{"url":"http://public2.vulnerablecode.io/api/packages/20623?format=json","purl":"pkg:pypi/django@1.0.3","type":"pypi","namespace":"","name":"django","version":"1.0.3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.7rc3","latest_non_vulnerable_version":"6.0.6","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/114302?format=json","vulnerability_id":"VCID-14vg-wbxe-6ffj","summary":"security update","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2015-0026.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2015-0026.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0220.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0220.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0220","reference_id":"","reference_type":"","scores":[{"value":"0.02154","scoring_system":"epss","scoring_elements":"0.84635","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0220"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0219","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0219"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0220","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0220"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0221"},{"reference_url":"http://secunia.com/advisories/62285","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62285"},{"reference_url":"http://secunia.com/advisories/62309","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62309"},{"reference_url":"http://secunia.com/advisories/62718","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62718"},{"reference_url":"https://github.com/advisories/GHSA-gv98-g628-m9x5","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gv98-g628-m9x5"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.4.18.txt#L34-L46","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.4.18.txt#L34-L46"},{"reference_url":"https://github.com/django/django/commit/4c241f1b710da6419d9dca160e80b23b82db7758","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/4c241f1b710da6419d9dca160e80b23b82db7758"},{"reference_url":"https://github.com/django/django/commit/72e0b033662faa11bb7f516f18a132728aa0ae28","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/72e0b033662faa11bb7f516f18a132728aa0ae28"},{"reference_url":"https://github.com/django/django/commit/de67dedc771ad2edec15c1d00c083a1a084e1e89","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/de67dedc771ad2edec15c1d00c083a1a084e1e89"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-5.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-5.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-0220","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-0220"},{"reference_url":"https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62285","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62285"},{"reference_url":"https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109"},{"reference_url":"https://web.archive.org/web/20150523054953/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:036/?name=MDVSA-2015:036","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150523054953/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:036/?name=MDVSA-2015:036"},{"reference_url":"https://web.archive.org/web/20151104201446/http://secunia.com/advisories/62718","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20151104201446/http://secunia.com/advisories/62718"},{"reference_url":"https://www.djangoproject.com/weblog/2015/jan/13/security","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2015/jan/13/security"},{"reference_url":"https://www.djangoproject.com/weblog/2015/jan/13/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2015/jan/13/security/"},{"reference_url":"http://ubuntu.com/usn/usn-2469-1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://ubuntu.com/usn/usn-2469-1"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:036","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:036"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:109","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:109"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179675","reference_id":"1179675","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179675"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375","reference_id":"775375","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375"},{"reference_url":"https://usn.ubuntu.com/2469-1/","reference_id":"USN-2469-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2469-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47120?format=json","purl":"pkg:pypi/django@1.4.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.18"},{"url":"http://public2.vulnerablecode.io/api/packages/47121?format=json","purl":"pkg:pypi/django@1.6.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.10"},{"url":"http://public2.vulnerablecode.io/api/packages/47122?format=json","purl":"pkg:pypi/django@1.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.3"}],"aliases":["CVE-2015-0220","GHSA-gv98-g628-m9x5","PYSEC-2015-5"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-14vg-wbxe-6ffj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/121897?format=json","vulnerability_id":"VCID-1d73-dpsg-wkhk","summary":"security update","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0502.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0502.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0504.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0504.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0505.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0505.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0506.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0506.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2512.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2512.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2512","reference_id":"","reference_type":"","scores":[{"value":"0.01203","scoring_system":"epss","scoring_elements":"0.79341","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2512","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513"},{"reference_url":"https://github.com/advisories/GHSA-pw27-w7w4-9qc7","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-pw27-w7w4-9qc7"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/382ab137312961ad62feb8109d70a5a581fe8350","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/382ab137312961ad62feb8109d70a5a581fe8350"},{"reference_url":"https://github.com/django/django/commit/c5544d289233f501917e25970c03ed444abbd4f0","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c5544d289233f501917e25970c03ed444abbd4f0"},{"reference_url":"https://github.com/django/django/commit/fc6d147a63f89795dbcdecb0559256470fff4380","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/fc6d147a63f89795dbcdecb0559256470fff4380"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-15.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-15.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2512","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2512"},{"reference_url":"https://web.archive.org/web/20210123090815/http://www.securityfocus.com/bid/83879","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210123090815/http://www.securityfocus.com/bid/83879"},{"reference_url":"https://web.archive.org/web/20210413200202/http://www.securitytracker.com/id/1035152","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210413200202/http://www.securitytracker.com/id/1035152"},{"reference_url":"https://www.djangoproject.com/weblog/2016/mar/01/security-releases","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2016/mar/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2016/mar/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2016/mar/01/security-releases/"},{"reference_url":"http://www.debian.org/security/2016/dsa-3544","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2016/dsa-3544"},{"reference_url":"http://www.securityfocus.com/bid/83879","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/83879"},{"reference_url":"http://www.securitytracker.com/id/1035152","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035152"},{"reference_url":"http://www.ubuntu.com/usn/USN-2915-1","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2915-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2915-2","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2915-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2915-3","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2915-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311431","reference_id":"1311431","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311431"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816434","reference_id":"816434","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0502","reference_id":"RHSA-2016:0502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0503","reference_id":"RHSA-2016:0503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0504","reference_id":"RHSA-2016:0504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0504"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0505","reference_id":"RHSA-2016:0505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0506","reference_id":"RHSA-2016:0506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0506"},{"reference_url":"https://usn.ubuntu.com/2915-1/","reference_id":"USN-2915-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2915-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47608?format=json","purl":"pkg:pypi/django@1.8.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-577n-ucjg-9udw"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-ud47-2t6q-pycj"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.10"},{"url":"http://public2.vulnerablecode.io/api/packages/47610?format=json","purl":"pkg:pypi/django@1.9.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.3"}],"aliases":["CVE-2016-2512","GHSA-pw27-w7w4-9qc7","PYSEC-2016-15"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1d73-dpsg-wkhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201116?format=json","vulnerability_id":"VCID-3h63-1xqs-hqc2","summary":"The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete or modify data via unspecified requests.","references":[{"reference_url":"http://osvdb.org/47906","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/47906"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3909","reference_id":"","reference_type":"","scores":[{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.60059","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3909"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=460966","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=460966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3909"},{"reference_url":"http://secunia.com/advisories/31837","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31837"},{"reference_url":"http://secunia.com/advisories/31961","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31961"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/44debfeaa4473bd28872c735dd3d9afde6886752","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/44debfeaa4473bd28872c735dd3d9afde6886752"},{"reference_url":"https://github.com/django/django/commit/7e0972bded362bc4b851c109df2c8a6548481a8e","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/7e0972bded362bc4b851c109df2c8a6548481a8e"},{"reference_url":"https://github.com/django/django/commit/aee48854a164382c655acb9f18b3c06c3d238e81","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/aee48854a164382c655acb9f18b3c06c3d238e81"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2008-2.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2008-2.yaml"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00091.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00091.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00131.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00131.html"},{"reference_url":"http://www.debian.org/security/2008/dsa-1640","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2008/dsa-1640"},{"reference_url":"http://www.djangoproject.com/weblog/2008/sep/02/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.djangoproject.com/weblog/2008/sep/02/security"},{"reference_url":"http://www.djangoproject.com/weblog/2008/sep/02/security/","reference_id":"","reference_type":"","scores":[],"url":"http://www.djangoproject.com/weblog/2008/sep/02/security/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/09/03/4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2008/09/03/4"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2533","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2533"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3909","reference_id":"CVE-2008-3909","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3909"},{"reference_url":"https://github.com/advisories/GHSA-r5cj-wv24-92p5","reference_id":"GHSA-r5cj-wv24-92p5","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r5cj-wv24-92p5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13259?format=json","purl":"pkg:pypi/django@1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4b76-zn8f-sfd1"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-6xp2-48m8-byfr"},{"vulnerability":"VCID-76b8-e9q1-w3ey"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-bbq5-1gpd-nqeh"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cygw-grtf-nydk"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-gze2-htrx-vqdb"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ndqd-kuk7-w3ap"},{"vulnerability":"VCID-neyk-7kmz-wqc9"},{"vulnerability":"VCID-nhzy-7qdm-wbg8"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-p1ft-8wjr-k7fh"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-s37h-qzm1-zubw"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wrts-u1xj-fyec"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xjhj-6qe7-hbe6"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.1"}],"aliases":["CVE-2008-3909","GHSA-r5cj-wv24-92p5","PYSEC-2008-2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3h63-1xqs-hqc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200838?format=json","vulnerability_id":"VCID-4b76-zn8f-sfd1","summary":"Denial of service in django","references":[{"reference_url":"http://openwall.com/lists/oss-security/2011/09/11/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/09/11/1"},{"reference_url":"http://openwall.com/lists/oss-security/2011/09/13/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/09/13/2"},{"reference_url":"http://openwall.com/lists/oss-security/2011/09/15/5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/09/15/5"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4137","reference_id":"","reference_type":"","scores":[{"value":"0.0188","scoring_system":"epss","scoring_elements":"0.83558","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4137"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=737366","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=737366"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4137"},{"reference_url":"http://secunia.com/advisories/46614","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/46614"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/1a76dbefdfc60e2d5954c0ba614c3d054ba9c3f0","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/1a76dbefdfc60e2d5954c0ba614c3d054ba9c3f0"},{"reference_url":"https://github.com/django/django/commit/7268f8af86186518821d775c530d5558fd726930","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/7268f8af86186518821d775c530d5558fd726930"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-2.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-2.yaml"},{"reference_url":"https://hermes.opensuse.org/messages/14700881","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hermes.opensuse.org/messages/14700881"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/09","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2011/sep/09"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2011/sep/09/"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/10/127","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2011/sep/10/127"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/10/127/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2011/sep/10/127/"},{"reference_url":"http://www.debian.org/security/2011/dsa-2332","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2011/dsa-2332"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641405","reference_id":"641405","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641405"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4137","reference_id":"CVE-2011-4137","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4137"},{"reference_url":"https://github.com/advisories/GHSA-3jqw-crqj-w8qw","reference_id":"GHSA-3jqw-crqj-w8qw","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3jqw-crqj-w8qw"},{"reference_url":"https://usn.ubuntu.com/1297-1/","reference_id":"USN-1297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1297-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13265?format=json","purl":"pkg:pypi/django@1.2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/13264?format=json","purl":"pkg:pypi/django@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7vck-9u91-1yca"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-ejv6-3fkp-a7ba"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-qwdg-jeya-fuer"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ywr3-fe5b-ybek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.3.1"}],"aliases":["CVE-2011-4137","GHSA-3jqw-crqj-w8qw","PYSEC-2011-2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4b76-zn8f-sfd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/117786?format=json","vulnerability_id":"VCID-55n8-mzj7-z7hh","summary":"security update","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1678.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1678.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1686.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1686.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5143.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5143.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5143","reference_id":"","reference_type":"","scores":[{"value":"0.15813","scoring_system":"epss","scoring_elements":"0.94891","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5144"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/1828f4341ec53a8684112d24031b767eba557663","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/1828f4341ec53a8684112d24031b767eba557663"},{"reference_url":"https://github.com/django/django/commit/2e47f3e401c29bc2ba5ab794d483cb0820855fb9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/2e47f3e401c29bc2ba5ab794d483cb0820855fb9"},{"reference_url":"https://github.com/django/django/commit/66d12d1ababa8f062857ee5eb43276493720bf16","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/66d12d1ababa8f062857ee5eb43276493720bf16"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-20.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-20.yaml"},{"reference_url":"https://www.djangoproject.com/weblog/2015/jul/08/security-releases","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2015/jul/08/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2015/jul/08/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2015/jul/08/security-releases/"},{"reference_url":"http://www.debian.org/security/2015/dsa-3305","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3305"},{"reference_url":"http://www.securityfocus.com/bid/75666","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/75666"},{"reference_url":"http://www.securitytracker.com/id/1032820","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1032820"},{"reference_url":"http://www.ubuntu.com/usn/USN-2671-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2671-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1239010","reference_id":"1239010","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1239010"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5143","reference_id":"CVE-2015-5143","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5143"},{"reference_url":"https://github.com/advisories/GHSA-h582-2pch-3xv3","reference_id":"GHSA-h582-2pch-3xv3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h582-2pch-3xv3"},{"reference_url":"https://security.gentoo.org/glsa/201510-06","reference_id":"GLSA-201510-06","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201510-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1678","reference_id":"RHSA-2015:1678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1686","reference_id":"RHSA-2015:1686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1686"},{"reference_url":"https://usn.ubuntu.com/2671-1/","reference_id":"USN-2671-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2671-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15434?format=json","purl":"pkg:pypi/django@1.4.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.21"},{"url":"http://public2.vulnerablecode.io/api/packages/15437?format=json","purl":"pkg:pypi/django@1.7.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.9"},{"url":"http://public2.vulnerablecode.io/api/packages/15435?format=json","purl":"pkg:pypi/django@1.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-577n-ucjg-9udw"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-ud47-2t6q-pycj"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.3"}],"aliases":["CVE-2015-5143","GHSA-h582-2pch-3xv3","PYSEC-2015-20"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-55n8-mzj7-z7hh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203739?format=json","vulnerability_id":"VCID-5bnx-5d1x-k3by","summary":"ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2015-0026.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://advisories.mageia.org/MGASA-2015-0026.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0222.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0222.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0222","reference_id":"","reference_type":"","scores":[{"value":"0.0429","scoring_system":"epss","scoring_elements":"0.89103","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0222"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0222","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0222"},{"reference_url":"http://secunia.com/advisories/62285","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62285"},{"reference_url":"http://secunia.com/advisories/62309","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62309"},{"reference_url":"https://github.com/advisories/GHSA-6g95-x6cj-mg4v","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6g95-x6cj-mg4v"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/bcfb47780ce7caecb409a9e9c1c314266e41d392","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/bcfb47780ce7caecb409a9e9c1c314266e41d392"},{"reference_url":"https://github.com/django/django/commit/d7a06ee7e571b6dad07c0f5b519b1db02e2a476c","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/d7a06ee7e571b6dad07c0f5b519b1db02e2a476c"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-7.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-7.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-0222","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-0222"},{"reference_url":"https://web.archive.org/web/20161201073154/http://secunia.com/advisories/62285","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20161201073154/http://secunia.com/advisories/62285"},{"reference_url":"https://web.archive.org/web/20161201073337/http://secunia.com/advisories/62309","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20161201073337/http://secunia.com/advisories/62309"},{"reference_url":"https://www.djangoproject.com/weblog/2015/jan/13/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2015/jan/13/security"},{"reference_url":"https://www.djangoproject.com/weblog/2015/jan/13/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2015/jan/13/security/"},{"reference_url":"http://ubuntu.com/usn/usn-2469-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://ubuntu.com/usn/usn-2469-1"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:109","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:109"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179685","reference_id":"1179685","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179685"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375","reference_id":"775375","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375"},{"reference_url":"https://usn.ubuntu.com/2469-1/","reference_id":"USN-2469-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2469-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47120?format=json","purl":"pkg:pypi/django@1.4.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.18"},{"url":"http://public2.vulnerablecode.io/api/packages/47121?format=json","purl":"pkg:pypi/django@1.6.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.10"},{"url":"http://public2.vulnerablecode.io/api/packages/47122?format=json","purl":"pkg:pypi/django@1.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.3"}],"aliases":["CVE-2015-0222","GHSA-6g95-x6cj-mg4v","PYSEC-2015-7"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5bnx-5d1x-k3by"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201573?format=json","vulnerability_id":"VCID-6xp2-48m8-byfr","summary":"Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a crafted (1) EmailField (email address) or (2) URLField (URL) that triggers a large amount of backtracking in a regular expression.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550457","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550457"},{"reference_url":"http://groups.google.com/group/django-users/browse_thread/thread/15df9e45118dfc51","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://groups.google.com/group/django-users/browse_thread/thread/15df9e45118dfc51"},{"reference_url":"http://groups.google.com/group/django-users/browse_thread/thread/15df9e45118dfc51/","reference_id":"","reference_type":"","scores":[],"url":"http://groups.google.com/group/django-users/browse_thread/thread/15df9e45118dfc51/"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3695.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3695.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3695","reference_id":"","reference_type":"","scores":[{"value":"0.06201","scoring_system":"epss","scoring_elements":"0.91065","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3695"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695"},{"reference_url":"http://secunia.com/advisories/36948","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36948"},{"reference_url":"http://secunia.com/advisories/36968","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36968"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/53727","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/53727"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/594a28a9044120bed58671dde8a805c9e0f6c79a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/594a28a9044120bed58671dde8a805c9e0f6c79a"},{"reference_url":"https://github.com/django/django/commit/e3e992e18b368fcd56aabafc1b5bf80a6e11b495","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/e3e992e18b368fcd56aabafc1b5bf80a6e11b495"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2009-4.