{"url":"http://public2.vulnerablecode.io/api/packages/21191?format=json","purl":"pkg:pypi/django@1.4.0a0","type":"pypi","namespace":"","name":"django","version":"1.4.0a0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.2.30","latest_non_vulnerable_version":"6.0.5","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7153?format=json","vulnerability_id":"VCID-p543-5y7x-63hd","summary":"Denial-of-service possibility in logout() view by filling session store\nA session can be created when anonymously accessing the `django.contrib.auth.views.logout` view (provided it wasn't decorated with `django.contrib.auth.decorators.login_required` as done in the admin). This allows an attacker to easily create many new session records by sending repeated requests, potentially filling up the session store or causing other users' session records to be evicted.","references":[{"reference_url":"https://www.djangoproject.com/weblog/2015/aug/18/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2015/aug/18/security-releases/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/3837?format=json","purl":"pkg:pypi/django@1.4.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2dhb-9yue-33h7"},{"vulnerability":"VCID-325d-7dfk-sqd2"},{"vulnerability":"VCID-6gss-ppm5-3yc9"},{"vulnerability":"VCID-84mm-45p6-xkau"},{"vulnerability":"VCID-896g-hqec-ryb9"},{"vulnerability":"VCID-8jaq-53td-wbeg"},{"vulnerability":"VCID-8teq-9xr9-q3fg"},{"vulnerability":"VCID-9uzd-mmyv-mfh4"},{"vulnerability":"VCID-br5x-v7md-47hp"},{"vulnerability":"VCID-e2jd-yd4j-kqgt"},{"vulnerability":"VCID-k6s1-gnmc-e3ed"},{"vulnerability":"VCID-qm34-ec8s-tfd7"},{"vulnerability":"VCID-ukxp-wqpr-t3by"},{"vulnerability":"VCID-w2dv-u8h6-sbgs"},{"vulnerability":"VCID-w4pr-k5nj-ckgy"},{"vulnerability":"VCID-x4ev-6zjm-sbe4"},{"vulnerability":"VCID-x516-xwze-6ba3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.22"},{"url":"http://public2.vulnerablecode.io/api/packages/2689?format=json","purl":"pkg:pypi/django@1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2dhb-9yue-33h7"},{"vulnerability":"VCID-2m9f-3cgw-ekdr"},{"vulnerability":"VCID-325d-7dfk-sqd2"},{"vulnerability":"VCID-42cm-j2av-87ea"},{"vulnerability":"VCID-5g4y-1qmy-27bd"},{"vulnerability":"VCID-5v8n-rma9-rqd4"},{"vulnerability":"VCID-6gss-ppm5-3yc9"},{"vulnerability":"VCID-84mm-45p6-xkau"},{"vulnerability":"VCID-896g-hqec-ryb9"},{"vulnerability":"VCID-8jaq-53td-wbeg"},{"vulnerability":"VCID-8teq-9xr9-q3fg"},{"vulnerability":"VCID-9uzd-mmyv-mfh4"},{"vulnerability":"VCID-a715-2qks-wyhn"},{"vulnerability":"VCID-bgjt-c6sa-pfaj"},{"vulnerability":"VCID-bgmv-mf3x-bkew"},{"vulnerability":"VCID-br5x-v7md-47hp"},{"vulnerability":"VCID-c1n5-4ars-u7ff"},{"vulnerability":"VCID-e2jd-yd4j-kqgt"},{"vulnerability":"VCID-eker-m822-cuax"},{"vulnerability":"VCID-fk27-94p2-8kft"},{"vulnerability":"VCID-gwme-keqv-kkgr"},{"vulnerability":"VCID-hk24-1yzs-ybhu"},{"vulnerability":"VCID-jc9f-vgy8-ruan"},{"vulnerability":"VCID-jumh-hkhx-7qc9"},{"vulnerability":"VCID-k6s1-gnmc-e3ed"},{"vulnerability":"VCID-q64b-r7td-2yab"},{"vulnerability":"VCID-qjqs-zfd5-ckbt"},{"vulnerability":"VCID-qm34-ec8s-tfd7"},{"vulnerability":"VCID-qzba-9xmg-3qer"},{"vulnerability":"VCID-sbr6-pybe-dubq"},{"vulnerability":"VCID-spwd-dz6f-5fh9"},{"vulnerability":"VCID-t8ec-st1v-s3e5"},{"vulnerability":"VCID-ukxp-wqpr-t3by"},{"vulnerability":"VCID-w2dv-u8h6-sbgs"},{"vulnerability":"VCID-w4pr-k5nj-ckgy"},{"vulnerability":"VCID-x4ev-6zjm-sbe4"},{"vulnerability":"VCID-x516-xwze-6ba3"},{"vulnerability":"VCID-x6np-rvrt-nyb2"},{"vulnerability":"VCID-yemh-qd63-wuca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/4089?format=json","purl":"pkg:pypi/django@1.7.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-325d-7dfk-sqd2"},{"vulnerability":"VCID-6gss-ppm5-3yc9"},{"vulnerability":"VCID-84mm-45p6-xkau"},{"vulnerability":"VCID-896g-hqec-ryb9"},{"vulnerability":"VCID-8jaq-53td-wbeg"},{"vulnerability":"VCID-8teq-9xr9-q3fg"},{"vulnerability":"VCID-9uzd-mmyv-mfh4"},{"vulnerability":"VCID-br5x-v7md-47hp"},{"vulnerability":"VCID-e2jd-yd4j-kqgt"},{"vulnerability":"VCID-k6s1-gnmc-e3ed"},{"vulnerability":"VCID-qm34-ec8s-tfd7"},{"vulnerability":"VCID-ukxp-wqpr-t3by"},{"vulnerability":"VCID-w2dv-u8h6-sbgs"},{"vulnerability":"VCID-w4pr-k5nj-ckgy"},{"vulnerability":"VCID-x4ev-6zjm-sbe4"},{"vulnerability":"VCID-x516-xwze-6ba3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.10"},{"url":"http://public2.vulnerablecode.io/api/packages/4090?format=json","purl":"pkg:pypi/django@1.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-325d-7dfk-sqd2"},{"vulnerability":"VCID-6gss-ppm5-3yc9"},{"vulnerability":"VCID-84mm-45p6-xkau"},{"vulnerability":"VCID-896g-hqec-ryb9"},{"vulnerability":"VCID-8jaq-53td-wbeg"},{"vulnerability":"VCID-8teq-9xr9-q3fg"},{"vulnerability":"VCID-9uzd-mmyv-mfh4"},{"vulnerability":"VCID-bdms-nb18-guf9"},{"vulnerability":"VCID-br5x-v7md-47hp"},{"vulnerability":"VCID-e2jd-yd4j-kqgt"},{"vulnerability":"VCID-jae8-w85w-cyfu"},{"vulnerability":"VCID-k25u-g17y-hyfh"},{"vulnerability":"VCID-k6s1-gnmc-e3ed"},{"vulnerability":"VCID-mv1p-yxvp-pbh6"},{"vulnerability":"VCID-qm34-ec8s-tfd7"},{"vulnerability":"VCID-uk1w-hehw-dyda"},{"vulnerability":"VCID-ukxp-wqpr-t3by"},{"vulnerability":"VCID-w2dv-u8h6-sbgs"},{"vulnerability":"VCID-w4pr-k5nj-ckgy"},{"vulnerability":"VCID-x4ev-6zjm-sbe4"},{"vulnerability":"VCID-x516-xwze-6ba3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.4"}],"aliases":["GMS-2015-21"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p543-5y7x-63hd"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.4.0a0"}