{"url":"http://public2.vulnerablecode.io/api/packages/25362?format=json","purl":"pkg:pypi/django@3.2.12","type":"pypi","namespace":"","name":"django","version":"3.2.12","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"3.2.25","latest_non_vulnerable_version":"6.0.5","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/799?format=json","vulnerability_id":"VCID-5k3f-9smv-8bev","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41323","reference_id":"","reference_type":"","scores":[{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.93036","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41323"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T14:39:15Z/"}],"url":"https://docs.djangoproject.com/en/4.0/releases/security/"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/23f0093125ac2e553da6c1b2f9988eb6a3dd2ea1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/23f0093125ac2e553da6c1b2f9988eb6a3dd2ea1"},{"reference_url":"https://github.com/django/django/commit/5b6b257fa7ec37ff27965358800c67e2dd11c924","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T14:39:15Z/"}],"url":"https://github.com/django/django/commit/5b6b257fa7ec37ff27965358800c67e2dd11c924"},{"reference_url":"https://github.com/django/django/commit/9d656ea51d9ea7105c0c0785783ac29d426a7d25","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/9d656ea51d9ea7105c0c0785783ac29d426a7d25"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-304.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-304.yaml"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221124-0001","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20221124-0001"},{"reference_url":"https://www.djangoproject.com/weblog/2022/oct/04/security-releases","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2022/oct/04/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2022/oct/04/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T14:39:15Z/"}],"url":"https://www.djangoproject.com/weblog/2022/oct/04/security-releases/"},{"reference_url":"https://security.archlinux.org/AVG-2809","reference_id":"AVG-2809","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2809"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-41323","reference_id":"CVE-2022-41323","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-41323"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B/","reference_id":"FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T14:39:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B/"},{"reference_url":"https://github.com/advisories/GHSA-qrw5-5h28-6cmg","reference_id":"GHSA-qrw5-5h28-6cmg","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qrw5-5h28-6cmg"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/","reference_id":"HWY6DQWRVBALV73BPUVBXC3QIYUM24IK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T14:39:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/","reference_id":"LTZVAKU5ALQWOKFTPISE257VCVIYGFQI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T14:39:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221124-0001/","reference_id":"ntap-20221124-0001","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T14:39:15Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221124-0001/"},{"reference_url":"https://usn.ubuntu.com/5653-1/","reference_id":"USN-5653-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5653-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77/","reference_id":"VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T14:39:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP/","reference_id":"YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T14:39:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/28252?format=json","purl":"pkg:pypi/django@3.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-rn9d-fd73-3kb9"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.16"},{"url":"http://public2.vulnerablecode.io/api/packages/28253?format=json","purl":"pkg:pypi/django@4.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-rn9d-fd73-3kb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/28254?format=json","purl":"pkg:pypi/django@4.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-rn9d-fd73-3kb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.2"}],"aliases":["BIT-django-2022-41323","CVE-2022-41323","GHSA-qrw5-5h28-6cmg","PYSEC-2022-304"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5k3f-9smv-8bev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3010?format=json","vulnerability_id":"VCID-6bct-bfhb-xugt","summary":"sql injection","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34265","reference_id":"","reference_type":"","scores":[{"value":"0.92834","scoring_system":"epss","scoring_elements":"0.99772","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34265"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/4.0/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-p64x-8rxx-wf6q","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p64x-8rxx-wf6q"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/0dc9c016fadb71a067e5a42be30164e3f96c0492","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/0dc9c016fadb71a067e5a42be30164e3f96c0492"},{"reference_url":"https://github.com/django/django/commit/5e2f4ddf2940704a26a4ac782b851989668d74db","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/5e2f4ddf2940704a26a4ac782b851989668d74db"},{"reference_url":"https://github.com/django/django/commit/877c800f255ccaa7abde1fb944de45d1616f5cc9","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/877c800f255ccaa7abde1fb944de45d1616f5cc9"},{"reference_url":"https://github.com/django/django/commit/a9010fe5555e6086a9d9ae50069579400ef0685e","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/a9010fe5555e6086a9d9ae50069579400ef0685e"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-213.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-213.yaml"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220818-0006","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220818-0006"},{"reference_url":"https://www.debian.org/security/2022/dsa-5254","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5254"},{"reference_url":"https://www.djangoproject.com/weblog/2022/jul/04/security-releases","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2022/jul/04/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2022/jul/04/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2022/jul/04/security-releases/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014541","reference_id":"1014541","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014541"},{"reference_url":"https://security.archlinux.org/AVG-2788","reference_id":"AVG-2788","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2788"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34265","reference_id":"CVE-2022-34265","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34265"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://usn.ubuntu.com/5501-1/","reference_id":"USN-5501-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5501-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27019?format=json","purl":"pkg:pypi/django@3.2.