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2009-4.yaml"},{"reference_url":"https://web.archive.org/web/20091013093057/http://secunia.com/advisories/36968","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20091013093057/http://secunia.com/advisories/36968"},{"reference_url":"https://web.archive.org/web/20091017070244/http://secunia.com/advisories/36948","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20091017070244/http://secunia.com/advisories/36948"},{"reference_url":"https://web.archive.org/web/20200228171918/http://www.securityfocus.com/bid/36655","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228171918/http://www.securityfocus.com/bid/36655"},{"reference_url":"http://www.debian.org/security/2009/dsa-1905","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2009/dsa-1905"},{"reference_url":"http://www.djangoproject.com/weblog/2009/oct/09/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.djangoproject.com/weblog/2009/oct/09/security"},{"reference_url":"http://www.djangoproject.com/weblog/2009/oct/09/security/","reference_id":"","reference_type":"","scores":[],"url":"http://www.djangoproject.com/weblog/2009/oct/09/security/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/10/13/6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/10/13/6"},{"reference_url":"http://www.securityfocus.com/bid/36655","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/36655"},{"reference_url":"http://www.vupen.com/english/advisories/2009/2871","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/2871"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=528246","reference_id":"528246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=528246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550457","reference_id":"550457","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550457"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3695","reference_id":"CVE-2009-3695","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3695"},{"reference_url":"https://github.com/advisories/GHSA-p6m5-h7pp-v2x5","reference_id":"GHSA-p6m5-h7pp-v2x5","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p6m5-h7pp-v2x5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20663?format=json","purl":"pkg:pypi/django@1.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-3h63-1xqs-hqc2"},{"vulnerability":"VCID-4b76-zn8f-sfd1"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ndqd-kuk7-w3ap"},{"vulnerability":"VCID-neyk-7kmz-wqc9"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-s37h-qzm1-zubw"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-suxb-fvaf-2ug4"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v1nx-71fb-uka9"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wrts-u1xj-fyec"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xjhj-6qe7-hbe6"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-z2j2-py5e-f3e1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/20660?format=json","purl":"pkg:pypi/django@1.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4b76-zn8f-sfd1"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-76b8-e9q1-w3ey"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-bbq5-1gpd-nqeh"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cygw-grtf-nydk"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ndqd-kuk7-w3ap"},{"vulnerability":"VCID-neyk-7kmz-wqc9"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-s37h-qzm1-zubw"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wrts-u1xj-fyec"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xjhj-6qe7-hbe6"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.1.1"}],"aliases":["CVE-2009-3695","GHSA-p6m5-h7pp-v2x5","PYSEC-2009-4"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xp2-48m8-byfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6793?format=json","vulnerability_id":"VCID-7xx2-z2tg-7khd","summary":"","references":[{"reference_url":"http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19844.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19844.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19844","reference_id":"","reference_type":"","scores":[{"value":"0.15418","scoring_system":"epss","scoring_elements":"0.94801","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19844"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26"},{"reference_url":"https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e"},{"reference_url":"https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70"},{"reference_url":"https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/"},{"reference_url":"https://seclists.org/bugtraq/2020/Jan/9","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2020/Jan/9"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200110-0003","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20200110-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200110-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200110-0003/"},{"reference_url":"https://usn.ubuntu.com/4224-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4224-1"},{"reference_url":"https://usn.ubuntu.com/4224-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4224-1/"},{"reference_url":"https://www.debian.org/security/2020/dsa-4598","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2020/dsa-4598"},{"reference_url":"https://www.djangoproject.com/weblog/2019/dec/18/security-releases","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2019/dec/18/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2019/dec/18/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/dec/18/security-releases/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788425","reference_id":"1788425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788425"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937","reference_id":"946937","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937"},{"reference_url":"https://security.archlinux.org/AVG-1080","reference_id":"AVG-1080","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1080"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md","reference_id":"CVE-2019-19844","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19844","reference_id":"CVE-2019-19844","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19844"},{"reference_url":"https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/","reference_id":"CVE-2019-19844","reference_type":"exploit","scores":[],"url":"https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/"},{"reference_url":"https://github.com/advisories/GHSA-vfq6-hq5r-27r6","reference_id":"GHSA-vfq6-hq5r-27r6","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vfq6-hq5r-27r6"},{"reference_url":"https://usn.ubuntu.com/6722-1/","reference_id":"USN-6722-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6722-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15982?format=json","purl":"pkg:pypi/django@1.11.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-vcqt-n2pk-kyeb"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.27"},{"url":"http://public2.vulnerablecode.io/api/packages/15981?format=json","purl":"pkg:pypi/django@2.2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27gm-2u1q-skh1"},{"vulnerability":"VCID-2qu4-qayw-a7ec"},{"vulnerability":"VCID-2sve-8b9b-hud7"},{"vulnerability":"VCID-38w8-jbku-eugu"},{"vulnerability":"VCID-5zzj-9ez5-6ub1"},{"vulnerability":"VCID-6uja-brvn-rufw"},{"vulnerability":"VCID-9qxj-9mb9-7bcv"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cece-1mun-ckgh"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-djh3-m1t4-2qe1"},{"vulnerability":"VCID-dttw-t3a9-gbbn"},{"vulnerability":"VCID-gtkn-prux-vbdb"},{"vulnerability":"VCID-j3bz-6jqe-ffgm"},{"vulnerability":"VCID-nwtr-br34-qkbv"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-vc8c-7qn1-9uaz"},{"vulnerability":"VCID-vcqt-n2pk-kyeb"},{"vulnerability":"VCID-w3dy-chny-5fbc"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-x1qk-bs7j-63ch"},{"vulnerability":"VCID-x91x-cxp9-4fgp"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ymm2-ns18-wkcw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9"},{"url":"http://public2.vulnerablecode.io/api/packages/15980?format=json","purl":"pkg:pypi/django@3.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27gm-2u1q-skh1"},{"vulnerability":"VCID-28ff-ng96-5ugk"},{"vulnerability":"VCID-2qu4-qayw-a7ec"},{"vulnerability":"VCID-9qxj-9mb9-7bcv"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-djh3-m1t4-2qe1"},{"vulnerability":"VCID-dttw-t3a9-gbbn"},{"vulnerability":"VCID-j3bz-6jqe-ffgm"},{"vulnerability":"VCID-nwtr-br34-qkbv"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-vc8c-7qn1-9uaz"},{"vulnerability":"VCID-vcqt-n2pk-kyeb"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-x1qk-bs7j-63ch"},{"vulnerability":"VCID-x91x-cxp9-4fgp"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.1"}],"aliases":["CVE-2019-19844","GHSA-vfq6-hq5r-27r6","PYSEC-2019-16"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7xx2-z2tg-7khd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217846?format=json","vulnerability_id":"VCID-8uyx-7dub-hka9","summary":"Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)","references":[{"reference_url":"http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/"},{"reference_url":"https://seclists.org/bugtraq/2020/Jan/9","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2020/Jan/9"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200110-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200110-0003/"},{"reference_url":"https://usn.ubuntu.com/4224-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4224-1/"},{"reference_url":"https://www.debian.org/security/2020/dsa-4598","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2020/dsa-4598"},{"reference_url":"https://www.djangoproject.com/weblog/2019/dec/18/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/dec/18/security-releases/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15982?format=json","purl":"pkg:pypi/django@1.11.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-vcqt-n2pk-kyeb"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.27"},{"url":"http://public2.vulnerablecode.io/api/packages/15981?format=json","purl":"pkg:pypi/django@2.2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27gm-2u1q-skh1"},{"vulnerability":"VCID-2qu4-qayw-a7ec"},{"vulnerability":"VCID-2sve-8b9b-hud7"},{"vulnerability":"VCID-38w8-jbku-eugu"},{"vulnerability":"VCID-5zzj-9ez5-6ub1"},{"vulnerability":"VCID-6uja-brvn-rufw"},{"vulnerability":"VCID-9qxj-9mb9-7bcv"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cece-1mun-ckgh"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-djh3-m1t4-2qe1"},{"vulnerability":"VCID-dttw-t3a9-gbbn"},{"vulnerability":"VCID-gtkn-prux-vbdb"},{"vulnerability":"VCID-j3bz-6jqe-ffgm"},{"vulnerability":"VCID-nwtr-br34-qkbv"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-vc8c-7qn1-9uaz"},{"vulnerability":"VCID-vcqt-n2pk-kyeb"},{"vulnerability":"VCID-w3dy-chny-5fbc"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-x1qk-bs7j-63ch"},{"vulnerability":"VCID-x91x-cxp9-4fgp"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ymm2-ns18-wkcw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9"}],"aliases":["PYSEC-2019-86"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8uyx-7dub-hka9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202365?format=json","vulnerability_id":"VCID-9749-wxyn-4qb1","summary":"The django.forms.ImageField class in the form system in Django before 1.3.2 and 1.4.x before 1.4.1 completely decompresses image data during image validation, which allows remote attackers to cause a denial of service (memory consumption) by uploading an image file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3443","reference_id":"","reference_type":"","scores":[{"value":"0.01382","scoring_system":"epss","scoring_elements":"0.80713","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3443"},{"reference_url":"https://github.com/advisories/GHSA-59w8-4wm2-4xw8","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-59w8-4wm2-4xw8"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155"},{"reference_url":"https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-3.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-3.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3443","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3443"},{"reference_url":"https://www.debian.org/security/2012/dsa-2529","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2012/dsa-2529"},{"reference_url":"https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued"},{"reference_url":"https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/"},{"reference_url":"https://www.mandriva.com/security/advisories?name=MDVSA-2012:143","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mandriva.com/security/advisories?name=MDVSA-2012:143"},{"reference_url":"https://www.openwall.com/lists/oss-security/2012/07/31/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.openwall.com/lists/oss-security/2012/07/31/1"},{"reference_url":"https://www.openwall.com/lists/oss-security/2012/07/31/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.openwall.com/lists/oss-security/2012/07/31/2"},{"reference_url":"https://www.ubuntu.com/usn/USN-1560-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.ubuntu.com/usn/USN-1560-1"},{"reference_url":"http://www.debian.org/security/2012/dsa-2529","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2012/dsa-2529"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:143","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:143"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/31/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/07/31/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/31/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/07/31/2"},{"reference_url":"http://www.ubuntu.com/usn/USN-1560-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-1560-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364","reference_id":"683364","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364"},{"reference_url":"https://usn.ubuntu.com/1560-1/","reference_id":"USN-1560-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1560-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45661?format=json","purl":"pkg:pypi/django@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7vck-9u91-1yca"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-ejv6-3fkp-a7ba"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-qwdg-jeya-fuer"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ywr3-fe5b-ybek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/45663?format=json","purl":"pkg:pypi/django@1.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7kbt-73z6-wfar"},{"vulnerability":"VCID-7vck-9u91-1yca"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8h18-d5hr-rqas"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dr33-d1ck-wycg"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-ejv6-3fkp-a7ba"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-p1ft-8wjr-k7fh"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-qwdg-jeya-fuer"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v7kk-jbkz-77hf"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-yefp-r2s6-e7fe"},{"vulnerability":"VCID-ywr3-fe5b-ybek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.1"}],"aliases":["CVE-2012-3443","GHSA-59w8-4wm2-4xw8","PYSEC-2012-3"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9749-wxyn-4qb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/119543?format=json","vulnerability_id":"VCID-9mmy-6rvf-1qbp","summary":"security update","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173375.html","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173375.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174770.html","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174770.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00014.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00017.html","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00017.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0129.html","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0129.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0156.html","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0156.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0157.html","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0157.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0158.html","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0158.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8213.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8213.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8213","reference_id":"","reference_type":"","scores":[{"value":"0.02966","scoring_system":"epss","scoring_elements":"0.86797","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8213"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8213","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8213"},{"reference_url":"https://github.com/advisories/GHSA-6wcr-wcqm-3mfh","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6wcr-wcqm-3mfh"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/316bc3fc9437c5960c24baceb93c73f1939711e4","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/316bc3fc9437c5960c24baceb93c73f1939711e4"},{"reference_url":"https://github.com/django/django/commit/3ebbda0aef9e7a90ac6208bb8f9bc21228e2c7da","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/3ebbda0aef9e7a90ac6208bb8f9bc21228e2c7da"},{"reference_url":"https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172"},{"reference_url":"https://github.com/django/django/commit/9f83fc2f66f5a0bac7c291aec55df66050bb6991","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/9f83fc2f66f5a0bac7c291aec55df66050bb6991"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-11.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-11.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8213","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8213"},{"reference_url":"https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued"},{"reference_url":"https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/"},{"reference_url":"http://www.debian.org/security/2015/dsa-3404","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3404"},{"reference_url":"http://www.securityfocus.com/bid/77750","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/77750"},{"reference_url":"http://www.securitytracker.com/id/1034237","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securitytracker.com/id/1034237"},{"reference_url":"http://www.ubuntu.com/usn/USN-2816-1","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2816-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1283553","reference_id":"1283553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1283553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0129","reference_id":"RHSA-2016:0129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0156","reference_id":"RHSA-2016:0156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0157","reference_id":"RHSA-2016:0157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0158","reference_id":"RHSA-2016:0158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0360","reference_id":"RHSA-2016:0360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0360"},{"reference_url":"https://usn.ubuntu.com/2816-1/","reference_id":"USN-2816-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2816-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47511?format=json","purl":"pkg:pypi/django@1.7.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.11"},{"url":"http://public2.vulnerablecode.io/api/packages/47512?format=json","purl":"pkg:pypi/django@1.8.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-577n-ucjg-9udw"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-ud47-2t6q-pycj"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.7"},{"url":"http://public2.vulnerablecode.io/api/packages/47513?format=json","purl":"pkg:pypi/django@1.9rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9rc2"}],"aliases":["CVE-2015-8213","GHSA-6wcr-wcqm-3mfh","PYSEC-2015-11"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mmy-6rvf-1qbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203851?format=json","vulnerability_id":"VCID-a36b-7nxc-5ffg","summary":"Cross-site scripting (XSS) vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a model attribute in ModelAdmin.readonly_fields, as demonstrated by a @property.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2241.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2241.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2241","reference_id":"","reference_type":"","scores":[{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49396","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2241"},{"reference_url":"https://code.djangoproject.com/ticket/24461","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://code.djangoproject.com/ticket/24461"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2241"},{"reference_url":"https://github.com/advisories/GHSA-6565-fg86-6jcx","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6565-fg86-6jcx"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/2654e1b93923bac55f12b4e66c5e39b16695ace5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/2654e1b93923bac55f12b4e66c5e39b16695ace5"},{"reference_url":"https://github.com/django/django/commit/82c9169077a066995e3b00aac551bf1c8a89d98a","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/82c9169077a066995e3b00aac551bf1c8a89d98a"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-8.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-8.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-2241","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-2241"},{"reference_url":"https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109"},{"reference_url":"https://web.archive.org/web/20171112005349/http://www.securityfocus.com/bid/73095","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20171112005349/http://www.securityfocus.com/bid/73095"},{"reference_url":"https://www.djangoproject.com/weblog/2015/mar/09/security-releases","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2015/mar/09/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2015/mar/09/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2015/mar/09/security-releases/"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:109","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:109"},{"reference_url":"http://www.securityfocus.com/bid/73095","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/73095"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1200922","reference_id":"1200922","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1200922"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47191?format=json","purl":"pkg:pypi/django@1.7.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.6"},{"url":"http://public2.vulnerablecode.io/api/packages/47192?format=json","purl":"pkg:pypi/django@1.8b2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u2c7-nvng-eya1"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-ud47-2t6q-pycj"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-x3rb-wf8q-auer"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8b2"}],"aliases":["CVE-2015-2241","GHSA-6565-fg86-6jcx","PYSEC-2015-8"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a36b-7nxc-5ffg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110501?format=json","vulnerability_id":"VCID-b97e-fw2q-nqhk","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0480.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0480.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0480","reference_id":"","reference_type":"","scores":[{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68618","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483"},{"reference_url":"http://secunia.com/advisories/59782","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/59782"},{"reference_url":"http://secunia.com/advisories/61276","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61276"},{"reference_url":"http://secunia.com/advisories/61281","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61281"},{"reference_url":"https://github.com/advisories/GHSA-f7cm-ccfp-3q4r","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-f7cm-ccfp-3q4r"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/45ac9d4fb087d21902469fc22643f5201d41a0cd","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/45ac9d4fb087d21902469fc22643f5201d41a0cd"},{"reference_url":"https://github.com/django/django/commit/c2fe73133b62a1d9e8f7a6b43966570b14618d7e","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c2fe73133b62a1d9e8f7a6b43966570b14618d7e"},{"reference_url":"https://github.com/django/django/commit/da051da8df5e69944745072611351d4cfc6435d5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/da051da8df5e69944745072611351d4cfc6435d5"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-4.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-4.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0480","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0480"},{"reference_url":"https://web.archive.org/web/20140918034351/http://www.securityfocus.com/bid/69425","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20140918034351/http://www.securityfocus.com/bid/69425"},{"reference_url":"https://www.djangoproject.com/weblog/2014/aug/20/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2014/aug/20/security"},{"reference_url":"https://www.djangoproject.com/weblog/2014/aug/20/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2014/aug/20/security/"},{"reference_url":"http://www.debian.org/security/2014/dsa-3010","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-3010"},{"reference_url":"http://www.securityfocus.com/bid/69425","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/69425"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1129950","reference_id":"1129950","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1129950"},{"reference_url":"https://security.gentoo.org/glsa/201412-22","reference_id":"GLSA-201412-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-22"},{"reference_url":"https://usn.ubuntu.com/2347-1/","reference_id":"USN-2347-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2347-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/46858?format=json","purl":"pkg:pypi/django@1.4.