{"url":"http://public2.vulnerablecode.io/api/packages/18190?format=json","purl":"pkg:pypi/django@3.0.10","type":"pypi","namespace":"","name":"django","version":"3.0.10","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"3.1.14","latest_non_vulnerable_version":"6.0.5","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7347?format=json","vulnerability_id":"VCID-9mpt-zxaw-kkeg","summary":"multiple issues","references":[{"reference_url":"https://docs.djangoproject.com/en/3.2/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/3.2/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-68w8-qjq3-2gfm","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-68w8-qjq3-2gfm"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://www.djangoproject.com/weblog/2021/jun/02/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2021/jun/02/security-releases/"},{"reference_url":"https://security.archlinux.org/ASA-202106-41","reference_id":"ASA-202106-41","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-41"},{"reference_url":"https://security.archlinux.org/AVG-2026","reference_id":"AVG-2026","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2026"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22502?format=json","purl":"pkg:pypi/django@3.1.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4pb2-tqru-uufs"},{"vulnerability":"VCID-n9vn-4uxr-hkau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12"},{"url":"http://public2.vulnerablecode.io/api/packages/22503?format=json","purl":"pkg:pypi/django@3.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29qk-rv5n-efbm"},{"vulnerability":"VCID-2n2n-1fq2-7bbs"},{"vulnerability":"VCID-4pb2-tqru-uufs"},{"vulnerability":"VCID-4z4e-8ttu-tyd6"},{"vulnerability":"VCID-51tx-4tp9-kbcz"},{"vulnerability":"VCID-6jpg-yrf8-cufy"},{"vulnerability":"VCID-9end-mq19-rke5"},{"vulnerability":"VCID-am3f-c5ex-8ff2"},{"vulnerability":"VCID-attf-6gj8-ebaj"},{"vulnerability":"VCID-au8h-vj9k-pufv"},{"vulnerability":"VCID-drwp-htkk-bkfh"},{"vulnerability":"VCID-f4a7-tcz5-byfj"},{"vulnerability":"VCID-fksk-pr23-2yd8"},{"vulnerability":"VCID-fsaw-3ta1-x3dw"},{"vulnerability":"VCID-m1dr-sjmw-jfd2"},{"vulnerability":"VCID-m33h-4p9q-63fb"},{"vulnerability":"VCID-n9vn-4uxr-hkau"},{"vulnerability":"VCID-nss9-1yrb-x7f2"},{"vulnerability":"VCID-qgp1-4efd-6yg6"},{"vulnerability":"VCID-yuda-1mur-8bbq"},{"vulnerability":"VCID-z6tf-z1y9-cydq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4"}],"aliases":["CVE-2021-33203","GHSA-68w8-qjq3-2gfm","PYSEC-2021-98"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mpt-zxaw-kkeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35768?format=json","vulnerability_id":"VCID-fhp8-tck4-mye4","summary":"In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.","references":[{"reference_url":"https://docs.djangoproject.com/en/3.1/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/3.1/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-xgxc-v2qg-chmh","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xgxc-v2qg-chmh"},{"reference_url":"https://groups.google.com/g/django-announce/c/ePr5j-ngdPU","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/g/django-announce/c/ePr5j-ngdPU"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00008.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE/"},{"reference_url":"https://www.djangoproject.com/weblog/2021/apr/06/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2021/apr/06/security-releases/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20557?format=json","purl":"pkg:pypi/django@3.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9mpt-zxaw-kkeg"},{"vulnerability":"VCID-z4x1-e7tp-rqhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/20558?format=json","purl":"pkg:pypi/django@3.1.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4pb2-tqru-uufs"},{"vulnerability":"VCID-9mpt-zxaw-kkeg"},{"vulnerability":"VCID-j81e-su1y-tqa6"},{"vulnerability":"VCID-n9vn-4uxr-hkau"},{"vulnerability":"VCID-u9q1-63gf-7feh"},{"vulnerability":"VCID-z4x1-e7tp-rqhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.8"}],"aliases":["CVE-2021-28658","GHSA-xgxc-v2qg-chmh","PYSEC-2021-6"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fhp8-tck4-mye4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35716?format=json","vulnerability_id":"VCID-q8r2-m9s6-rbek","summary":"In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by \"startapp --template\" and \"startproject --template\") allows directory traversal via an archive with absolute paths or relative paths with dot