 2026-06-11T12:55:00Z
1
value 0.02803
scoring_system epss
scoring_elements 0.8649
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12308
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12308
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12308
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12781
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12781
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6975
5
reference_url https://docs.djangoproject.com/en/dev/releases/1.11.21
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/1.11.21
6
reference_url https://docs.djangoproject.com/en/dev/releases/1.11.21/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/1.11.21/
7
reference_url https://docs.djangoproject.com/en/dev/releases/2.1.9
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/2.1.9
8
reference_url https://docs.djangoproject.com/en/dev/releases/2.1.9/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/2.1.9/
9
reference_url https://docs.djangoproject.com/en/dev/releases/2.2.2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/2.2.2
10
reference_url https://docs.djangoproject.com/en/dev/releases/2.2.2/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/2.2.2/
11
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
14
reference_url https://github.com/django/django/commit/09186a13d975de6d049f8b3e05484f66b01ece62
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/09186a13d975de6d049f8b3e05484f66b01ece62
15
reference_url https://github.com/django/django/commit/afddabf8428ddc89a332f7a78d0d21eaf2b5a673
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/afddabf8428ddc89a332f7a78d0d21eaf2b5a673
16
reference_url https://github.com/django/django/commit/c238701859a52d584f349cce15d56c8e8137c52b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c238701859a52d584f349cce15d56c8e8137c52b
17
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-79.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-79.yaml
18
reference_url https://groups.google.com/forum/#!topic/django-announce/GEbHU7YoVz8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/GEbHU7YoVz8
19
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00001.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/06/msg00001.html
20
reference_url https://lists.debian.org/debian-lts-announce/2019/07/msg00001.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/07/msg00001.html
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G/
23
reference_url https://seclists.org/bugtraq/2019/Jul/10
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Jul/10
24
reference_url https://usn.ubuntu.com/4043-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4043-1
25
reference_url https://usn.ubuntu.com/4043-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4043-1/
26
reference_url https://www.debian.org/security/2019/dsa-4476
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4476
27
reference_url https://www.djangoproject.com/weblog/2019/jun/03/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/jun/03/security-releases
28
reference_url https://www.djangoproject.com/weblog/2019/jun/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/jun/03/security-releases/
29
reference_url http://www.securityfocus.com/bid/108559
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/108559
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1715915
reference_id 1715915
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1715915
31
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929927
reference_id 929927
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929927
32
reference_url https://security.archlinux.org/ASA-201906-2
reference_id ASA-201906-2
reference_type
scores
url https://security.archlinux.org/ASA-201906-2
33
reference_url https://security.archlinux.org/AVG-969
reference_id AVG-969
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-969