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.14"},{"url":"http://public2.vulnerablecode.io/api/packages/46859?format=json","purl":"pkg:pypi/django@1.5.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5.9"},{"url":"http://public2.vulnerablecode.io/api/packages/46860?format=json","purl":"pkg:pypi/django@1.6.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.6"}],"aliases":["CVE-2014-0480","GHSA-f7cm-ccfp-3q4r","PYSEC-2014-4"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b97e-fw2q-nqhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90765?format=json","vulnerability_id":"VCID-beas-dwx6-1ffp","summary":"An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.\nThe methods `QuerySet.filter()`, `QuerySet.exclude()`, and `QuerySet.get()`, and the class `Q()`, are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the `_connector` argument.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank cyberstan for reporting this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64459.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64459.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-64459","reference_id":"","reference_type":"","scores":[{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51956","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-64459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/06dd38324ac3d60d83d9f3adabf0dcdf423d2a85","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/06dd38324ac3d60d83d9f3adabf0dcdf423d2a85"},{"reference_url":"https://github.com/django/django/commit/59ae82e67053d281ff4562a24bbba21299f0a7d4","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/59ae82e67053d281ff4562a24bbba21299f0a7d4"},{"reference_url":"https://github.com/django/django/commit/6703f364d767e949c5b0e4016433ef75063b4f9b","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/6703f364d767e949c5b0e4016433ef75063b4f9b"},{"reference_url":"https://github.com/django/django/commit/72d2c87431f2ae0431d65d0ec792047f078c8241","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/72d2c87431f2ae0431d65d0ec792047f078c8241"},{"reference_url":"https://github.com/omarkurt/django-connector-CVE-2025-64459-testbed","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/omarkurt/django-connector-CVE-2025-64459-testbed"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-108.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-108.yaml"},{"reference_url":"https://shivasurya.me/security/django/2025/11/07/django-sql-injection-CVE-2025-64459.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://shivasurya.me/security/django/2025/11/07/django-sql-injection-CVE-2025-64459.html"},{"reference_url":"https://www.djangoproject.com/weblog/2025/nov/05/security-releases","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2025/nov/05/security-releases"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120139","reference_id":"1120139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2412651","reference_id":"2412651","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2412651"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52456.py","reference_id":"CVE-2025-64459","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52456.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-64459","reference_id":"CVE-2025-64459","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-64459"},{"reference_url":"https://groups.google.com/g/django-announce","reference_id":"django-announce","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/"}],"url":"https://groups.google.com/g/django-announce"},{"reference_url":"https://github.com/advisories/GHSA-frmv-pr5f-9mcr","reference_id":"GHSA-frmv-pr5f-9mcr","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-frmv-pr5f-9mcr"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23069","reference_id":"RHSA-2025:23069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23070","reference_id":"RHSA-2025:23070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23130","reference_id":"RHSA-2025:23130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23131","reference_id":"RHSA-2025:23131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23133","reference_id":"RHSA-2025:23133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23196","reference_id":"RHSA-2025:23196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1596","reference_id":"RHSA-2026:1596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1596"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"security","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/"}],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://www.djangoproject.com/weblog/2025/nov/05/security-releases/","reference_id":"security-releases","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/"}],"url":"https://www.djangoproject.com/weblog/2025/nov/05/security-releases/"},{"reference_url":"https://usn.ubuntu.com/7859-1/","reference_id":"USN-7859-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7859-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/35005?format=json","purl":"pkg:pypi/django@4.2.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13q1-fzeg-bfd9"},{"vulnerability":"VCID-4xtu-yeh2-pbc8"},{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"},{"vulnerability":"VCID-dh5p-grha-r7a2"},{"vulnerability":"VCID-dqpz-q718-pkas"},{"vulnerability":"VCID-e331-cbgc-hubm"},{"vulnerability":"VCID-hb8n-gwz6-9yd9"},{"vulnerability":"VCID-jdjc-ygtk-c7hv"},{"vulnerability":"VCID-pn2d-2euz-pudt"},{"vulnerability":"VCID-q3sw-jd7p-1yg1"},{"vulnerability":"VCID-r3dj-t213-jyhh"},{"vulnerability":"VCID-sbwy-buwj-gkd2"},{"vulnerability":"VCID-zr7g-1xkm-fqdw"},{"vulnerability":"VCID-zztc-4be5-fker"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.26"},{"url":"http://public2.vulnerablecode.io/api/packages/35019?format=json","purl":"pkg:pypi/django@5.1.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.14"},{"url":"http://public2.vulnerablecode.io/api/packages/35012?format=json","purl":"pkg:pypi/django@5.2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13q1-fzeg-bfd9"},{"vulnerability":"VCID-1g9h-ryet-2ffs"},{"vulnerability":"VCID-1mp4-kq35-1ba7"},{"vulnerability":"VCID-4xtu-yeh2-pbc8"},{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"},{"vulnerability":"VCID-8tz7-vjwz-rycs"},{"vulnerability":"VCID-dh5p-grha-r7a2"},{"vulnerability":"VCID-dqpz-q718-pkas"},{"vulnerability":"VCID-e331-cbgc-hubm"},{"vulnerability":"VCID-h5qf-zbcz-qygg"},{"vulnerability":"VCID-hb8n-gwz6-9yd9"},{"vulnerability":"VCID-jdjc-ygtk-c7hv"},{"vulnerability":"VCID-m4mg-yd86-dyfw"},{"vulnerability":"VCID-n915-wj16-wka6"},{"vulnerability":"VCID-pn2d-2euz-pudt"},{"vulnerability":"VCID-q3sw-jd7p-1yg1"},{"vulnerability":"VCID-r3dj-t213-jyhh"},{"vulnerability":"VCID-sbwy-buwj-gkd2"},{"vulnerability":"VCID-tvk1-4am9-f3cf"},{"vulnerability":"VCID-z7sj-r61n-qbcd"},{"vulnerability":"VCID-zr7g-1xkm-fqdw"},{"vulnerability":"VCID-zztc-4be5-fker"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/38619?format=json","purl":"pkg:pypi/django@6.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13q1-fzeg-bfd9"},{"vulnerability":"VCID-4xtu-yeh2-pbc8"},{"vulnerability":"VCID-dqpz-q718-pkas"},{"vulnerability":"VCID-e331-cbgc-hubm"},{"vulnerability":"VCID-pn2d-2euz-pudt"},{"vulnerability":"VCID-sbwy-buwj-gkd2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1"}],"aliases":["BIT-django-2025-64459","CVE-2025-64459","GHSA-frmv-pr5f-9mcr","PYSEC-2025-108"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-beas-dwx6-1ffp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25650?format=json","vulnerability_id":"VCID-db6w-yj8t-sfg4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57833.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57833.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-57833","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22452","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-57833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-6w2r-r2m5-xq5w","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://github.com/advisories/GHSA-6w2r-r2m5-xq5w"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/102965ea93072fe3c39a30be437c683ec1106ef5","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/102965ea93072fe3c39a30be437c683ec1106ef5"},{"reference_url":"https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92"},{"reference_url":"https://github.com/django/django/commit/4c044fcc866ec226f612c475950b690b0139d243","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/4c044fcc866ec226f612c475950b690b0139d243"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-105.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-105.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2025/09/msg00017.html","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2025/09/msg00017.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-57833","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-57833"},{"reference_url":"https://www.djangoproject.com/weblog/2025/sep/03/security-releases","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2025/sep/03/security-releases"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/09/03/3","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/09/03/3"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113865","reference_id":"1113865","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113865"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392990","reference_id":"2392990","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392990"},{"reference_url":"https://groups.google.com/g/django-announce","reference_id":"django-announce","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/"}],"url":"https://groups.google.com/g/django-announce"},{"reference_url":"https://medium.com/@EyalSec/django-unauthenticated-0-click-rce-and-sql-injection-using-default-configuration-059964f3f898","reference_id":"django-unauthenticated-0-click-rce-and-sql-injection-using-default-configuration-059964f3f898","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/"}],"url":"https://medium.com/@EyalSec/django-unauthenticated-0-click-rce-and-sql-injection-using-default-configuration-059964f3f898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16403","reference_id":"RHSA-2025:16403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16404","reference_id":"RHSA-2025:16404","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16487","reference_id":"RHSA-2025:16487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16514","reference_id":"RHSA-2025:16514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17498","reference_id":"RHSA-2025:17498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17499","reference_id":"RHSA-2025:17499","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17500","reference_id":"RHSA-2025:17500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17606","reference_id":"RHSA-2025:17606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17613","reference_id":"RHSA-2025:17613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17614","reference_id":"RHSA-2025:17614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17614"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"security","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/"}],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://www.djangoproject.com/weblog/2025/sep/03/security-releases/","reference_id":"security-releases","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/"}],"url":"https://www.djangoproject.com/weblog/2025/sep/03/security-releases/"},{"reference_url":"https://usn.ubuntu.com/7736-1/","reference_id":"USN-7736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7736-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89034?format=json","purl":"pkg:pypi/django@4.2.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13q1-fzeg-bfd9"},{"vulnerability":"VCID-4xtu-yeh2-pbc8"},{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-dh5p-grha-r7a2"},{"vulnerability":"VCID-dqpz-q718-pkas"},{"vulnerability":"VCID-e331-cbgc-hubm"},{"vulnerability":"VCID-fwwm-7y13-y3dx"},{"vulnerability":"VCID-hb8n-gwz6-9yd9"},{"vulnerability":"VCID-jdjc-ygtk-c7hv"},{"vulnerability":"VCID-pmhc-yu6r-uudy"},{"vulnerability":"VCID-pn2d-2euz-pudt"},{"vulnerability":"VCID-q3sw-jd7p-1yg1"},{"vulnerability":"VCID-r3dj-t213-jyhh"},{"vulnerability":"VCID-sbwy-buwj-gkd2"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-zr7g-1xkm-fqdw"},{"vulnerability":"VCID-zztc-4be5-fker"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.24"},{"url":"http://public2.vulnerablecode.io/api/packages/89035?format=json","purl":"pkg:pypi/django@5.1.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-fwwm-7y13-y3dx"},{"vulnerability":"VCID-pmhc-yu6r-uudy"},{"vulnerability":"VCID-xkrz-p214-hqhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.12"},{"url":"http://public2.vulnerablecode.io/api/packages/89036?format=json","purl":"pkg:pypi/django@5.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13q1-fzeg-bfd9"},{"vulnerability":"VCID-1g9h-ryet-2ffs"},{"vulnerability":"VCID-1mp4-kq35-1ba7"},{"vulnerability":"VCID-4xtu-yeh2-pbc8"},{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"},{"vulnerability":"VCID-8tz7-vjwz-rycs"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-dh5p-grha-r7a2"},{"vulnerability":"VCID-dqpz-q718-pkas"},{"vulnerability":"VCID-e331-cbgc-hubm"},{"vulnerability":"VCID-fwwm-7y13-y3dx"},{"vulnerability":"VCID-h5qf-zbcz-qygg"},{"vulnerability":"VCID-hb8n-gwz6-9yd9"},{"vulnerability":"VCID-jdjc-ygtk-c7hv"},{"vulnerability":"VCID-m4mg-yd86-dyfw"},{"vulnerability":"VCID-n915-wj16-wka6"},{"vulnerability":"VCID-pmhc-yu6r-uudy"},{"vulnerability":"VCID-pn2d-2euz-pudt"},{"vulnerability":"VCID-q3sw-jd7p-1yg1"},{"vulnerability":"VCID-r3dj-t213-jyhh"},{"vulnerability":"VCID-sbwy-buwj-gkd2"},{"vulnerability":"VCID-tvk1-4am9-f3cf"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-z7sj-r61n-qbcd"},{"vulnerability":"VCID-zr7g-1xkm-fqdw"},{"vulnerability":"VCID-zztc-4be5-fker"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.6"}],"aliases":["BIT-django-2025-57833","CVE-2025-57833","GHSA-6w2r-r2m5-xq5w","PYSEC-2025-105"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-db6w-yj8t-sfg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200825?format=json","vulnerability_id":"VCID-e2vb-tg4t-4ye3","summary":"Django Cross-Site Request Forgery vulnerability","references":[{"reference_url":"http://openwall.com/lists/oss-security/2011/09/11/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/09/11/1"},{"reference_url":"http://openwall.com/lists/oss-security/2011/09/13/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/09/13/2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4140","reference_id":"","reference_type":"","scores":[{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57446","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4140"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=737366","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=737366"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4140"},{"reference_url":"http://secunia.com/advisories/46614","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/46614"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-5.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-5.yaml"},{"reference_url":"https://hermes.opensuse.org/messages/14700881","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hermes.opensuse.org/messages/14700881"},{"reference_url":"https://web.archive.org/web/20140806062902/http://secunia.com/advisories/46614","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20140806062902/http://secunia.com/advisories/46614"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/09","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2011/sep/09"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2011/sep/09/"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/10/127","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2011/sep/10/127"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/10/127/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2011/sep/10/127/"},{"reference_url":"http://www.debian.org/security/2011/dsa-2332","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2011/dsa-2332"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641405","reference_id":"641405","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641405"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4140","reference_id":"CVE-2011-4140","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4140"},{"reference_url":"https://github.com/advisories/GHSA-h95j-h2rv-qrg4","reference_id":"GHSA-h95j-h2rv-qrg4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h95j-h2rv-qrg4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13265?format=json","purl":"pkg:pypi/django@1.2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/13264?format=json","purl":"pkg:pypi/django@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7vck-9u91-1yca"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-ejv6-3fkp-a7ba"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-qwdg-jeya-fuer"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ywr3-fe5b-ybek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/45661?format=json","purl":"pkg:pypi/django@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7vck-9u91-1yca"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-ejv6-3fkp-a7ba"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-qwdg-jeya-fuer"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ywr3-fe5b-ybek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.3.2"}],"aliases":["CVE-2011-4140","GHSA-h95j-h2rv-qrg4","PYSEC-2011-5"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2vb-tg4t-4ye3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202366?format=json","vulnerability_id":"VCID-e36z-3vcv-8qaw","summary":"The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service (process or thread consumption) via a large TIFF image.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3444","reference_id":"","reference_type":"","scores":[{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.79246","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3444"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3444","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3444"},{"reference_url":"https://github.com/advisories/GHSA-5h2q-4hrp-v9rr","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5h2q-4hrp-v9rr"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/9ca0ff6268eeff92d0d0ac2c315d4b6a8e229155"},{"reference_url":"https://github.com/django/django/commit/b2eb4787a0fff9c9993b78be5c698e85108f3446","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/b2eb4787a0fff9c9993b78be5c698e85108f3446"},{"reference_url":"https://github.com/django/django/commit/c14f325c4eef628bc7bfd8873c3a72aeb0219141","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c14f325c4eef628bc7bfd8873c3a72aeb0219141"},{"reference_url":"https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/da33d67181b53fe6cc737ac1220153814a1509f6"},{"reference_url":"https://github.com/django/django/commit/dd16b17099b7d86f27773df048c5014cf439b282","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/dd16b17099b7d86f27773df048c5014cf439b282"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-4.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-4.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3444","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3444"},{"reference_url":"https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued"},{"reference_url":"https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/"},{"reference_url":"http://www.debian.org/security/2012/dsa-2529","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2012/dsa-2529"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:143","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:143"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/31/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/07/31/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/31/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/07/31/2"},{"reference_url":"http://www.ubuntu.com/usn/USN-1560-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-1560-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364","reference_id":"683364","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364"},{"reference_url":"https://usn.ubuntu.com/1560-1/","reference_id":"USN-1560-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1560-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45661?format=json","purl":"pkg:pypi/django@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7vck-9u91-1yca"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-ejv6-3fkp-a7ba"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-qwdg-jeya-fuer"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ywr3-fe5b-ybek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/45663?format=json","purl":"pkg:pypi/django@1.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7kbt-73z6-wfar"},{"vulnerability":"VCID-7vck-9u91-1yca"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8h18-d5hr-rqas"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dr33-d1ck-wycg"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-ejv6-3fkp-a7ba"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-p1ft-8wjr-k7fh"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-qwdg-jeya-fuer"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v7kk-jbkz-77hf"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-yefp-r2s6-e7fe"},{"vulnerability":"VCID-ywr3-fe5b-ybek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.1"}],"aliases":["CVE-2012-3444","GHSA-5h2q-4hrp-v9rr","PYSEC-2012-4"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e36z-3vcv-8qaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1801?format=json","vulnerability_id":"VCID-eay8-gdua-p3b5","summary":"","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2038.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2038.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2039.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2039.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2040.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2040.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2041.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2041.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2042.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2042.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2043.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2043.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7401.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7401.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7401","reference_id":"","reference_type":"","scores":[{"value":"0.06156","scoring_system":"epss","scoring_elements":"0.9102","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7401"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-crhm-qpjc-cm64","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-crhm-qpjc-cm64"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/6118ab7d0676f0d622278e5be215f14fb5410b6a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/6118ab7d0676f0d622278e5be215f14fb5410b6a"},{"reference_url":"https://github.com/django/django/commit/6fe846a8f08dc959003f298b5407e321c6fe3735","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/6fe846a8f08dc959003f298b5407e321c6fe3735"},{"reference_url":"https://github.com/django/django/commit/d1bc980db1c0fffd6d60677e62f70beadb9fe64a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/d1bc980db1c0fffd6d60677e62f70beadb9fe64a"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-3.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-3.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7401","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7401"},{"reference_url":"https://web.archive.org/web/20200227223637/http://www.securityfocus.com/bid/93182","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200227223637/http://www.securityfocus.com/bid/93182"},{"reference_url":"https://web.archive.org/web/20210927195154/http://www.securitytracker.com/id/1036899","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210927195154/http://www.securitytracker.com/id/1036899"},{"reference_url":"https://www.djangoproject.com/weblog/2016/sep/26/security-releases","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2016/sep/26/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2016/sep/26/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2016/sep/26/security-releases/"},{"reference_url":"http://www.debian.org/security/2016/dsa-3678","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2016/dsa-3678"},{"reference_url":"http://www.securityfocus.com/bid/93182","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/93182"},{"reference_url":"http://www.securitytracker.com/id/1036899","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036899"},{"reference_url":"http://www.ubuntu.com/usn/USN-3089-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-3089-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377376","reference_id":"1377376","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377376"},{"reference_url":"https://security.archlinux.org/ASA-201610-13","reference_id":"ASA-201610-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201610-13"},{"reference_url":"https://security.archlinux.org/AVG-35","reference_id":"AVG-35","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-35"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2038","reference_id":"RHSA-2016:2038","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2039","reference_id":"RHSA-2016:2039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2040","reference_id":"RHSA-2016:2040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2041","reference_id":"RHSA-2016:2041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2042","reference_id":"RHSA-2016:2042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2043","reference_id":"RHSA-2016:2043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2043"},{"reference_url":"https://usn.ubuntu.com/3089-1/","reference_id":"USN-3089-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3089-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/48235?format=json","purl":"pkg:pypi/django@1.8.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-577n-ucjg-9udw"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-ud47-2t6q-pycj"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.15"},{"url":"http://public2.vulnerablecode.io/api/packages/48236?format=json","purl":"pkg:pypi/django@1.9.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.10"}],"aliases":["CVE-2016-7401","GHSA-crhm-qpjc-cm64","PYSEC-2016-3"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eay8-gdua-p3b5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110485?format=json","vulnerability_id":"VCID-fsgd-8jz7-zkdn","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-0456.