segments.","references":[{"reference_url":"https://docs.djangoproject.com/en/3.1/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/3.1/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-fvgf-6h6h-3322","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fvgf-6h6h-3322"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YF52FKEH5S2P5CM4X7IXSYG67YY2CDOO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YF52FKEH5S2P5CM4X7IXSYG67YY2CDOO/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210226-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20210226-0004/"},{"reference_url":"https://www.djangoproject.com/weblog/2021/feb/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2021/feb/01/security-releases/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19837?format=json","purl":"pkg:pypi/django@3.0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9mpt-zxaw-kkeg"},{"vulnerability":"VCID-fhp8-tck4-mye4"},{"vulnerability":"VCID-z4x1-e7tp-rqhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/19838?format=json","purl":"pkg:pypi/django@3.1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4pb2-tqru-uufs"},{"vulnerability":"VCID-9mpt-zxaw-kkeg"},{"vulnerability":"VCID-fhp8-tck4-mye4"},{"vulnerability":"VCID-j81e-su1y-tqa6"},{"vulnerability":"VCID-n9vn-4uxr-hkau"},{"vulnerability":"VCID-u9q1-63gf-7feh"},{"vulnerability":"VCID-z4x1-e7tp-rqhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.6"}],"aliases":["CVE-2021-3281","GHSA-fvgf-6h6h-3322","PYSEC-2021-9"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q8r2-m9s6-rbek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7346?format=json","vulnerability_id":"VCID-z4x1-e7tp-rqhz","summary":"multiple issues","references":[{"reference_url":"https://docs.djangoproject.com/en/3.2/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/3.2/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-p99v-5w3c-jqq9","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-p99v-5w3c-jqq9"},{"reference_url":"https://groups.google.com/g/django-announce/c/sPyjSKMi8Eo","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/g/django-announce/c/sPyjSKMi8Eo"},{"reference_url":"https://www.djangoproject.com/weblog/2021/jun/02/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2021/jun/02/security-releases/"},{"reference_url":"https://security.archlinux.org/ASA-202106-41","reference_id":"ASA-202106-41","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-41"},{"reference_url":"https://security.archlinux.org/AVG-2026","reference_id":"AVG-2026","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2026"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/22502?format=json","purl":"pkg:pypi/django@3.1.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4pb2-tqru-uufs"},{"vulnerability":"VCID-n9vn-4uxr-hkau"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12"},{"url":"http://public2.vulnerablecode.io/api/packages/22503?format=json","purl":"pkg:pypi/django@3.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29qk-rv5n-efbm"},{"vulnerability":"VCID-2n2n-1fq2-7bbs"},{"vulnerability":"VCID-4pb2-tqru-uufs"},{"vulnerability":"VCID-4z4e-8ttu-tyd6"},{"vulnerability":"VCID-51tx-4tp9-kbcz"},{"vulnerability":"VCID-6jpg-yrf8-cufy"},{"vulnerability":"VCID-9end-mq19-rke5"},{"vulnerability":"VCID-am3f-c5ex-8ff2"},{"vulnerability":"VCID-attf-6gj8-ebaj"},{"vulnerability":"VCID-au8h-vj9k-pufv"},{"vulnerability":"VCID-drwp-htkk-bkfh"},{"vulnerability":"VCID-f4a7-tcz5-byfj"},{"vulnerability":"VCID-fksk-pr23-2yd8"},{"vulnerability":"VCID-fsaw-3ta1-x3dw"},{"vulnerability":"VCID-m1dr-sjmw-jfd2"},{"vulnerability":"VCID-m33h-4p9q-63fb"},{"vulnerability":"VCID-n9vn-4uxr-hkau"},{"vulnerability":"VCID-nss9-1yrb-x7f2"},{"vulnerability":"VCID-qgp1-4efd-6yg6"},{"vulnerability":"VCID-yuda-1mur-8bbq"},{"vulnerability":"VCID-z6tf-z1y9-cydq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4"}],"aliases":["CVE-2021-33571","GHSA-p99v-5w3c-jqq9","PYSEC-2021-99"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z4x1-e7tp-rqhz"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35612?format=json","vulnerability_id":"VCID-hh9b-52xn-z7a9","summary":"An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077.","references":[{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-fr28-569j-53c4","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fr28-569j-53c4"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/Gdqn58RqIDM","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/Gdqn58RqIDM"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/zFCMdgUnutU","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/zFCMdgUnutU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200918-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200918-0004/"},{"reference_url":"https://usn.ubuntu.com/4479-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4479-1/"},{"reference_url":"https://www.djangoproject.com/weblog/2020/sep/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2020/sep/01/security-releases/"},{"reference_url":"https://www.openwall.com/lists/oss-security/2020/09/01/2","reference_id":"","reference_type":"","scores":[],"url":"https://www.openwall.com/lists/oss-security/2020/09/01/2"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2021.