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12308
reference_id CVE-2019-12308
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12308
35
reference_url https://github.com/advisories/GHSA-7rp2-fm2h-wchj
reference_id GHSA-7rp2-fm2h-wchj
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-7rp2-fm2h-wchj
fixed_packages
0
url pkg:pypi/django@1.11.21
purl pkg:pypi/django@1.11.21
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dx7-qahc-d3ex
1
vulnerability VCID-2hue-z18t-nkbf
2
vulnerability VCID-3952-bt3z-7qem
3
vulnerability VCID-3n19-vhd3-1qgw
4
vulnerability VCID-7xx2-z2tg-7khd
5
vulnerability VCID-8uyx-7dub-hka9
6
vulnerability VCID-beas-dwx6-1ffp
7
vulnerability VCID-bymm-qrt6-37d4
8
vulnerability VCID-dahb-k16x-vuf8
9
vulnerability VCID-db6w-yj8t-sfg4
10
vulnerability VCID-embu-nr2v-8ka8
11
vulnerability VCID-jg94-y9zx-dfaw
12
vulnerability VCID-rr1h-qzgv-q7d5
13
vulnerability VCID-tudc-7sgh-nkda
14
vulnerability VCID-u9dr-ca2g-e3hk
15
vulnerability VCID-v9gk-3pqk-a7cr
16
vulnerability VCID-vcqt-n2pk-kyeb
17
vulnerability VCID-wpt2-535q-3yfe
18
vulnerability VCID-xkrz-p214-hqhp
19
vulnerability VCID-xmun-auq2-mqhw
20
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.21
1
url pkg:pypi/django@2.1.9
purl pkg:pypi/django@2.1.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dx7-qahc-d3ex
1
vulnerability VCID-2hue-z18t-nkbf
2
vulnerability VCID-3952-bt3z-7qem
3
vulnerability VCID-3n19-vhd3-1qgw
4
vulnerability VCID-7xx2-z2tg-7khd
5
vulnerability VCID-b5wa-f184-b3da
6
vulnerability VCID-beas-dwx6-1ffp
7
vulnerability VCID-bymm-qrt6-37d4
8
vulnerability VCID-dahb-k16x-vuf8
9
vulnerability VCID-db6w-yj8t-sfg4
10
vulnerability VCID-embu-nr2v-8ka8
11
vulnerability VCID-jg94-y9zx-dfaw
12
vulnerability VCID-rcfr-czct-xucv
13
vulnerability VCID-rr1h-qzgv-q7d5
14
vulnerability VCID-tudc-7sgh-nkda
15
vulnerability VCID-u9dr-ca2g-e3hk
16
vulnerability VCID-v9gk-3pqk-a7cr
17
vulnerability VCID-wpt2-535q-3yfe
18
vulnerability VCID-xkrz-p214-hqhp
19
vulnerability VCID-xmun-auq2-mqhw
20
vulnerability VCID-ycc8-7k6j-4kbf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.9
2
url pkg:pypi/django@2.2.2
purl pkg:pypi/django@2.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27gm-2u1q-skh1
1
vulnerability VCID-2dx7-qahc-d3ex
2
vulnerability VCID-2hue-z18t-nkbf
3
vulnerability VCID-2qu4-qayw-a7ec
4
vulnerability VCID-2sve-8b9b-hud7
5
vulnerability VCID-38w8-jbku-eugu
6
vulnerability VCID-3952-bt3z-7qem
7
vulnerability VCID-3n19-vhd3-1qgw
8
vulnerability VCID-5zzj-9ez5-6ub1
9
vulnerability VCID-6uja-brvn-rufw
10
vulnerability VCID-7xx2-z2tg-7khd
11
vulnerability VCID-8uyx-7dub-hka9
12
vulnerability VCID-9qxj-9mb9-7bcv
13
vulnerability VCID-b5wa-f184-b3da
14
vulnerability VCID-beas-dwx6-1ffp
15
vulnerability VCID-bymm-qrt6-37d4
16
vulnerability VCID-cece-1mun-ckgh
17
vulnerability VCID-dahb-k16x-vuf8
18
vulnerability VCID-db6w-yj8t-sfg4
19
vulnerability VCID-djh3-m1t4-2qe1
20
vulnerability VCID-dttw-t3a9-gbbn
21
vulnerability VCID-embu-nr2v-8ka8
22
vulnerability VCID-gtkn-prux-vbdb
23
vulnerability VCID-j3bz-6jqe-ffgm
24
vulnerability VCID-jg94-y9zx-dfaw
25
vulnerability VCID-nwtr-br34-qkbv
26
vulnerability VCID-rcfr-czct-xucv
27
vulnerability VCID-rr1h-qzgv-q7d5
28
vulnerability VCID-tudc-7sgh-nkda
29
vulnerability VCID-u9dr-ca2g-e3hk
30
vulnerability VCID-v9gk-3pqk-a7cr
31
vulnerability VCID-vc8c-7qn1-9uaz
32
vulnerability VCID-vcqt-n2pk-kyeb
33
vulnerability VCID-w3dy-chny-5fbc
34
vulnerability VCID-wpt2-535q-3yfe
35
vulnerability VCID-x1qk-bs7j-63ch
36
vulnerability VCID-x91x-cxp9-4fgp
37
vulnerability VCID-xkrz-p214-hqhp
38
vulnerability VCID-xmun-auq2-mqhw
39
vulnerability VCID-ycc8-7k6j-4kbf
40
vulnerability VCID-ymm2-ns18-wkcw
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.2
aliases CVE-2019-12308, GHSA-7rp2-fm2h-wchj, PYSEC-2019-79
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y7dr-jvg4-xua8
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.21