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-0456.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-0457.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-0457.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0473.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0473.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0473","reference_id":"","reference_type":"","scores":[{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53547","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730"},{"reference_url":"http://secunia.com/advisories/61281","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61281"},{"reference_url":"https://github.com/advisories/GHSA-89hj-xfx5-7q66","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-89hj-xfx5-7q66"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/1170f285ddd6a94a65f911a27788ba49ca08c0b0","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/1170f285ddd6a94a65f911a27788ba49ca08c0b0"},{"reference_url":"https://github.com/django/django/commit/6872f42757d7ef6a97e0b6ec5db4d2615d8a2bd8","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/6872f42757d7ef6a97e0b6ec5db4d2615d8a2bd8"},{"reference_url":"https://github.com/django/django/commit/d63e20942f3024f24cb8cd85a49461ba8a9b6736","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/d63e20942f3024f24cb8cd85a49461ba8a9b6736"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-2.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-2.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0473","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0473"},{"reference_url":"https://www.djangoproject.com/weblog/2014/apr/21/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2014/apr/21/security"},{"reference_url":"https://www.djangoproject.com/weblog/2014/apr/21/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2014/apr/21/security/"},{"reference_url":"http://www.debian.org/security/2014/dsa-2934","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-2934"},{"reference_url":"http://www.ubuntu.com/usn/USN-2169-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2169-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1090592","reference_id":"1090592","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1090592"},{"reference_url":"https://security.gentoo.org/glsa/201406-26","reference_id":"GLSA-201406-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0456","reference_id":"RHSA-2014:0456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0457","reference_id":"RHSA-2014:0457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0457"},{"reference_url":"https://usn.ubuntu.com/2169-1/","reference_id":"USN-2169-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2169-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/46458?format=json","purl":"pkg:pypi/django@1.4.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dr33-d1ck-wycg"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v7kk-jbkz-77hf"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.11"},{"url":"http://public2.vulnerablecode.io/api/packages/46459?format=json","purl":"pkg:pypi/django@1.5.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dr33-d1ck-wycg"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v7kk-jbkz-77hf"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5.6"},{"url":"http://public2.vulnerablecode.io/api/packages/46460?format=json","purl":"pkg:pypi/django@1.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dr33-d1ck-wycg"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v7kk-jbkz-77hf"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.3"}],"aliases":["CVE-2014-0473","GHSA-89hj-xfx5-7q66","PYSEC-2014-2"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fsgd-8jz7-zkdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1641?format=json","vulnerability_id":"VCID-gfad-ffzw-g3hv","summary":"","references":[{"reference_url":"http://packetstormsecurity.com/files/137965/Django-3.3.0-Script-Insertion.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/137965/Django-3.3.0-Script-Insertion.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1594.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-1594.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1595.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-1595.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1596.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-1596.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6186.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6186.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6186","reference_id":"","reference_type":"","scores":[{"value":"0.16367","scoring_system":"epss","scoring_elements":"0.95012","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6186"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6186","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6186"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Jul/53","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2016/Jul/53"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-c8c8-9472-w52h","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-c8c8-9472-w52h"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/6fa150b2f8b601668083042324c4add534143cb1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/6fa150b2f8b601668083042324c4add534143cb1"},{"reference_url":"https://github.com/django/django/commit/d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158"},{"reference_url":"https://github.com/django/django/commit/f68e5a99164867ab0e071a936470958ed867479d","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/f68e5a99164867ab0e071a936470958ed867479d"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-2.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-2.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMLLFAUT4J4IP4P2KI4NOVWRMHA22WUJ","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMLLFAUT4J4IP4P2KI4NOVWRMHA22WUJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMLLFAUT4J4IP4P2KI4NOVWRMHA22WUJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMLLFAUT4J4IP4P2KI4NOVWRMHA22WUJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KHHPN6MISX5I6UTXQHYLPTLEEUE6WDXW","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KHHPN6MISX5I6UTXQHYLPTLEEUE6WDXW"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KHHPN6MISX5I6UTXQHYLPTLEEUE6WDXW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KHHPN6MISX5I6UTXQHYLPTLEEUE6WDXW/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6186","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6186"},{"reference_url":"https://web.archive.org/web/20201022155237/http://www.securityfocus.com/archive/1/538947/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201022155237/http://www.securityfocus.com/archive/1/538947/100/0/threaded"},{"reference_url":"https://web.archive.org/web/20210123154652/http://www.securityfocus.com/bid/92058","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210123154652/http://www.securityfocus.com/bid/92058"},{"reference_url":"https://web.archive.org/web/20211204042848/http://www.securitytracker.com/id/1036338","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20211204042848/http://www.securitytracker.com/id/1036338"},{"reference_url":"https://www.djangoproject.com/weblog/2016/jul/18/security-releases","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2016/jul/18/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2016/jul/18/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2016/jul/18/security-releases/"},{"reference_url":"https://www.exploit-db.com/exploits/40129","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/40129"},{"reference_url":"https://www.exploit-db.com/exploits/40129/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/40129/"},{"reference_url":"http://www.debian.org/security/2016/dsa-3622","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2016/dsa-3622"},{"reference_url":"http://www.securityfocus.com/archive/1/538947/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/538947/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/92058","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92058"},{"reference_url":"http://www.securitytracker.com/id/1036338","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036338"},{"reference_url":"http://www.ubuntu.com/usn/USN-3039-1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-3039-1"},{"reference_url":"http://www.vulnerability-lab.com/get_content.php?id=1869","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vulnerability-lab.com/get_content.php?id=1869"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1355663","reference_id":"1355663","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1355663"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831799","reference_id":"831799","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831799"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/40129.txt","reference_id":"CVE-2016-6186","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/40129.txt"},{"reference_url":"https://www.vulnerability-lab.com/get_content.php?id=1869","reference_id":"CVE-2016-6186","reference_type":"exploit","scores":[],"url":"https://www.vulnerability-lab.com/get_content.php?id=1869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1594","reference_id":"RHSA-2016:1594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1595","reference_id":"RHSA-2016:1595","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1595"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1596","reference_id":"RHSA-2016:1596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1596"},{"reference_url":"https://usn.ubuntu.com/3039-1/","reference_id":"USN-3039-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3039-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47841?format=json","purl":"pkg:pypi/django@1.8.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-577n-ucjg-9udw"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-ud47-2t6q-pycj"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.14"},{"url":"http://public2.vulnerablecode.io/api/packages/47842?format=json","purl":"pkg:pypi/django@1.9.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.8"},{"url":"http://public2.vulnerablecode.io/api/packages/47843?format=json","purl":"pkg:pypi/django@1.10rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-pp8x-52ke-qbhj"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.10rc1"}],"aliases":["CVE-2016-6186","GHSA-c8c8-9472-w52h","PYSEC-2016-2"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gfad-ffzw-g3hv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110504?format=json","vulnerability_id":"VCID-h328-c9gp-9ybg","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0483.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0483.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0483","reference_id":"","reference_type":"","scores":[{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62883","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0483"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483"},{"reference_url":"http://secunia.com/advisories/59782","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/59782"},{"reference_url":"http://secunia.com/advisories/61276","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61276"},{"reference_url":"http://secunia.com/advisories/61281","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61281"},{"reference_url":"https://github.com/advisories/GHSA-rw75-m7gp-92m3","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rw75-m7gp-92m3"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/027bd348642007617518379f8b02546abacaa6e0","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/027bd348642007617518379f8b02546abacaa6e0"},{"reference_url":"https://github.com/django/django/commit/2a446c896e7c814661fb9c4f212b071b2a7fa446","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/2a446c896e7c814661fb9c4f212b071b2a7fa446"},{"reference_url":"https://github.com/django/django/commit/2b31342cdf14fc20e07c43d258f1e7334ad664a6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/2b31342cdf14fc20e07c43d258f1e7334ad664a6"},{"reference_url":"https://github.com/django/django/commit/f7c494f2506250b8cb5923714360a3642ed63e0f","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/f7c494f2506250b8cb5923714360a3642ed63e0f"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-7.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-7.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0483","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0483"},{"reference_url":"https://web.archive.org/web/20151016194735/http://secunia.com/advisories/61276","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20151016194735/http://secunia.com/advisories/61276"},{"reference_url":"https://web.archive.org/web/20151016202523/http://secunia.com/advisories/59782","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20151016202523/http://secunia.com/advisories/59782"},{"reference_url":"https://web.archive.org/web/20151023143840/http://secunia.com/advisories/61281","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20151023143840/http://secunia.com/advisories/61281"},{"reference_url":"https://www.djangoproject.com/weblog/2014/aug/20/security","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2014/aug/20/security"},{"reference_url":"https://www.djangoproject.com/weblog/2014/aug/20/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2014/aug/20/security/"},{"reference_url":"http://www.debian.org/security/2014/dsa-3010","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-3010"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1129959","reference_id":"1129959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1129959"},{"reference_url":"https://security.gentoo.org/glsa/201412-22","reference_id":"GLSA-201412-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-22"},{"reference_url":"https://usn.ubuntu.com/2347-1/","reference_id":"USN-2347-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2347-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/46858?format=json","purl":"pkg:pypi/django@1.4.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.14"},{"url":"http://public2.vulnerablecode.io/api/packages/46859?format=json","purl":"pkg:pypi/django@1.5.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5.9"},{"url":"http://public2.vulnerablecode.io/api/packages/46860?format=json","purl":"pkg:pypi/django@1.6.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.6"},{"url":"http://public2.vulnerablecode.io/api/packages/384852?format=json","purl":"pkg:pypi/django@1.7rc3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7rc3"}],"aliases":["CVE-2014-0483","GHSA-rw75-m7gp-92m3","PYSEC-2014-7"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h328-c9gp-9ybg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2027?format=json","vulnerability_id":"VCID-kgw9-ng5a-jucv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9014.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9014.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9014","reference_id":"","reference_type":"","scores":[{"value":"0.03671","scoring_system":"epss","scoring_elements":"0.88167","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7233"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7234","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7234"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-3f2c-jm6v-cr35","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3f2c-jm6v-cr35"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19"},{"reference_url":"https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472"},{"reference_url":"https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-18.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-18.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9014","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9014"},{"reference_url":"https://web.archive.org/web/20210123185619/http://www.securityfocus.com/bid/94068","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210123185619/http://www.securityfocus.com/bid/94068"},{"reference_url":"https://web.archive.org/web/20211204043252/http://www.securitytracker.com/id/1037159","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20211204043252/http://www.securitytracker.com/id/1037159"},{"reference_url":"https://www.djangoproject.com/weblog/2016/nov/01/security-releases","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2016/nov/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2016/nov/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2016/nov/01/security-releases/"},{"reference_url":"http://www.debian.org/security/2017/dsa-3835","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2017/dsa-3835"},{"reference_url":"http://www.securityfocus.com/bid/94068","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/94068"},{"reference_url":"http://www.securitytracker.com/id/1037159","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037159"},{"reference_url":"http://www.ubuntu.com/usn/USN-3115-1","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-3115-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1389417","reference_id":"1389417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1389417"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842856","reference_id":"842856","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842856"},{"reference_url":"https://security.archlinux.org/ASA-201611-15","reference_id":"ASA-201611-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-15"},{"reference_url":"https://security.archlinux.org/AVG-57","reference_id":"AVG-57","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-57"},{"reference_url":"https://usn.ubuntu.com/3115-1/","reference_id":"USN-3115-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3115-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/48300?format=json","purl":"pkg:pypi/django@1.8.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-577n-ucjg-9udw"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-ud47-2t6q-pycj"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.16"},{"url":"http://public2.vulnerablecode.io/api/packages/48301?format=json","purl":"pkg:pypi/django@1.9.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.11"},{"url":"http://public2.vulnerablecode.io/api/packages/48302?format=json","purl":"pkg:pypi/django@1.10.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-pp8x-52ke-qbhj"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.10.3"}],"aliases":["CVE-2016-9014","GHSA-3f2c-jm6v-cr35","PYSEC-2016-18"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kgw9-ng5a-jucv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/114299?format=json","vulnerability_id":"VCID-mb3h-bnss-5bcj","summary":"security update","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2015-0026.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://advisories.mageia.org/MGASA-2015-0026.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0219.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0219.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0219","reference_id":"","reference_type":"","scores":[{"value":"0.04836","scoring_system":"epss","scoring_elements":"0.89757","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0219"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0219","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0219"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0220","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0220"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0221"},{"reference_url":"http://secunia.com/advisories/62285","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62285"},{"reference_url":"http://secunia.com/advisories/62309","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62309"},{"reference_url":"http://secunia.com/advisories/62718","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62718"},{"reference_url":"https://github.com/advisories/GHSA-7qfw-j7hp-v45g","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7qfw-j7hp-v45g"},{"reference_url":"https://github.com/django/daphne/blob/e49c39a4e5fac8ec170dd653641a9e90844fd3f1/daphne/http_protocol.py#L151","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/daphne/blob/e49c39a4e5fac8ec170dd653641a9e90844fd3f1/daphne/http_protocol.py#L151"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/41b4bc73ee0da7b2e09f4af47fc1fd21144c710f","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/41b4bc73ee0da7b2e09f4af47fc1fd21144c710f"},{"reference_url":"https://github.com/django/django/commit/4f6fffc1dc429f1ad428ecf8e6620739e8837450","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/4f6fffc1dc429f1ad428ecf8e6620739e8837450"},{"reference_url":"https://github.com/django/django/commit/d7597b31d5c03106eeba4be14a33b32a5e25f4ee","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/d7597b31d5c03106eeba4be14a33b32a5e25f4ee"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-4.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-4.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-0219","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-0219"},{"reference_url":"https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62285","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62285"},{"reference_url":"https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62309","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62309"},{"reference_url":"https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109"},{"reference_url":"https://web.archive.org/web/20150523054953/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:036/?name=MDVSA-2015:036","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150523054953/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:036/?name=MDVSA-2015:036"},{"reference_url":"https://web.archive.org/web/20151104201446/http://secunia.com/advisories/62718","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20151104201446/http://secunia.com/advisories/62718"},{"reference_url":"https://www.djangoproject.com/weblog/2015/jan/13/security","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2015/jan/13/security"},{"reference_url":"https://www.djangoproject.com/weblog/2015/jan/13/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2015/jan/13/security/"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:036","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:036"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:109","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:109"},{"reference_url":"http://www.ubuntu.com/usn/USN-2469-1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2469-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179672","reference_id":"1179672","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179672"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375","reference_id":"775375","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375"},{"reference_url":"https://usn.ubuntu.com/2469-1/","reference_id":"USN-2469-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2469-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47120?format=json","purl":"pkg:pypi/django@1.4.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.18"},{"url":"http://public2.vulnerablecode.io/api/packages/47121?format=json","purl":"pkg:pypi/django@1.6.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.10"},{"url":"http://public2.vulnerablecode.io/api/packages/47122?format=json","purl":"pkg:pypi/django@1.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.3"}],"aliases":["CVE-2015-0219","GHSA-7qfw-j7hp-v45g","PYSEC-2015-4"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mb3h-bnss-5bcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200839?format=json","vulnerability_id":"VCID-ndqd-kuk7-w3ap","summary":"Improper query string handling in Django","references":[{"reference_url":"http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0580.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0580.html"},{"reference_url":"http://code.djangoproject.com/changeset/15031","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://code.djangoproject.com/changeset/15031"},{"reference_url":"http://evilpacket.net/2010/dec/22/information-leakage-django-administrative-interfac","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://evilpacket.net/2010/dec/22/information-leakage-django-administrative-interfac"},{"reference_url":"http://evilpacket.net/2010/dec/22/information-leakage-django-administrative-interfac/","reference_id":"","reference_type":"","scores":[],"url":"http://evilpacket.net/2010/dec/22/information-leakage-django-administrative-interfac/"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053041.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053041.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053072.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053072.html"},{"reference_url":"http://ngenuity-is.com/advisories/2010/dec/22/information-leakage-in-django-administrative-inter","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://ngenuity-is.com/advisories/2010/dec/22/information-leakage-in-django-administrative-inter"},{"reference_url":"http://ngenuity-is.com/advisories/2010/dec/22/information-leakage-in-django-administrative-inter/","reference_id":"","reference_type":"","scores":[],"url":"http://ngenuity-is.com/advisories/2010/dec/22/information-leakage-in-django-administrative-inter/"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4534","reference_id":"","reference_type":"","scores":[{"value":"0.00553","scoring_system":"epss","scoring_elements":"0.68518","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4534"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=665373","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=665373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4534"},{"reference_url":"http://secunia.com/advisories/42715","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://secunia.com/advisories/42715"},{"reference_url":"http://secunia.com/advisories/42827","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://secunia.com/advisories/42827"},{"reference_url":"http://secunia.com/advisories/42913","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://secunia.com/advisories/42913"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/17084839fd7e267da5729f2a27753322b9d415a0","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/17084839fd7e267da5729f2a27753322b9d415a0"},{"reference_url":"https://github.com/django/django/commit/85207a245bf09fdebe486b4c7bbcb65300f2a693","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/85207a245bf09fdebe486b4c7bbcb65300f2a693"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-28.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-28.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-8.