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujan2021.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18189?format=json","purl":"pkg:pypi/django@2.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-51tx-4tp9-kbcz"},{"vulnerability":"VCID-6jpg-yrf8-cufy"},{"vulnerability":"VCID-9end-mq19-rke5"},{"vulnerability":"VCID-9mpt-zxaw-kkeg"},{"vulnerability":"VCID-attf-6gj8-ebaj"},{"vulnerability":"VCID-drwp-htkk-bkfh"},{"vulnerability":"VCID-fhp8-tck4-mye4"},{"vulnerability":"VCID-fksk-pr23-2yd8"},{"vulnerability":"VCID-j81e-su1y-tqa6"},{"vulnerability":"VCID-n9vn-4uxr-hkau"},{"vulnerability":"VCID-nss9-1yrb-x7f2"},{"vulnerability":"VCID-q8r2-m9s6-rbek"},{"vulnerability":"VCID-u9q1-63gf-7feh"},{"vulnerability":"VCID-z4x1-e7tp-rqhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.16"},{"url":"http://public2.vulnerablecode.io/api/packages/18190?format=json","purl":"pkg:pypi/django@3.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9mpt-zxaw-kkeg"},{"vulnerability":"VCID-fhp8-tck4-mye4"},{"vulnerability":"VCID-q8r2-m9s6-rbek"},{"vulnerability":"VCID-z4x1-e7tp-rqhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/18191?format=json","purl":"pkg:pypi/django@3.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4pb2-tqru-uufs"},{"vulnerability":"VCID-9mpt-zxaw-kkeg"},{"vulnerability":"VCID-fhp8-tck4-mye4"},{"vulnerability":"VCID-j81e-su1y-tqa6"},{"vulnerability":"VCID-n9vn-4uxr-hkau"},{"vulnerability":"VCID-q8r2-m9s6-rbek"},{"vulnerability":"VCID-u9q1-63gf-7feh"},{"vulnerability":"VCID-z4x1-e7tp-rqhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.1"}],"aliases":["CVE-2020-24584","GHSA-fr28-569j-53c4","PYSEC-2020-34"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hh9b-52xn-z7a9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35613?format=json","vulnerability_id":"VCID-qvfs-2v1h-p3h4","summary":"An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.","references":[{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-m6gj-h9gm-gw44","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m6gj-h9gm-gw44"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/Gdqn58RqIDM","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/Gdqn58RqIDM"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/zFCMdgUnutU","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/zFCMdgUnutU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200918-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200918-0004/"},{"reference_url":"https://usn.ubuntu.com/4479-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4479-1/"},{"reference_url":"https://www.djangoproject.com/weblog/2020/sep/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2020/sep/01/security-releases/"},{"reference_url":"https://www.openwall.com/lists/oss-security/2020/09/01/2","reference_id":"","reference_type":"","scores":[],"url":"https://www.openwall.com/lists/oss-security/2020/09/01/2"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2021.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujan2021.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18189?format=json","purl":"pkg:pypi/django@2.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-51tx-4tp9-kbcz"},{"vulnerability":"VCID-6jpg-yrf8-cufy"},{"vulnerability":"VCID-9end-mq19-rke5"},{"vulnerability":"VCID-9mpt-zxaw-kkeg"},{"vulnerability":"VCID-attf-6gj8-ebaj"},{"vulnerability":"VCID-drwp-htkk-bkfh"},{"vulnerability":"VCID-fhp8-tck4-mye4"},{"vulnerability":"VCID-fksk-pr23-2yd8"},{"vulnerability":"VCID-j81e-su1y-tqa6"},{"vulnerability":"VCID-n9vn-4uxr-hkau"},{"vulnerability":"VCID-nss9-1yrb-x7f2"},{"vulnerability":"VCID-q8r2-m9s6-rbek"},{"vulnerability":"VCID-u9q1-63gf-7feh"},{"vulnerability":"VCID-z4x1-e7tp-rqhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.16"},{"url":"http://public2.vulnerablecode.io/api/packages/18190?format=json","purl":"pkg:pypi/django@3.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9mpt-zxaw-kkeg"},{"vulnerability":"VCID-fhp8-tck4-mye4"},{"vulnerability":"VCID-q8r2-m9s6-rbek"},{"vulnerability":"VCID-z4x1-e7tp-rqhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/18191?format=json","purl":"pkg:pypi/django@3.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4pb2-tqru-uufs"},{"vulnerability":"VCID-9mpt-zxaw-kkeg"},{"vulnerability":"VCID-fhp8-tck4-mye4"},{"vulnerability":"VCID-j81e-su1y-tqa6"},{"vulnerability":"VCID-n9vn-4uxr-hkau"},{"vulnerability":"VCID-q8r2-m9s6-rbek"},{"vulnerability":"VCID-u9q1-63gf-7feh"},{"vulnerability":"VCID-z4x1-e7tp-rqhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.1"}],"aliases":["CVE-2020-24583","GHSA-m6gj-h9gm-gw44","PYSEC-2020-33"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qvfs-2v1h-p3h4"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.10"}