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-8.yaml"},{"reference_url":"http://www.djangoproject.com/weblog/2010/dec/22/security","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.djangoproject.com/weblog/2010/dec/22/security"},{"reference_url":"http://www.djangoproject.com/weblog/2010/dec/22/security/","reference_id":"","reference_type":"","scores":[],"url":"http://www.djangoproject.com/weblog/2010/dec/22/security/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/12/23/4","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2010/12/23/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/01/03/5","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/01/03/5"},{"reference_url":"http://www.securityfocus.com/archive/1/515446","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/archive/1/515446"},{"reference_url":"http://www.securityfocus.com/bid/45562","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/45562"},{"reference_url":"http://www.ubuntu.com/usn/USN-1040-1","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-1040-1"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0048","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vupen.com/english/advisories/2011/0048"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0098","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vupen.com/english/advisories/2011/0098"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4534","reference_id":"CVE-2010-4534","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4534"},{"reference_url":"https://github.com/advisories/GHSA-fwr5-q9rx-294f","reference_id":"GHSA-fwr5-q9rx-294f","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fwr5-q9rx-294f"},{"reference_url":"https://usn.ubuntu.com/1040-1/","reference_id":"USN-1040-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1040-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13277?format=json","purl":"pkg:pypi/django@1.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4b76-zn8f-sfd1"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-76b8-e9q1-w3ey"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-bbq5-1gpd-nqeh"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cygw-grtf-nydk"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-s37h-qzm1-zubw"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wrts-u1xj-fyec"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xjhj-6qe7-hbe6"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13278?format=json","purl":"pkg:pypi/django@1.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4b76-zn8f-sfd1"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-76b8-e9q1-w3ey"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-bbq5-1gpd-nqeh"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cygw-grtf-nydk"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-s37h-qzm1-zubw"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wrts-u1xj-fyec"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xjhj-6qe7-hbe6"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.2.4"}],"aliases":["CVE-2010-4534","GHSA-fwr5-q9rx-294f","PYSEC-2011-28","PYSEC-2011-8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ndqd-kuk7-w3ap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200855?format=json","vulnerability_id":"VCID-neyk-7kmz-wqc9","summary":"Improper date handling in Django","references":[{"reference_url":"http://code.djangoproject.com/changeset/15032","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://code.djangoproject.com/changeset/15032"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053041.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053041.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053072.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053072.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4535","reference_id":"","reference_type":"","scores":[{"value":"0.04746","scoring_system":"epss","scoring_elements":"0.89663","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4535"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=665373","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=665373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4535"},{"reference_url":"http://secunia.com/advisories/42715","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://secunia.com/advisories/42715"},{"reference_url":"http://secunia.com/advisories/42827","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://secunia.com/advisories/42827"},{"reference_url":"http://secunia.com/advisories/42913","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://secunia.com/advisories/42913"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/7f8dd9cbac074389af8d8fd235bf2cb657227b9a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/7f8dd9cbac074389af8d8fd235bf2cb657227b9a"},{"reference_url":"https://github.com/django/django/commit/d5d8942a160685c403d381a279e72e09de5489a9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/d5d8942a160685c403d381a279e72e09de5489a9"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-29.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-29.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-9.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-9.yaml"},{"reference_url":"https://web.archive.org/web/20200228193349/http://www.securityfocus.com/bid/45563","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228193349/http://www.securityfocus.com/bid/45563"},{"reference_url":"http://www.djangoproject.com/weblog/2010/dec/22/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.djangoproject.com/weblog/2010/dec/22/security"},{"reference_url":"http://www.djangoproject.com/weblog/2010/dec/22/security/","reference_id":"","reference_type":"","scores":[],"url":"http://www.djangoproject.com/weblog/2010/dec/22/security/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/12/23/4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2010/12/23/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/01/03/5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2011/01/03/5"},{"reference_url":"http://www.securityfocus.com/bid/45563","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/45563"},{"reference_url":"http://www.ubuntu.com/usn/USN-1040-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-1040-1"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0048","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vupen.com/english/advisories/2011/0048"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0098","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vupen.com/english/advisories/2011/0098"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4535","reference_id":"CVE-2010-4535","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4535"},{"reference_url":"https://github.com/advisories/GHSA-7wph-fc4w-wqp2","reference_id":"GHSA-7wph-fc4w-wqp2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7wph-fc4w-wqp2"},{"reference_url":"https://usn.ubuntu.com/1040-1/","reference_id":"USN-1040-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1040-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13277?format=json","purl":"pkg:pypi/django@1.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4b76-zn8f-sfd1"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-76b8-e9q1-w3ey"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-bbq5-1gpd-nqeh"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cygw-grtf-nydk"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-s37h-qzm1-zubw"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wrts-u1xj-fyec"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xjhj-6qe7-hbe6"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13278?format=json","purl":"pkg:pypi/django@1.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4b76-zn8f-sfd1"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-76b8-e9q1-w3ey"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-bbq5-1gpd-nqeh"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cygw-grtf-nydk"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-s37h-qzm1-zubw"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wrts-u1xj-fyec"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xjhj-6qe7-hbe6"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.2.4"}],"aliases":["CVE-2010-4535","GHSA-7wph-fc4w-wqp2","PYSEC-2011-29","PYSEC-2011-9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-neyk-7kmz-wqc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202364?format=json","vulnerability_id":"VCID-pa7r-7c7r-wfbp","summary":"The (1) django.http.HttpResponseRedirect and (2) django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a data: URL.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3442","reference_id":"","reference_type":"","scores":[{"value":"0.00496","scoring_system":"epss","scoring_elements":"0.66257","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3442"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3442","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3442"},{"reference_url":"https://github.com/advisories/GHSA-78vx-ggch-wghm","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-78vx-ggch-wghm"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/4dea4883e6c50d75f215a6b9bcbd95273f57c72d","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/4dea4883e6c50d75f215a6b9bcbd95273f57c72d"},{"reference_url":"https://github.com/django/django/commit/e34685034b60be1112160e76091e5aee60149fa1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/e34685034b60be1112160e76091e5aee60149fa1"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-2.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2012-2.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3442","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3442"},{"reference_url":"https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued"},{"reference_url":"https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/"},{"reference_url":"http://www.debian.org/security/2012/dsa-2529","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2012/dsa-2529"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:143","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:143"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/31/1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/07/31/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/31/2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/07/31/2"},{"reference_url":"http://www.ubuntu.com/usn/USN-1560-1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-1560-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364","reference_id":"683364","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364"},{"reference_url":"https://usn.ubuntu.com/1560-1/","reference_id":"USN-1560-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1560-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45661?format=json","purl":"pkg:pypi/django@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7vck-9u91-1yca"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-ejv6-3fkp-a7ba"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-qwdg-jeya-fuer"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ywr3-fe5b-ybek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/45663?format=json","purl":"pkg:pypi/django@1.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7kbt-73z6-wfar"},{"vulnerability":"VCID-7vck-9u91-1yca"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8h18-d5hr-rqas"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dr33-d1ck-wycg"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-ejv6-3fkp-a7ba"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-p1ft-8wjr-k7fh"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-qwdg-jeya-fuer"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v7kk-jbkz-77hf"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-yefp-r2s6-e7fe"},{"vulnerability":"VCID-ywr3-fe5b-ybek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.1"}],"aliases":["CVE-2012-3442","GHSA-78vx-ggch-wghm","PYSEC-2012-2"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pa7r-7c7r-wfbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200877?format=json","vulnerability_id":"VCID-s37h-qzm1-zubw","summary":"Session manipulation in Django","references":[{"reference_url":"http://openwall.com/lists/oss-security/2011/09/11/1","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/09/11/1"},{"reference_url":"http://openwall.com/lists/oss-security/2011/09/13/2","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/09/13/2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4136","reference_id":"","reference_type":"","scores":[{"value":"0.01195","scoring_system":"epss","scoring_elements":"0.79278","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4136"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=737366","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=737366"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4136","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4136"},{"reference_url":"http://secunia.com/advisories/46614","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/46614"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/ac7c3a110f906e4dfed3a17451bf7fd9fcb81296","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/ac7c3a110f906e4dfed3a17451bf7fd9fcb81296"},{"reference_url":"https://github.com/django/django/commit/fbe2eead2fa9d808658ca582241bcacb02618840","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/fbe2eead2fa9d808658ca582241bcacb02618840"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-1.yaml"},{"reference_url":"https://hermes.opensuse.org/messages/14700881","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hermes.opensuse.org/messages/14700881"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/09","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2011/sep/09"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2011/sep/09/"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/10/127","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2011/sep/10/127"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/10/127/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2011/sep/10/127/"},{"reference_url":"http://www.debian.org/security/2011/dsa-2332","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2011/dsa-2332"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641405","reference_id":"641405","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641405"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4136","reference_id":"CVE-2011-4136","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4136"},{"reference_url":"https://github.com/advisories/GHSA-x88j-93vc-wpmp","reference_id":"GHSA-x88j-93vc-wpmp","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x88j-93vc-wpmp"},{"reference_url":"https://usn.ubuntu.com/1297-1/","reference_id":"USN-1297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1297-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13265?format=json","purl":"pkg:pypi/django@1.2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/13264?format=json","purl":"pkg:pypi/django@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7vck-9u91-1yca"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-ejv6-3fkp-a7ba"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-qwdg-jeya-fuer"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ywr3-fe5b-ybek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.3.1"}],"aliases":["CVE-2011-4136","GHSA-x88j-93vc-wpmp","PYSEC-2011-1"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s37h-qzm1-zubw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110486?format=json","vulnerability_id":"VCID-ss1p-jz2s-wyh7","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-0456.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-0456.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-0457.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-0457.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0474.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0474.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0474","reference_id":"","reference_type":"","scores":[{"value":"0.03963","scoring_system":"epss","scoring_elements":"0.88635","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730"},{"reference_url":"http://secunia.com/advisories/61281","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61281"},{"reference_url":"https://github.com/advisories/GHSA-wqjj-hx84-v449","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wqjj-hx84-v449"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/5f0829a27e85d89ad8c433f5c6a7a7d17c9e9292","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/5f0829a27e85d89ad8c433f5c6a7a7d17c9e9292"},{"reference_url":"https://github.com/django/django/commit/985434fb1d6bf2335bf96c6ebf91c3674f1f399f","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/985434fb1d6bf2335bf96c6ebf91c3674f1f399f"},{"reference_url":"https://github.com/django/django/commit/aa80f498de6d687e613860933ac58433ab71ea4b","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/aa80f498de6d687e613860933ac58433ab71ea4b"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-3.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-3.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0474","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0474"},{"reference_url":"https://www.djangoproject.com/weblog/2014/apr/21/security","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2014/apr/21/security"},{"reference_url":"https://www.djangoproject.com/weblog/2014/apr/21/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2014/apr/21/security/"},{"reference_url":"http://www.debian.org/security/2014/dsa-2934","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-2934"},{"reference_url":"http://www.ubuntu.com/usn/USN-2169-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2169-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1090593","reference_id":"1090593","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1090593"},{"reference_url":"https://security.gentoo.org/glsa/201406-26","reference_id":"GLSA-201406-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0456","reference_id":"RHSA-2014:0456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0457","reference_id":"RHSA-2014:0457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0457"},{"reference_url":"https://usn.ubuntu.com/2169-1/","reference_id":"USN-2169-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2169-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/46458?format=json","purl":"pkg:pypi/django@1.4.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dr33-d1ck-wycg"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v7kk-jbkz-77hf"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.11"},{"url":"http://public2.vulnerablecode.io/api/packages/46459?format=json","purl":"pkg:pypi/django@1.5.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dr33-d1ck-wycg"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v7kk-jbkz-77hf"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5.6"},{"url":"http://public2.vulnerablecode.io/api/packages/46460?format=json","purl":"pkg:pypi/django@1.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dr33-d1ck-wycg"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v7kk-jbkz-77hf"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.3"}],"aliases":["CVE-2014-0474","GHSA-wqjj-hx84-v449","PYSEC-2014-3"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ss1p-jz2s-wyh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200844?format=json","vulnerability_id":"VCID-suxb-fvaf-2ug4","summary":"The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows remote attackers to cause a denial of service (memory consumption) via many HTTP requests with large Accept-Language headers.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5712.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5712.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5712","reference_id":"","reference_type":"","scores":[{"value":"0.01815","scoring_system":"epss","scoring_elements":"0.83253","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5712"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5712"},{"reference_url":"http://secunia.com/advisories/27435","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27435"},{"reference_url":"http://secunia.com/advisories/27597","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27597"},{"reference_url":"http://secunia.com/advisories/31961","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31961"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/38143","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/38143"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/412ed22502e11c50dbfee854627594f0e7e2c234","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/412ed22502e11c50dbfee854627594f0e7e2c234"},{"reference_url":"https://github.com/django/django/commit/7dd2dd08a79e388732ce00e2b5514f15bd6d0f6f","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/7dd2dd08a79e388732ce00e2b5514f15bd6d0f6f"},{"reference_url":"https://github.com/django/django/commit/8bc36e726c9e8c75c681d3ad232df8e882aaac81","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/8bc36e726c9e8c75c681d3ad232df8e882aaac81"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2007-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2007-1.yaml"},{"reference_url":"http://sourceforge.net/forum/forum.php?forum_id=749199","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sourceforge.net/forum/forum.php?forum_id=749199"},{"reference_url":"https://web.archive.org/web/20091201070224/http://secunia.com/advisories/27435","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20091201070224/http://secunia.com/advisories/27435"},{"reference_url":"https://web.archive.org/web/20111224195100/http://secunia.com/advisories/27597","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20111224195100/http://secunia.com/advisories/27597"},{"reference_url":"https://web.archive.org/web/20111229085535/http://secunia.com/advisories/31961","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20111229085535/http://secunia.com/advisories/31961"},{"reference_url":"https://web.archive.org/web/20200228183657/http://www.securityfocus.com/bid/26227","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228183657/http://www.securityfocus.com/bid/26227"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00243.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00243.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00257.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00257.html"},{"reference_url":"http://www.debian.org/security/2008/dsa-1640","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2008/dsa-1640"},{"reference_url":"http://www.djangoproject.com/weblog/2007/oct/26/security-fix","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.djangoproject.com/weblog/2007/oct/26/security-fix"},{"reference_url":"http://www.securityfocus.com/bid/26227","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/26227"},{"reference_url":"http://www.vupen.com/english/advisories/2007/3660","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/3660"},{"reference_url":"http://www.vupen.com/english/advisories/2007/3661","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/3661"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=357051","reference_id":"357051","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=357051"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448838","reference_id":"448838","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448838"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5712","reference_id":"CVE-2007-5712","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-5712"},{"reference_url":"https://github.com/advisories/GHSA-9v8h-57gv-qch6","reference_id":"GHSA-9v8h-57gv-qch6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9v8h-57gv-qch6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13259?format=json","purl":"pkg:pypi/django@1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4b76-zn8f-sfd1"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-6xp2-48m8-byfr"},{"vulnerability":"VCID-76b8-e9q1-w3ey"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-bbq5-1gpd-nqeh"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cygw-grtf-nydk"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-gze2-htrx-vqdb"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ndqd-kuk7-w3ap"},{"vulnerability":"VCID-neyk-7kmz-wqc9"},{"vulnerability":"VCID-nhzy-7qdm-wbg8"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-p1ft-8wjr-k7fh"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-s37h-qzm1-zubw"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wrts-u1xj-fyec"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xjhj-6qe7-hbe6"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.1"}],"aliases":["CVE-2007-5712","GHSA-9v8h-57gv-qch6","PYSEC-2007-1"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-suxb-fvaf-2ug4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110503?format=json","vulnerability_id":"VCID-ted5-qgyr-7ucf","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0482.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0482.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0482","reference_id":"","reference_type":"","scores":[{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72714","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483"},{"reference_url":"http://secunia.com/advisories/59782","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/59782"},{"reference_url":"http://secunia.com/advisories/61276","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61276"},{"reference_url":"http://secunia.com/advisories/61281","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61281"},{"reference_url":"https://github.com/advisories/GHSA-625g-gx8c-xcmg","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-625g-gx8c-xcmg"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/blob/aa3cb3f37265be37d892e2b391ff023e9caee2a4/docs/releases/1.5.9.txt#L42","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/blob/aa3cb3f37265be37d892e2b391ff023e9caee2a4/docs/releases/1.5.9.txt#L42"},{"reference_url":"https://github.com/django/django/commit/0268b855f9eab3377f2821164ef3e66037789e09","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/0268b855f9eab3377f2821164ef3e66037789e09"},{"reference_url":"https://github.com/django/django/commit/5307ce565fbedb9cc27cbe7c757b41a00438d37c","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/5307ce565fbedb9cc27cbe7c757b41a00438d37c"},{"reference_url":"https://github.com/django/django/commit/c9e3b9949cd55f090591fbdc4a114fcb8368b6d9","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c9e3b9949cd55f090591fbdc4a114fcb8368b6d9"},{"reference_url":"https://github.com/django/django/commit/dd68f319b365f6cb38c5a6c106faf4f6142d7d88","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/dd68f319b365f6cb38c5a6c106faf4f6142d7d88"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-6.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-6.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0482","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0482"},{"reference_url":"https://www.djangoproject.com/weblog/2014/aug/20/security","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2014/aug/20/security"},{"reference_url":"https://www.djangoproject.com/weblog/2014/aug/20/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2014/aug/20/security/"},{"reference_url":"http://www.debian.org/security/2014/dsa-3010","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-3010"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1129954","reference_id":"1129954","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1129954"},{"reference_url":"https://security.gentoo.org/glsa/201412-22","reference_id":"GLSA-201412-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-22"},{"reference_url":"https://usn.ubuntu.com/2347-1/","reference_id":"USN-2347-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2347-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/46858?format=json","purl":"pkg:pypi/django@1.4.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.14"},{"url":"http://public2.vulnerablecode.io/api/packages/46859?format=json","purl":"pkg:pypi/django@1.5.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5.9"},{"url":"http://public2.vulnerablecode.io/api/packages/46860?format=json","purl":"pkg:pypi/django@1.6.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.6"},{"url":"http://public2.vulnerablecode.io/api/packages/384852?format=json","purl":"pkg:pypi/django@1.7rc3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7rc3"}],"aliases":["CVE-2014-0482","GHSA-625g-gx8c-xcmg","PYSEC-2014-6"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ted5-qgyr-7ucf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110483?format=json","vulnerability_id":"VCID-tr9m-84nc-x3cw","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-0456.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-0456.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-0457.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-0457.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0472.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0472.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0472","reference_id":"","reference_type":"","scores":[{"value":"0.06894","scoring_system":"epss","scoring_elements":"0.91586","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730"},{"reference_url":"http://secunia.com/advisories/61281","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61281"},{"reference_url":"https://github.com/advisories/GHSA-rvq6-mrpv-m6rm","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rvq6-mrpv-m6rm"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/2a5bcb69f42b84464b24b5c835dca6467b6aa7f1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/2a5bcb69f42b84464b24b5c835dca6467b6aa7f1"},{"reference_url":"https://github.com/django/django/commit/4352a50871e239ebcdf64eee6f0b88e714015c1b","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/4352a50871e239ebcdf64eee6f0b88e714015c1b"},{"reference_url":"https://github.com/django/django/commit/c1a8c420fe4b27fb2caf5e46d23b5712fc0ac535","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c1a8c420fe4b27fb2caf5e46d23b5712fc0ac535"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-1.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0472","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0472"},{"reference_url":"https://www.djangoproject.com/weblog/2014/apr/21/security","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2014/apr/21/security"},{"reference_url":"https://www.djangoproject.com/weblog/2014/apr/21/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2014/apr/21/security/"},{"reference_url":"http://www.debian.org/security/2014/dsa-2934","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-2934"},{"reference_url":"http://www.ubuntu.com/usn/USN-2169-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2169-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1090588","reference_id":"1090588","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1090588"},{"reference_url":"https://security.gentoo.org/glsa/201406-26","reference_id":"GLSA-201406-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0456","reference_id":"RHSA-2014:0456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0457","reference_id":"RHSA-2014:0457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0457"},{"reference_url":"https://usn.ubuntu.com/2169-1/","reference_id":"USN-2169-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2169-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/46458?format=json","purl":"pkg:pypi/django@1.4.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dr33-d1ck-wycg"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v7kk-jbkz-77hf"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.11"},{"url":"http://public2.vulnerablecode.io/api/packages/46459?format=json","purl":"pkg:pypi/django@1.5.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dr33-d1ck-wycg"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v7kk-jbkz-77hf"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5.6"},{"url":"http://public2.vulnerablecode.io/api/packages/46460?format=json","purl":"pkg:pypi/django@1.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dr33-d1ck-wycg"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v7kk-jbkz-77hf"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.3"}],"aliases":["CVE-2014-0472","GHSA-rvq6-mrpv-m6rm","PYSEC-2014-1"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tr9m-84nc-x3cw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20512?format=json","vulnerability_id":"VCID-tudc-7sgh-nkda","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45231.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45231.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45231","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46576","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/3c733c78d6f8e50296d6e248968b6516c92a53ca","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/3c733c78d6f8e50296d6e248968b6516c92a53ca"},{"reference_url":"https://github.com/django/django/commit/96d84047715ea1715b4bd1594e46122b8a77b9e2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/96d84047715ea1715b4bd1594e46122b8a77b9e2"},{"reference_url":"https://github.com/django/django/commit/bf4888d317ba4506d091eeac6e8b4f1fcc731199","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/bf4888d317ba4506d091eeac6e8b4f1fcc731199"},{"reference_url":"https://www.djangoproject.com/weblog/2024/sep/03/security-releases","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2024/sep/03/security-releases"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2314496","reference_id":"2314496","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2314496"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45231","reference_id":"CVE-2024-45231","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45231"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"django-announce","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:35:34Z/"}],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://github.com/advisories/GHSA-rrqc-c2jx-6jgv","reference_id":"GHSA-rrqc-c2jx-6jgv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rrqc-c2jx-6jgv"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"security","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:35:34Z/"}],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://www.djangoproject.com/weblog/2024/sep/03/security-releases/","reference_id":"security-releases","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:35:34Z/"}],"url":"https://www.djangoproject.com/weblog/2024/sep/03/security-releases/"},{"reference_url":"https://usn.ubuntu.com/6987-1/","reference_id":"USN-6987-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6987-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33732?format=json","purl":"pkg:pypi/django@4.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13q1-fzeg-bfd9"},{"vulnerability":"VCID-4xtu-yeh2-pbc8"},{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"},{"vulnerability":"VCID-a4fn-xf8s-tye5"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dh5p-grha-r7a2"},{"vulnerability":"VCID-dqpz-q718-pkas"},{"vulnerability":"VCID-e331-cbgc-hubm"},{"vulnerability":"VCID-fwwm-7y13-y3dx"},{"vulnerability":"VCID-hb8n-gwz6-9yd9"},{"vulnerability":"VCID-jdjc-ygtk-c7hv"},{"vulnerability":"VCID-mja4-jz67-kbh6"},{"vulnerability":"VCID-pmhc-yu6r-uudy"},{"vulnerability":"VCID-pn2d-2euz-pudt"},{"vulnerability":"VCID-q3sw-jd7p-1yg1"},{"vulnerability":"VCID-r3dj-t213-jyhh"},{"vulnerability":"VCID-s9u4-39qe-pkh2"},{"vulnerability":"VCID-sbwy-buwj-gkd2"},{"vulnerability":"VCID-wwzx-eujh-sye1"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-z3vg-rtt7-vuem"},{"vulnerability":"VCID-zr7g-1xkm-fqdw"},{"vulnerability":"VCID-zztc-4be5-fker"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.16"},{"url":"http://public2.vulnerablecode.io/api/packages/33731?format=json","purl":"pkg:pypi/django@5.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6wvp-47qa-m7bc"},{"vulnerability":"VCID-a4fn-xf8s-tye5"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-mja4-jz67-kbh6"},{"vulnerability":"VCID-wwzx-eujh-sye1"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-z3vg-rtt7-vuem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/33730?format=json","purl":"pkg:pypi/django@5.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6wvp-47qa-m7bc"},{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"},{"vulnerability":"VCID-a4fn-xf8s-tye5"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-fwwm-7y13-y3dx"},{"vulnerability":"VCID-mja4-jz67-kbh6"},{"vulnerability":"VCID-pmhc-yu6r-uudy"},{"vulnerability":"VCID-s9u4-39qe-pkh2"},{"vulnerability":"VCID-wwzx-eujh-sye1"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-z3vg-rtt7-vuem"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.1"}],"aliases":["CVE-2024-45231","GHSA-rrqc-c2jx-6jgv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tudc-7sgh-nkda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/121898?format=json","vulnerability_id":"VCID-u3v4-y55z-xkbq","summary":"security update","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0502.html","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0502.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0504.html","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0504.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0505.html","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0505.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0506.html","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0506.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2513.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2513.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2513","reference_id":"","reference_type":"","scores":[{"value":"0.0125","scoring_system":"epss","scoring_elements":"0.79743","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2512","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513"},{"reference_url":"https://github.com/advisories/GHSA-fp6p-5xvw-m74f","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fp6p-5xvw-m74f"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/67b46ba7016da2d259c1ecc7d666d11f5e1cfaab","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/67b46ba7016da2d259c1ecc7d666d11f5e1cfaab"},{"reference_url":"https://github.com/django/django/commit/af7d09b0c5c6ab68e629fd9baf736f9dd203b18e","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/af7d09b0c5c6ab68e629fd9baf736f9dd203b18e"},{"reference_url":"https://github.com/django/django/commit/f4e6e02f7713a6924d16540be279909ff4091eb6","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/f4e6e02f7713a6924d16540be279909ff4091eb6"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-16.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-16.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2513","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2513"},{"reference_url":"https://web.archive.org/web/20160322001143/http://www.securitytracker.com/id/1035152","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20160322001143/http://www.securitytracker.com/id/1035152"},{"reference_url":"https://web.archive.org/web/20200228001222/http://www.securityfocus.com/bid/83878","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228001222/http://www.securityfocus.com/bid/83878"},{"reference_url":"https://www.djangoproject.com/weblog/2016/mar/01/security-releases","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2016/mar/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2016/mar/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2016/mar/01/security-releases/"},{"reference_url":"http://www.debian.org/security/2016/dsa-3544","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2016/dsa-3544"},{"reference_url":"http://www.securityfocus.com/bid/83878","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/83878"},{"reference_url":"http://www.securitytracker.com/id/1035152","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035152"},{"reference_url":"http://www.ubuntu.com/usn/USN-2915-1","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2915-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2915-2","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2915-2"},{"reference_url":"http://www.ubuntu.com/usn/USN-2915-3","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2915-3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311438","reference_id":"1311438","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1311438"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816434","reference_id":"816434","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0502","reference_id":"RHSA-2016:0502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0503","reference_id":"RHSA-2016:0503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0504","reference_id":"RHSA-2016:0504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0504"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0505","reference_id":"RHSA-2016:0505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0506","reference_id":"RHSA-2016:0506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0506"},{"reference_url":"https://usn.ubuntu.com/2915-1/","reference_id":"USN-2915-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2915-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47608?format=json","purl":"pkg:pypi/django@1.8.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-577n-ucjg-9udw"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-ud47-2t6q-pycj"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.10"},{"url":"http://public2.vulnerablecode.io/api/packages/47610?format=json","purl":"pkg:pypi/django@1.9.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.3"}],"aliases":["CVE-2016-2513","GHSA-fp6p-5xvw-m74f","PYSEC-2016-16"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u3v4-y55z-xkbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/114303?format=json","vulnerability_id":"VCID-u7zv-f4c1-xya2","summary":"security update","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2015-0026.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://advisories.mageia.org/MGASA-2015-0026.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0221.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0221.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0221","reference_id":"","reference_type":"","scores":[{"value":"0.07842","scoring_system":"epss","scoring_elements":"0.9218","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0221"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0219","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0219"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0220","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0220"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0221"},{"reference_url":"http://secunia.com/advisories/62285","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62285"},{"reference_url":"http://secunia.com/advisories/62309","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62309"},{"reference_url":"http://secunia.com/advisories/62718","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62718"},{"reference_url":"https://github.com/advisories/GHSA-jhjg-w2cp-5j44","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-jhjg-w2cp-5j44"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/blob/9b9c805cedb08621bd5dc58a01a6478eb7cc49a9/docs/releases/1.4.18.txt#L48C1-L49C1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/blob/9b9c805cedb08621bd5dc58a01a6478eb7cc49a9/docs/releases/1.4.18.txt#L48C1-L49C1"},{"reference_url":"https://github.com/django/django/commit/553779c4055e8742cc832ed525b9ee34b174934f","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/553779c4055e8742cc832ed525b9ee34b174934f"},{"reference_url":"https://github.com/django/django/commit/818e59a3f0fbadf6c447754d202d88df025f8f2a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/818e59a3f0fbadf6c447754d202d88df025f8f2a"},{"reference_url":"https://github.com/django/django/commit/d020da6646c5142bc092247d218a3d1ce3e993f7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/d020da6646c5142bc092247d218a3d1ce3e993f7"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-6.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-6.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-0221","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-0221"},{"reference_url":"https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62285","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62285"},{"reference_url":"https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62309","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150128111656/http://secunia.com/advisories/62309"},{"reference_url":"https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150523054951/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:109/?name=MDVSA-2015:109"},{"reference_url":"https://web.archive.org/web/20150523054953/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:036/?name=MDVSA-2015:036","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150523054953/http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015:036/?name=MDVSA-2015:036"},{"reference_url":"https://web.archive.org/web/20151104201446/http://secunia.com/advisories/62718","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20151104201446/http://secunia.com/advisories/62718"},{"reference_url":"https://www.djangoproject.com/weblog/2015/jan/13/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2015/jan/13/security"},{"reference_url":"https://www.djangoproject.com/weblog/2015/jan/13/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2015/jan/13/security/"},{"reference_url":"http://ubuntu.com/usn/usn-2469-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://ubuntu.com/usn/usn-2469-1"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:036","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:036"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:109","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:109"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179679","reference_id":"1179679","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179679"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375","reference_id":"775375","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775375"},{"reference_url":"https://usn.ubuntu.com/2469-1/","reference_id":"USN-2469-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2469-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47120?format=json","purl":"pkg:pypi/django@1.4.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.18"},{"url":"http://public2.vulnerablecode.io/api/packages/47121?format=json","purl":"pkg:pypi/django@1.6.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.10"},{"url":"http://public2.vulnerablecode.io/api/packages/47122?format=json","purl":"pkg:pypi/django@1.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.3"}],"aliases":["CVE-2015-0221","GHSA-jhjg-w2cp-5j44","PYSEC-2015-6"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u7zv-f4c1-xya2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9580?format=json","vulnerability_id":"VCID-u9dr-ca2g-e3hk","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33203.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33203.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33203","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34225","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33203"},{"reference_url":"https://docs.djangoproject.com/en/3.2/releases/security","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/3.2/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/3.2/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/3.2/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-68w8-qjq3-2gfm","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-68w8-qjq3-2gfm"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90"},{"reference_url":"https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f"},{"reference_url":"https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33203","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33203"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210727-0004","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20210727-0004"},{"reference_url":"https://www.djangoproject.com/weblog/2021/jun/02/security-releases","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2021/jun/02/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2021/jun/02/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2021/jun/02/security-releases/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966251","reference_id":"1966251","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966251"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394","reference_id":"989394","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394"},{"reference_url":"https://security.archlinux.org/ASA-202106-41","reference_id":"ASA-202106-41","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-41"},{"reference_url":"https://security.archlinux.org/AVG-2026","reference_id":"AVG-2026","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2026"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3490","reference_id":"RHSA-2021:3490","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3490"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4702","reference_id":"RHSA-2021:4702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5070","reference_id":"RHSA-2021:5070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5070"},{"reference_url":"https://usn.ubuntu.com/4975-1/","reference_id":"USN-4975-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4975-1/"},{"reference_url":"https://usn.ubuntu.com/4975-2/","reference_id":"USN-4975-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4975-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/65110?format=json","purl":"pkg:pypi/django@2.2.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2sve-8b9b-hud7"},{"vulnerability":"VCID-38w8-jbku-eugu"},{"vulnerability":"VCID-6uja-brvn-rufw"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cece-1mun-ckgh"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-gtkn-prux-vbdb"},{"vulnerability":"VCID-j3bz-6jqe-ffgm"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-w3dy-chny-5fbc"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ymm2-ns18-wkcw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24"},{"url":"http://public2.vulnerablecode.io/api/packages/65111?format=json","purl":"pkg:pypi/django@3.1.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-28ff-ng96-5ugk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-j3bz-6jqe-ffgm"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12"},{"url":"http://public2.vulnerablecode.io/api/packages/65112?format=json","purl":"pkg:pypi/django@3.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19se-3ng9-c7bw"},{"vulnerability":"VCID-28ff-ng96-5ugk"},{"vulnerability":"VCID-2sve-8b9b-hud7"},{"vulnerability":"VCID-38w8-jbku-eugu"},{"vulnerability":"VCID-6tdg-t4nv-sbha"},{"vulnerability":"VCID-6uja-brvn-rufw"},{"vulnerability":"VCID-7spe-cayc-4qb4"},{"vulnerability":"VCID-9ge1-u71f-rbaw"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cece-1mun-ckgh"},{"vulnerability":"VCID-d2cw-526n-mbem"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-fmpr-bhrf-17gm"},{"vulnerability":"VCID-gtkn-prux-vbdb"},{"vulnerability":"VCID-j3bz-6jqe-ffgm"},{"vulnerability":"VCID-j4rs-235r-dkfj"},{"vulnerability":"VCID-jspj-r34n-jubz"},{"vulnerability":"VCID-nhzy-7qdm-wbg8"},{"vulnerability":"VCID-qsme-8a2n-23fs"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-ufv7-y5a7-fugg"},{"vulnerability":"VCID-w3dy-chny-5fbc"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ymm2-ns18-wkcw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4"}],"aliases":["BIT-django-2021-33203","CVE-2021-33203","GHSA-68w8-qjq3-2gfm","PYSEC-2021-98"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u9dr-ca2g-e3hk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201040?format=json","vulnerability_id":"VCID-v1nx-71fb-uka9","summary":"Cross-site scripting (XSS) vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2302.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2302.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2302","reference_id":"","reference_type":"","scores":[{"value":"0.00441","scoring_system":"epss","scoring_elements":"0.63634","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2302"},{"reference_url":"http://secunia.com/advisories/30250","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30250"},{"reference_url":"http://secunia.com/advisories/30291","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30291"},{"reference_url":"http://securitytracker.com/id?1020028","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1020028"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42396","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42396"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/50ce7fb57d79e8940ccf6e2781f2f01df029b5c5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/50ce7fb57d79e8940ccf6e2781f2f01df029b5c5"},{"reference_url":"https://github.com/django/django/commit/6e657e2c404a96e744748209e896d8a69c15fdf2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/6e657e2c404a96e744748209e896d8a69c15fdf2"},{"reference_url":"https://github.com/django/django/commit/7791e5c050cebf86d868c5dab7092185b125fdc9","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/7791e5c050cebf86d868c5dab7092185b125fdc9"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2008-1.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2008-1.yaml"},{"reference_url":"https://web.archive.org/web/20080725022008/http://secunia.com/advisories/30291","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20080725022008/http://secunia.com/advisories/30291"},{"reference_url":"https://web.archive.org/web/20081012011038/http://secunia.com/advisories/30250","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20081012011038/http://secunia.com/advisories/30250"},{"reference_url":"https://web.archive.org/web/20170222015451/http://securitytracker.com/id?1020028","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20170222015451/http://securitytracker.com/id?1020028"},{"reference_url":"https://web.archive.org/web/20200228153339/http://www.securityfocus.com/bid/29209","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228153339/http://www.securityfocus.com/bid/29209"},{"reference_url":"http://www.djangoproject.com/weblog/2008/may/14/security","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.djangoproject.com/weblog/2008/may/14/security"},{"reference_url":"http://www.djangoproject.com/weblog/2008/may/14/security/","reference_id":"","reference_type":"","scores":[],"url":"http://www.djangoproject.com/weblog/2008/may/14/security/"},{"reference_url":"http://www.securityfocus.com/bid/29209","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29209"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1618","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1618"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=446402","reference_id":"446402","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=446402"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481164","reference_id":"481164","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481164"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2302","reference_id":"CVE-2008-2302","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2302"},{"reference_url":"https://github.com/advisories/GHSA-54qj-48vx-cr9f","reference_id":"GHSA-54qj-48vx-cr9f","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-54qj-48vx-cr9f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13259?format=json","purl":"pkg:pypi/django@1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4b76-zn8f-sfd1"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-6xp2-48m8-byfr"},{"vulnerability":"VCID-76b8-e9q1-w3ey"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-bbq5-1gpd-nqeh"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cygw-grtf-nydk"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-gze2-htrx-vqdb"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ndqd-kuk7-w3ap"},{"vulnerability":"VCID-neyk-7kmz-wqc9"},{"vulnerability":"VCID-nhzy-7qdm-wbg8"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-p1ft-8wjr-k7fh"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-s37h-qzm1-zubw"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wrts-u1xj-fyec"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xjhj-6qe7-hbe6"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.1"}],"aliases":["CVE-2008-2302","GHSA-54qj-48vx-cr9f","PYSEC-2008-1"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v1nx-71fb-uka9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8744?format=json","vulnerability_id":"VCID-v9gk-3pqk-a7cr","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7471.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7471.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-7471","reference_id":"","reference_type":"","scores":[{"value":"0.1537","scoring_system":"epss","scoring_elements":"0.94794","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-7471"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7471","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7471"},{"reference_url":"https://docs.djangoproject.com/en/3.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/3.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/3.0/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/3.0/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd"},{"reference_url":"https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b"},{"reference_url":"https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147"},{"reference_url":"https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/"},{"reference_url":"https://seclists.org/bugtraq/2020/Feb/30","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2020/Feb/30"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200221-0006","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20200221-0006"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200221-0006/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200221-0006/"},{"reference_url":"https://usn.ubuntu.com/4264-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4264-1"},{"reference_url":"https://usn.ubuntu.com/4264-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4264-1/"},{"reference_url":"https://www.debian.org/security/2020/dsa-4629","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2020/dsa-4629"},{"reference_url":"https://www.djangoproject.com/weblog/2020/feb/03/security-releases","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2020/feb/03/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2020/feb/03/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2020/feb/03/security-releases/"},{"reference_url":"https://www.openwall.com/lists/oss-security/2020/02/03/1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.openwall.com/lists/oss-security/2020/02/03/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/02/03/1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2020/02/03/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798515","reference_id":"1798515","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1798515"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581","reference_id":"950581","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581"},{"reference_url":"https://security.archlinux.org/ASA-202002-1","reference_id":"ASA-202002-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202002-1"},{"reference_url":"https://security.archlinux.org/AVG-1091","reference_id":"AVG-1091","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1091"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-7471","reference_id":"CVE-2020-7471","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-7471"},{"reference_url":"https://github.com/advisories/GHSA-hmr4-m2h5-33qx","reference_id":"GHSA-hmr4-m2h5-33qx","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hmr4-m2h5-33qx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/16099?format=json","purl":"pkg:pypi/django@1.11.28","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-vcqt-n2pk-kyeb"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.28"},{"url":"http://public2.vulnerablecode.io/api/packages/16098?format=json","purl":"pkg:pypi/django@2.2.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27gm-2u1q-skh1"},{"vulnerability":"VCID-2qu4-qayw-a7ec"},{"vulnerability":"VCID-2sve-8b9b-hud7"},{"vulnerability":"VCID-38w8-jbku-eugu"},{"vulnerability":"VCID-5zzj-9ez5-6ub1"},{"vulnerability":"VCID-6uja-brvn-rufw"},{"vulnerability":"VCID-9qxj-9mb9-7bcv"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cece-1mun-ckgh"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-djh3-m1t4-2qe1"},{"vulnerability":"VCID-dttw-t3a9-gbbn"},{"vulnerability":"VCID-gtkn-prux-vbdb"},{"vulnerability":"VCID-j3bz-6jqe-ffgm"},{"vulnerability":"VCID-nwtr-br34-qkbv"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-vc8c-7qn1-9uaz"},{"vulnerability":"VCID-vcqt-n2pk-kyeb"},{"vulnerability":"VCID-w3dy-chny-5fbc"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-x1qk-bs7j-63ch"},{"vulnerability":"VCID-x91x-cxp9-4fgp"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ymm2-ns18-wkcw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.10"},{"url":"http://public2.vulnerablecode.io/api/packages/16100?format=json","purl":"pkg:pypi/django@3.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-27gm-2u1q-skh1"},{"vulnerability":"VCID-28ff-ng96-5ugk"},{"vulnerability":"VCID-2qu4-qayw-a7ec"},{"vulnerability":"VCID-9qxj-9mb9-7bcv"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-djh3-m1t4-2qe1"},{"vulnerability":"VCID-dttw-t3a9-gbbn"},{"vulnerability":"VCID-j3bz-6jqe-ffgm"},{"vulnerability":"VCID-nwtr-br34-qkbv"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-vc8c-7qn1-9uaz"},{"vulnerability":"VCID-vcqt-n2pk-kyeb"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-x1qk-bs7j-63ch"},{"vulnerability":"VCID-x91x-cxp9-4fgp"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.3"}],"aliases":["BIT-django-2020-7471","CVE-2020-7471","GHSA-hmr4-m2h5-33qx","PYSEC-2020-35"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v9gk-3pqk-a7cr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12228?format=json","vulnerability_id":"VCID-wpt2-535q-3yfe","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36359","reference_id":"","reference_type":"","scores":[{"value":"0.0113","scoring_system":"epss","scoring_elements":"0.78732","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22818","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22818"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28346","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28346"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28347","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28347"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34265","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34265"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41323"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.0/releases/security"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80"},{"reference_url":"https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3"},{"reference_url":"https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml"},{"reference_url":"https://groups.google.com/g/django-announce/c/8cz--gvaJr4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/django-announce/c/8cz--gvaJr4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220915-0008","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220915-0008"},{"reference_url":"https://www.debian.org/security/2022/dsa-5254","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5254"},{"reference_url":"https://www.djangoproject.com/weblog/2022/aug/03/security-releases","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2022/aug/03/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2022/aug/03/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2022/aug/03/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/08/03/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/08/03/1"},{"reference_url":"https://security.archlinux.org/AVG-2810","reference_id":"AVG-2810","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2810"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-36359","reference_id":"CVE-2022-36359","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-36359"},{"reference_url":"https://github.com/advisories/GHSA-8x94-hmjh-97hq","reference_id":"GHSA-8x94-hmjh-97hq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8x94-hmjh-97hq"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://usn.ubuntu.com/5549-1/","reference_id":"USN-5549-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5549-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25743?format=json","purl":"pkg:pypi/django@3.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19se-3ng9-c7bw"},{"vulnerability":"VCID-6tdg-t4nv-sbha"},{"vulnerability":"VCID-7spe-cayc-4qb4"},{"vulnerability":"VCID-9ge1-u71f-rbaw"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-d2cw-526n-mbem"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-j4rs-235r-dkfj"},{"vulnerability":"VCID-jspj-r34n-jubz"},{"vulnerability":"VCID-nhzy-7qdm-wbg8"},{"vulnerability":"VCID-qsme-8a2n-23fs"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-ufv7-y5a7-fugg"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.15"},{"url":"http://public2.vulnerablecode.io/api/packages/25744?format=json","purl":"pkg:pypi/django@4.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19se-3ng9-c7bw"},{"vulnerability":"VCID-6tdg-t4nv-sbha"},{"vulnerability":"VCID-7spe-cayc-4qb4"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-jspj-r34n-jubz"},{"vulnerability":"VCID-nhzy-7qdm-wbg8"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.7"}],"aliases":["BIT-django-2022-36359","CVE-2022-36359","GHSA-8x94-hmjh-97hq","PYSEC-2022-245"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wpt2-535q-3yfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202080?format=json","vulnerability_id":"VCID-wrts-u1xj-fyec","summary":"The verify_exists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 originally tests a URL's validity through a HEAD request, but then uses a GET request for the new target URL in the case of a redirect, which might allow remote attackers to trigger arbitrary GET requests with an unintended source IP address via a crafted Location header.","references":[{"reference_url":"http://openwall.com/lists/oss-security/2011/09/11/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/09/11/1"},{"reference_url":"http://openwall.com/lists/oss-security/2011/09/13/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/09/13/2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4138","reference_id":"","reference_type":"","scores":[{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70882","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4138"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=737366","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=737366"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4138"},{"reference_url":"http://secunia.com/advisories/46614","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/46614"},{"reference_url":"https://github.com/advisories/GHSA-wxg3-mfph-qg9w","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wxg3-mfph-qg9w"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/1a76dbefdfc60e2d5954c0ba614c3d054ba9c3f0","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/1a76dbefdfc60e2d5954c0ba614c3d054ba9c3f0"},{"reference_url":"https://github.com/django/django/commit/7268f8af86186518821d775c530d5558fd726930","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/7268f8af86186518821d775c530d5558fd726930"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-3.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-3.yaml"},{"reference_url":"https://hermes.opensuse.org/messages/14700881","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hermes.opensuse.org/messages/14700881"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4138","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4138"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/09","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2011/sep/09"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2011/sep/09/"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/10/127","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2011/sep/10/127"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/10/127/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2011/sep/10/127/"},{"reference_url":"http://www.debian.org/security/2011/dsa-2332","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2011/dsa-2332"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641405","reference_id":"641405","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641405"},{"reference_url":"https://usn.ubuntu.com/1297-1/","reference_id":"USN-1297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1297-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13265?format=json","purl":"pkg:pypi/django@1.2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/13264?format=json","purl":"pkg:pypi/django@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7vck-9u91-1yca"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-ejv6-3fkp-a7ba"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-qwdg-jeya-fuer"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ywr3-fe5b-ybek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.3.1"}],"aliases":["CVE-2011-4138","GHSA-wxg3-mfph-qg9w","PYSEC-2011-3"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wrts-u1xj-fyec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110502?format=json","vulnerability_id":"VCID-wvh5-z294-ffev","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0481.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0481.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0481","reference_id":"","reference_type":"","scores":[{"value":"0.01121","scoring_system":"epss","scoring_elements":"0.78656","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483"},{"reference_url":"http://secunia.com/advisories/59782","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/59782"},{"reference_url":"http://secunia.com/advisories/61276","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61276"},{"reference_url":"http://secunia.com/advisories/61281","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/61281"},{"reference_url":"https://github.com/advisories/GHSA-296w-6qhq-gf92","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-296w-6qhq-gf92"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/26cd48e166ac4d84317c8ee6d63ac52a87e8da99","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/26cd48e166ac4d84317c8ee6d63ac52a87e8da99"},{"reference_url":"https://github.com/django/django/commit/30042d475bf084c6723c6217a21598d9247a9c41","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/30042d475bf084c6723c6217a21598d9247a9c41"},{"reference_url":"https://github.com/django/django/commit/dd0c3f4ee1a30c1a1e6055061c6ba6e58c6b54d1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/dd0c3f4ee1a30c1a1e6055061c6ba6e58c6b54d1"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-5.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-5.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0481","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0481"},{"reference_url":"https://www.djangoproject.com/weblog/2014/aug/20/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2014/aug/20/security"},{"reference_url":"https://www.djangoproject.com/weblog/2014/aug/20/security/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2014/aug/20/security/"},{"reference_url":"http://www.debian.org/security/2014/dsa-3010","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2014/dsa-3010"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1129952","reference_id":"1129952","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1129952"},{"reference_url":"https://security.gentoo.org/glsa/201412-22","reference_id":"GLSA-201412-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-22"},{"reference_url":"https://usn.ubuntu.com/2347-1/","reference_id":"USN-2347-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2347-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/46858?format=json","purl":"pkg:pypi/django@1.4.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.14"},{"url":"http://public2.vulnerablecode.io/api/packages/46859?format=json","purl":"pkg:pypi/django@1.5.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5.9"},{"url":"http://public2.vulnerablecode.io/api/packages/46860?format=json","purl":"pkg:pypi/django@1.6.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-1zk7-jhxe-2kc4"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.6"}],"aliases":["CVE-2014-0481","GHSA-296w-6qhq-gf92","PYSEC-2014-5"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wvh5-z294-ffev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/115184?format=json","vulnerability_id":"VCID-xczb-x1dc-1fhc","summary":"security update","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155421.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155421.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160263.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160263.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2317.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2317.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2317","reference_id":"","reference_type":"","scores":[{"value":"0.02884","scoring_system":"epss","scoring_elements":"0.86618","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2317"},{"reference_url":"https://github.com/advisories/GHSA-7fq8-4pv5-5w5c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7fq8-4pv5-5w5c"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/2342693b31f740a422abf7267c53b4e7bc487c1b","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/2342693b31f740a422abf7267c53b4e7bc487c1b"},{"reference_url":"https://github.com/django/django/commit/2a4113dbd532ce952308992633d802dc169a75f1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/2a4113dbd532ce952308992633d802dc169a75f1"},{"reference_url":"https://github.com/django/django/commit/5510f070711540aaa8d3707776cd77494e688ef9","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/5510f070711540aaa8d3707776cd77494e688ef9"},{"reference_url":"https://github.com/django/django/commit/770427c2896a078925abfca2317486b284d22f04","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/770427c2896a078925abfca2317486b284d22f04"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-9.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-9.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-2317","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-2317"},{"reference_url":"https://web.archive.org/web/20200228131706/http://www.securityfocus.com/bid/73319","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228131706/http://www.securityfocus.com/bid/73319"},{"reference_url":"https://www.djangoproject.com/weblog/2015/mar/18/security-releases","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2015/mar/18/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2015/mar/18/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2015/mar/18/security-releases/"},{"reference_url":"http://ubuntu.com/usn/usn-2539-1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://ubuntu.com/usn/usn-2539-1"},{"reference_url":"http://www.debian.org/security/2015/dsa-3204","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3204"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:195","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:195"},{"reference_url":"http://www.securityfocus.com/bid/73319","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/73319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202818","reference_id":"1202818","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202818"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780873","reference_id":"780873","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780873"},{"reference_url":"https://usn.ubuntu.com/2539-1/","reference_id":"USN-2539-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2539-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47184?format=json","purl":"pkg:pypi/django@1.4.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.20"},{"url":"http://public2.vulnerablecode.io/api/packages/47186?format=json","purl":"pkg:pypi/django@1.6.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.6.11"},{"url":"http://public2.vulnerablecode.io/api/packages/47211?format=json","purl":"pkg:pypi/django@1.7.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.7"},{"url":"http://public2.vulnerablecode.io/api/packages/47212?format=json","purl":"pkg:pypi/django@1.8rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/404667?format=json","purl":"pkg:pypi/django@1.8c1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u2c7-nvng-eya1"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-ud47-2t6q-pycj"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-x3rb-wf8q-auer"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8c1"}],"aliases":["CVE-2015-2317","GHSA-7fq8-4pv5-5w5c","PYSEC-2015-9"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xczb-x1dc-1fhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202081?format=json","vulnerability_id":"VCID-xjhj-6qe7-hbe6","summary":"Django before 1.2.7 and 1.3.x before 1.3.1 uses a request's HTTP Host header to construct a full URL in certain circumstances, which allows remote attackers to conduct cache poisoning attacks via a crafted request.","references":[{"reference_url":"http://openwall.com/lists/oss-security/2011/09/11/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/09/11/1"},{"reference_url":"http://openwall.com/lists/oss-security/2011/09/13/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2011/09/13/2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4139","reference_id":"","reference_type":"","scores":[{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70882","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=737366","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=737366"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4139"},{"reference_url":"http://secunia.com/advisories/46614","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/46614"},{"reference_url":"https://github.com/advisories/GHSA-rm2j-x595-q9cj","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rm2j-x595-q9cj"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/2f7fadc38efa58ac0a8f93f936b82332a199f396","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/2f7fadc38efa58ac0a8f93f936b82332a199f396"},{"reference_url":"https://github.com/django/django/commit/c613af4d6485586c79d692b70a9acac429f3ca9d","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c613af4d6485586c79d692b70a9acac429f3ca9d"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-4.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-4.yaml"},{"reference_url":"https://hermes.opensuse.org/messages/14700881","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hermes.opensuse.org/messages/14700881"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4139","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4139"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/09","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2011/sep/09"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/09/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2011/sep/09/"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/10/127","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2011/sep/10/127"},{"reference_url":"https://www.djangoproject.com/weblog/2011/sep/10/127/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2011/sep/10/127/"},{"reference_url":"http://www.debian.org/security/2011/dsa-2332","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2011/dsa-2332"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641405","reference_id":"641405","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641405"},{"reference_url":"https://usn.ubuntu.com/1297-1/","reference_id":"USN-1297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1297-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13265?format=json","purl":"pkg:pypi/django@1.2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/13264?format=json","purl":"pkg:pypi/django@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-7vck-9u91-1yca"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-ejv6-3fkp-a7ba"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-qwdg-jeya-fuer"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-ywr3-fe5b-ybek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.3.1"}],"aliases":["CVE-2011-4139","GHSA-rm2j-x595-q9cj","PYSEC-2011-4"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xjhj-6qe7-hbe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90357?format=json","vulnerability_id":"VCID-xkrz-p214-hqhp","summary":"An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.\nNFKC normalization in Python is slow on Windows. As a consequence, `django.http.HttpResponseRedirect`, `django.http.HttpResponsePermanentRedirect`, and the shortcut `django.shortcuts.redirect`  were subject to a potential  denial-of-service attack via certain inputs with a very large number of Unicode characters.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank Seokchan Yoon for reporting this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64458.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64458.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-64458","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07314","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-64458"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/3790593781d26168e7306b5b2f8ea0309de16242","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/3790593781d26168e7306b5b2f8ea0309de16242"},{"reference_url":"https://github.com/django/django/commit/4f5d904b63751dea9ffc3b0e046404a7fa5881ac","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/4f5d904b63751dea9ffc3b0e046404a7fa5881ac"},{"reference_url":"https://github.com/django/django/commit/6e13348436fccf8f22982921d6a3a3e65c956a9f","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/6e13348436fccf8f22982921d6a3a3e65c956a9f"},{"reference_url":"https://github.com/django/django/commit/770eea38d7a0e9ba9455140b5a9a9e33618226a7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/770eea38d7a0e9ba9455140b5a9a9e33618226a7"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-107.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-107.yaml"},{"reference_url":"https://www.djangoproject.com/weblog/2025/nov/05/security-releases","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2025/nov/05/security-releases"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2412649","reference_id":"2412649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2412649"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-64458","reference_id":"CVE-2025-64458","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-64458"},{"reference_url":"https://groups.google.com/g/django-announce","reference_id":"django-announce","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/"}],"url":"https://groups.google.com/g/django-announce"},{"reference_url":"https://github.com/advisories/GHSA-qw25-v68c-qjf3","reference_id":"GHSA-qw25-v68c-qjf3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qw25-v68c-qjf3"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"security","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/"}],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://www.djangoproject.com/weblog/2025/nov/05/security-releases/","reference_id":"security-releases","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/"}],"url":"https://www.djangoproject.com/weblog/2025/nov/05/security-releases/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/35005?format=json","purl":"pkg:pypi/django@4.2.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13q1-fzeg-bfd9"},{"vulnerability":"VCID-4xtu-yeh2-pbc8"},{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"},{"vulnerability":"VCID-dh5p-grha-r7a2"},{"vulnerability":"VCID-dqpz-q718-pkas"},{"vulnerability":"VCID-e331-cbgc-hubm"},{"vulnerability":"VCID-hb8n-gwz6-9yd9"},{"vulnerability":"VCID-jdjc-ygtk-c7hv"},{"vulnerability":"VCID-pn2d-2euz-pudt"},{"vulnerability":"VCID-q3sw-jd7p-1yg1"},{"vulnerability":"VCID-r3dj-t213-jyhh"},{"vulnerability":"VCID-sbwy-buwj-gkd2"},{"vulnerability":"VCID-zr7g-1xkm-fqdw"},{"vulnerability":"VCID-zztc-4be5-fker"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.26"},{"url":"http://public2.vulnerablecode.io/api/packages/35019?format=json","purl":"pkg:pypi/django@5.1.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.14"},{"url":"http://public2.vulnerablecode.io/api/packages/35012?format=json","purl":"pkg:pypi/django@5.2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13q1-fzeg-bfd9"},{"vulnerability":"VCID-1g9h-ryet-2ffs"},{"vulnerability":"VCID-1mp4-kq35-1ba7"},{"vulnerability":"VCID-4xtu-yeh2-pbc8"},{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"},{"vulnerability":"VCID-8tz7-vjwz-rycs"},{"vulnerability":"VCID-dh5p-grha-r7a2"},{"vulnerability":"VCID-dqpz-q718-pkas"},{"vulnerability":"VCID-e331-cbgc-hubm"},{"vulnerability":"VCID-h5qf-zbcz-qygg"},{"vulnerability":"VCID-hb8n-gwz6-9yd9"},{"vulnerability":"VCID-jdjc-ygtk-c7hv"},{"vulnerability":"VCID-m4mg-yd86-dyfw"},{"vulnerability":"VCID-n915-wj16-wka6"},{"vulnerability":"VCID-pn2d-2euz-pudt"},{"vulnerability":"VCID-q3sw-jd7p-1yg1"},{"vulnerability":"VCID-r3dj-t213-jyhh"},{"vulnerability":"VCID-sbwy-buwj-gkd2"},{"vulnerability":"VCID-tvk1-4am9-f3cf"},{"vulnerability":"VCID-z7sj-r61n-qbcd"},{"vulnerability":"VCID-zr7g-1xkm-fqdw"},{"vulnerability":"VCID-zztc-4be5-fker"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/38619?format=json","purl":"pkg:pypi/django@6.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13q1-fzeg-bfd9"},{"vulnerability":"VCID-4xtu-yeh2-pbc8"},{"vulnerability":"VCID-dqpz-q718-pkas"},{"vulnerability":"VCID-e331-cbgc-hubm"},{"vulnerability":"VCID-pn2d-2euz-pudt"},{"vulnerability":"VCID-sbwy-buwj-gkd2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1"}],"aliases":["BIT-django-2025-64458","CVE-2025-64458","GHSA-qw25-v68c-qjf3","PYSEC-2025-107"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xkrz-p214-hqhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/117788?format=json","vulnerability_id":"VCID-xqv3-emqb-g3eu","summary":"security update","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5144.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5144","reference_id":"","reference_type":"","scores":[{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81476","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5144"},{"reference_url":"https://github.com/advisories/GHSA-q5qw-4364-5hhm","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-q5qw-4364-5hhm"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.4.21.txt#L30-L54","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.4.21.txt#L30-L54"},{"reference_url":"https://github.com/django/django/commit/1ba1cdce7d58e6740fe51955d945b56ae51d072a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/1ba1cdce7d58e6740fe51955d945b56ae51d072a"},{"reference_url":"https://github.com/django/django/commit/574dd5e0b0fbb877ae5827b1603d298edc9bb2a0","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/574dd5e0b0fbb877ae5827b1603d298edc9bb2a0"},{"reference_url":"https://github.com/django/django/commit/8f9a4d3a2bc42f14bb437defd30c7315adbff22c","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/8f9a4d3a2bc42f14bb437defd30c7315adbff22c"},{"reference_url":"https://github.com/django/django/commit/ae49b4d994656bc037513dcd064cb9ce5bb85649","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/ae49b4d994656bc037513dcd064cb9ce5bb85649"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-10.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-10.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5144","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5144"},{"reference_url":"https://web.archive.org/web/20150924150801/http://www.securitytracker.com/id/1032820","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20150924150801/http://www.securitytracker.com/id/1032820"},{"reference_url":"https://web.archive.org/web/20200228050526/http://www.securityfocus.com/bid/75665","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228050526/http://www.securityfocus.com/bid/75665"},{"reference_url":"https://www.djangoproject.com/weblog/2015/jul/08/security-releases","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2015/jul/08/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2015/jul/08/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2015/jul/08/security-releases/"},{"reference_url":"http://www.debian.org/security/2015/dsa-3305","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3305"},{"reference_url":"http://www.securityfocus.com/bid/75665","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/75665"},{"reference_url":"http://www.securitytracker.com/id/1032820","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1032820"},{"reference_url":"http://www.ubuntu.com/usn/USN-2671-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2671-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1239011","reference_id":"1239011","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1239011"},{"reference_url":"https://security.gentoo.org/glsa/201510-06","reference_id":"GLSA-201510-06","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201510-06"},{"reference_url":"https://usn.ubuntu.com/2671-1/","reference_id":"USN-2671-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2671-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15434?format=json","purl":"pkg:pypi/django@1.4.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.21"},{"url":"http://public2.vulnerablecode.io/api/packages/15437?format=json","purl":"pkg:pypi/django@1.7.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xg1w-8bd8-fbhu"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.9"},{"url":"http://public2.vulnerablecode.io/api/packages/15435?format=json","purl":"pkg:pypi/django@1.8.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-3arc-t7n7-53ew"},{"vulnerability":"VCID-4v6q-ktnr-gue3"},{"vulnerability":"VCID-577n-ucjg-9udw"},{"vulnerability":"VCID-7kj8-kfda-wfhj"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-p94q-m8sa-s7by"},{"vulnerability":"VCID-q9zk-pp6y-m7hu"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-ud47-2t6q-pycj"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.3"}],"aliases":["CVE-2015-5144","GHSA-q5qw-4364-5hhm","PYSEC-2015-10"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xqv3-emqb-g3eu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25446?format=json","vulnerability_id":"VCID-ycc8-7k6j-4kbf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48432.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48432.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48432","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61866","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-7xr5-9hcq-chf9","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7xr5-9hcq-chf9"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-47.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-47.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-48432","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-48432"},{"reference_url":"https://www.djangoproject.com/weblog/2025/jun/04/security-releases","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2025/jun/04/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/06/04/5","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/06/04/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/06/10/2","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/06/10/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/06/10/3","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/06/10/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/06/10/4","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/06/10/4"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107282","reference_id":"1107282","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107282"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370365","reference_id":"2370365","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370365"},{"reference_url":"https://security.archlinux.org/ASA-202506-6","reference_id":"ASA-202506-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202506-6"},{"reference_url":"https://security.archlinux.org/AVG-2894","reference_id":"AVG-2894","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2894"},{"reference_url":"https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/","reference_id":"bugfix-releases","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/"}],"url":"https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/"},{"reference_url":"https://groups.google.com/g/django-announce","reference_id":"django-announce","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/"}],"url":"https://groups.google.com/g/django-announce"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14686","reference_id":"RHSA-2025:14686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16487","reference_id":"RHSA-2025:16487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16487"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"security","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/"}],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://www.djangoproject.com/weblog/2025/jun/04/security-releases/","reference_id":"security-releases","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/"}],"url":"https://www.djangoproject.com/weblog/2025/jun/04/security-releases/"},{"reference_url":"https://usn.ubuntu.com/7555-1/","reference_id":"USN-7555-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7555-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/87733?format=json","purl":"pkg:pypi/django@4.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13q1-fzeg-bfd9"},{"vulnerability":"VCID-4xtu-yeh2-pbc8"},{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dh5p-grha-r7a2"},{"vulnerability":"VCID-dqpz-q718-pkas"},{"vulnerability":"VCID-e331-cbgc-hubm"},{"vulnerability":"VCID-fwwm-7y13-y3dx"},{"vulnerability":"VCID-hb8n-gwz6-9yd9"},{"vulnerability":"VCID-jdjc-ygtk-c7hv"},{"vulnerability":"VCID-pmhc-yu6r-uudy"},{"vulnerability":"VCID-pn2d-2euz-pudt"},{"vulnerability":"VCID-q3sw-jd7p-1yg1"},{"vulnerability":"VCID-r3dj-t213-jyhh"},{"vulnerability":"VCID-sbwy-buwj-gkd2"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-zr7g-1xkm-fqdw"},{"vulnerability":"VCID-zztc-4be5-fker"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.22"},{"url":"http://public2.vulnerablecode.io/api/packages/87732?format=json","purl":"pkg:pypi/django@5.1.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-fwwm-7y13-y3dx"},{"vulnerability":"VCID-pmhc-yu6r-uudy"},{"vulnerability":"VCID-xkrz-p214-hqhp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.10"},{"url":"http://public2.vulnerablecode.io/api/packages/87731?format=json","purl":"pkg:pypi/django@5.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13q1-fzeg-bfd9"},{"vulnerability":"VCID-1g9h-ryet-2ffs"},{"vulnerability":"VCID-1mp4-kq35-1ba7"},{"vulnerability":"VCID-4xtu-yeh2-pbc8"},{"vulnerability":"VCID-72z9-v49q-vbcc"},{"vulnerability":"VCID-81b9-uqyv-kkhm"},{"vulnerability":"VCID-8tz7-vjwz-rycs"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-dh5p-grha-r7a2"},{"vulnerability":"VCID-dqpz-q718-pkas"},{"vulnerability":"VCID-e331-cbgc-hubm"},{"vulnerability":"VCID-fwwm-7y13-y3dx"},{"vulnerability":"VCID-h5qf-zbcz-qygg"},{"vulnerability":"VCID-hb8n-gwz6-9yd9"},{"vulnerability":"VCID-jdjc-ygtk-c7hv"},{"vulnerability":"VCID-m4mg-yd86-dyfw"},{"vulnerability":"VCID-n915-wj16-wka6"},{"vulnerability":"VCID-pmhc-yu6r-uudy"},{"vulnerability":"VCID-pn2d-2euz-pudt"},{"vulnerability":"VCID-q3sw-jd7p-1yg1"},{"vulnerability":"VCID-r3dj-t213-jyhh"},{"vulnerability":"VCID-sbwy-buwj-gkd2"},{"vulnerability":"VCID-tvk1-4am9-f3cf"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-z7sj-r61n-qbcd"},{"vulnerability":"VCID-zr7g-1xkm-fqdw"},{"vulnerability":"VCID-zztc-4be5-fker"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.2"}],"aliases":["BIT-django-2025-48432","CVE-2025-48432","GHSA-7xr5-9hcq-chf9","PYSEC-2025-47"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ycc8-7k6j-4kbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201489?format=json","vulnerability_id":"VCID-z2j2-py5e-f3e1","summary":"The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected \"static media files,\" which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539134","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539134"},{"reference_url":"http://code.djangoproject.com/changeset/11353","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://code.djangoproject.com/changeset/11353"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2659.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2659.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2659","reference_id":"","reference_type":"","scores":[{"value":"0.01377","scoring_system":"epss","scoring_elements":"0.80666","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2659"},{"reference_url":"http://secunia.com/advisories/36137","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36137"},{"reference_url":"http://secunia.com/advisories/36153","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36153"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/da85d76fd6ca846f3b0ff414e042ddb5e62e2e69","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/da85d76fd6ca846f3b0ff414e042ddb5e62e2e69"},{"reference_url":"https://github.com/django/django/commit/df7f917b7f51ba969faa49d000ffc79572c5dcb4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/df7f917b7f51ba969faa49d000ffc79572c5dcb4"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2009-3.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2009-3.yaml"},{"reference_url":"https://web.archive.org/web/20111211001428/http://www.securityfocus.com/bid/35859","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20111211001428/http://www.securityfocus.com/bid/35859"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00055.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00055.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00069.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00069.html"},{"reference_url":"http://www.djangoproject.com/weblog/2009/jul/28/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.djangoproject.com/weblog/2009/jul/28/security"},{"reference_url":"http://www.djangoproject.com/weblog/2009/jul/28/security/","reference_id":"","reference_type":"","scores":[],"url":"http://www.djangoproject.com/weblog/2009/jul/28/security/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/07/29/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/07/29/2"},{"reference_url":"http://www.securityfocus.com/bid/35859","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/35859"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=515581","reference_id":"515581","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=515581"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539134","reference_id":"539134","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539134"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-2659","reference_id":"CVE-2009-2659","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-2659"},{"reference_url":"https://github.com/advisories/GHSA-9xg7-gg9m-rmq9","reference_id":"GHSA-9xg7-gg9m-rmq9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9xg7-gg9m-rmq9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13259?format=json","purl":"pkg:pypi/django@1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4b76-zn8f-sfd1"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-6xp2-48m8-byfr"},{"vulnerability":"VCID-76b8-e9q1-w3ey"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-bbq5-1gpd-nqeh"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cygw-grtf-nydk"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-gze2-htrx-vqdb"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ndqd-kuk7-w3ap"},{"vulnerability":"VCID-neyk-7kmz-wqc9"},{"vulnerability":"VCID-nhzy-7qdm-wbg8"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-p1ft-8wjr-k7fh"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-s37h-qzm1-zubw"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wrts-u1xj-fyec"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xjhj-6qe7-hbe6"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.1"}],"aliases":["CVE-2009-2659","GHSA-9xg7-gg9m-rmq9","PYSEC-2009-3"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z2j2-py5e-f3e1"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201489?format=json","vulnerability_id":"VCID-z2j2-py5e-f3e1","summary":"The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected \"static media files,\" which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539134","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539134"},{"reference_url":"http://code.djangoproject.com/changeset/11353","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://code.djangoproject.com/changeset/11353"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2659.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2659.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2659","reference_id":"","reference_type":"","scores":[{"value":"0.01377","scoring_system":"epss","scoring_elements":"0.80666","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2659"},{"reference_url":"http://secunia.com/advisories/36137","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36137"},{"reference_url":"http://secunia.com/advisories/36153","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/36153"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/da85d76fd6ca846f3b0ff414e042ddb5e62e2e69","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/da85d76fd6ca846f3b0ff414e042ddb5e62e2e69"},{"reference_url":"https://github.com/django/django/commit/df7f917b7f51ba969faa49d000ffc79572c5dcb4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/df7f917b7f51ba969faa49d000ffc79572c5dcb4"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2009-3.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2009-3.yaml"},{"reference_url":"https://web.archive.org/web/20111211001428/http://www.securityfocus.com/bid/35859","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20111211001428/http://www.securityfocus.com/bid/35859"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00055.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00055.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00069.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00069.html"},{"reference_url":"http://www.djangoproject.com/weblog/2009/jul/28/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.djangoproject.com/weblog/2009/jul/28/security"},{"reference_url":"http://www.djangoproject.com/weblog/2009/jul/28/security/","reference_id":"","reference_type":"","scores":[],"url":"http://www.djangoproject.com/weblog/2009/jul/28/security/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/07/29/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/07/29/2"},{"reference_url":"http://www.securityfocus.com/bid/35859","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/35859"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=515581","reference_id":"515581","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=515581"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539134","reference_id":"539134","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539134"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-2659","reference_id":"CVE-2009-2659","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-2659"},{"reference_url":"https://github.com/advisories/GHSA-9xg7-gg9m-rmq9","reference_id":"GHSA-9xg7-gg9m-rmq9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9xg7-gg9m-rmq9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20622?format=json","purl":"pkg:pypi/django@0.96.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@0.96.4"},{"url":"http://public2.vulnerablecode.io/api/packages/20623?format=json","purl":"pkg:pypi/django@1.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-3h63-1xqs-hqc2"},{"vulnerability":"VCID-4b76-zn8f-sfd1"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-6xp2-48m8-byfr"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ndqd-kuk7-w3ap"},{"vulnerability":"VCID-neyk-7kmz-wqc9"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-s37h-qzm1-zubw"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-suxb-fvaf-2ug4"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v1nx-71fb-uka9"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wrts-u1xj-fyec"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xjhj-6qe7-hbe6"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"},{"vulnerability":"VCID-z2j2-py5e-f3e1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13259?format=json","purl":"pkg:pypi/django@1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14vg-wbxe-6ffj"},{"vulnerability":"VCID-1d73-dpsg-wkhk"},{"vulnerability":"VCID-4b76-zn8f-sfd1"},{"vulnerability":"VCID-55n8-mzj7-z7hh"},{"vulnerability":"VCID-5bnx-5d1x-k3by"},{"vulnerability":"VCID-6xp2-48m8-byfr"},{"vulnerability":"VCID-76b8-e9q1-w3ey"},{"vulnerability":"VCID-7xx2-z2tg-7khd"},{"vulnerability":"VCID-8uyx-7dub-hka9"},{"vulnerability":"VCID-9749-wxyn-4qb1"},{"vulnerability":"VCID-9mmy-6rvf-1qbp"},{"vulnerability":"VCID-a36b-7nxc-5ffg"},{"vulnerability":"VCID-b97e-fw2q-nqhk"},{"vulnerability":"VCID-bbq5-1gpd-nqeh"},{"vulnerability":"VCID-beas-dwx6-1ffp"},{"vulnerability":"VCID-cygw-grtf-nydk"},{"vulnerability":"VCID-db6w-yj8t-sfg4"},{"vulnerability":"VCID-e2vb-tg4t-4ye3"},{"vulnerability":"VCID-e36z-3vcv-8qaw"},{"vulnerability":"VCID-eay8-gdua-p3b5"},{"vulnerability":"VCID-fsgd-8jz7-zkdn"},{"vulnerability":"VCID-gfad-ffzw-g3hv"},{"vulnerability":"VCID-gze2-htrx-vqdb"},{"vulnerability":"VCID-h328-c9gp-9ybg"},{"vulnerability":"VCID-kgw9-ng5a-jucv"},{"vulnerability":"VCID-mb3h-bnss-5bcj"},{"vulnerability":"VCID-ndqd-kuk7-w3ap"},{"vulnerability":"VCID-neyk-7kmz-wqc9"},{"vulnerability":"VCID-nhzy-7qdm-wbg8"},{"vulnerability":"VCID-nx56-nstj-m7bs"},{"vulnerability":"VCID-p1ft-8wjr-k7fh"},{"vulnerability":"VCID-pa7r-7c7r-wfbp"},{"vulnerability":"VCID-s37h-qzm1-zubw"},{"vulnerability":"VCID-ss1p-jz2s-wyh7"},{"vulnerability":"VCID-ted5-qgyr-7ucf"},{"vulnerability":"VCID-tr9m-84nc-x3cw"},{"vulnerability":"VCID-tudc-7sgh-nkda"},{"vulnerability":"VCID-u3v4-y55z-xkbq"},{"vulnerability":"VCID-u7zv-f4c1-xya2"},{"vulnerability":"VCID-u9dr-ca2g-e3hk"},{"vulnerability":"VCID-v9gk-3pqk-a7cr"},{"vulnerability":"VCID-wpt2-535q-3yfe"},{"vulnerability":"VCID-wrts-u1xj-fyec"},{"vulnerability":"VCID-wvh5-z294-ffev"},{"vulnerability":"VCID-xczb-x1dc-1fhc"},{"vulnerability":"VCID-xjhj-6qe7-hbe6"},{"vulnerability":"VCID-xkrz-p214-hqhp"},{"vulnerability":"VCID-xqv3-emqb-g3eu"},{"vulnerability":"VCID-ycc8-7k6j-4kbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.1"}],"aliases":["CVE-2009-2659","GHSA-9xg7-gg9m-rmq9","PYSEC-2009-3"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z2j2-py5e-f3e1"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.0.3"}