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-qg2s-fuw3-nbda"},{"vulnerability":"VCID-rn9d-fd73-3kb9"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.14"},{"url":"http://public2.vulnerablecode.io/api/packages/27020?format=json","purl":"pkg:pypi/django@4.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-qg2s-fuw3-nbda"},{"vulnerability":"VCID-rn9d-fd73-3kb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.6"}],"aliases":["BIT-django-2022-34265","CVE-2022-34265","GHSA-p64x-8rxx-wf6q","PYSEC-2022-213"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bct-bfhb-xugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8937?format=json","vulnerability_id":"VCID-7u6e-a3ng-fude","summary":"In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43665.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43665.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-43665","reference_id":"","reference_type":"","scores":[{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86341","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-43665"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.2/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/4.2/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/be9c27c4d18c2e6a5be8af4e53c0797440794473","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/be9c27c4d18c2e6a5be8af4e53c0797440794473"},{"reference_url":"https://github.com/django/django/commit/c7b7024742250414e426ad49fb80db943e7ba4e8","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c7b7024742250414e426ad49fb80db943e7ba4e8"},{"reference_url":"https://github.com/django/django/commit/ccdade1a0262537868d7ca64374de3d957ca50c5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/ccdade1a0262537868d7ca64374de3d957ca50c5"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-226.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-226.yaml"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231221-0001","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20231221-0001"},{"reference_url":"https://www.djangoproject.com/weblog/2023/oct/04/security-releases","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2023/oct/04/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2023/oct/04/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2023/oct/04/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/04/1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2024/03/04/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053475","reference_id":"1053475","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053475"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241046","reference_id":"2241046","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241046"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43665","reference_id":"CVE-2023-43665","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43665"},{"reference_url":"https://github.com/advisories/GHSA-h8gc-pgj2-vjm3","reference_id":"GHSA-h8gc-pgj2-vjm3","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-h8gc-pgj2-vjm3"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6158","reference_id":"RHSA-2023:6158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1878","reference_id":"RHSA-2024:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1878"},{"reference_url":"https://usn.ubuntu.com/6414-1/","reference_id":"USN-6414-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6414-1/"},{"reference_url":"https://usn.ubuntu.com/6414-2/","reference_id":"USN-6414-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6414-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36710?format=json","purl":"pkg:pypi/django@3.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.22"},{"url":"http://public2.vulnerablecode.io/api/packages/36712?format=json","purl":"pkg:pypi/django@4.1.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e2p6-m8gu-jbfu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.12"},{"url":"http://public2.vulnerablecode.io/api/packages/36715?format=json","purl":"pkg:pypi/django@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1c7j-evpp-53eb"},{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-32d1-b8f2-hud5"},{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-5fbx-3yfb-fudx"},{"vulnerability":"VCID-62jv-ab6d-sqdb"},{"vulnerability":"VCID-63c7-mkxw-ufav"},{"vulnerability":"VCID-68nb-696n-n3bf"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-92bp-6kte-tyfs"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-ape9-66ck-nfez"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-bq5s-uknu-z7cn"},{"vulnerability":"VCID-cbsj-1qqg-1ba6"},{"vulnerability":"VCID-cg44-thdw-cygg"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-enen-3w2h-g3b8"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-heum-8mwz-sbcw"},{"vulnerability":"VCID-j2uz-w2ur-7ud4"},{"vulnerability":"VCID-jma1-9ags-xbfm"},{"vulnerability":"VCID-jt9m-kd3k-uqca"},{"vulnerability":"VCID-kv5d-p5n4-r7dp"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-q4cv-2m7d-3qd5"},{"vulnerability":"VCID-sz4x-rr8f-a3hf"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vm2w-caad-nyd3"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.6"}],"aliases":["BIT-django-2023-43665","CVE-2023-43665","GHSA-h8gc-pgj2-vjm3","PYSEC-2023-226"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7u6e-a3ng-fude"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9089?format=json","vulnerability_id":"VCID-bjn5-qpmt-qffx","summary":"In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27351.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27351.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27351","reference_id":"","reference_type":"","scores":[{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85903","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27351"},{"reference_url":"https://docs.djangoproject.com/en/5.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/5.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/5.0/releases/security/","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"https://docs.djangoproject.com/en/5.0/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/072963e4c4d0b3a7a8c5412bc0c7d27d1a9c3521","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/072963e4c4d0b3a7a8c5412bc0c7d27d1a9c3521"},{"reference_url":"https://github.com/django/django/commit/3394fc6132436eca89e997083bae9985fb7e761e","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/3394fc6132436eca89e997083bae9985fb7e761e"},{"reference_url":"https://github.com/django/django/commit/3c9a2771cc80821e041b16eb36c1c37af5349d4a","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/3c9a2771cc80821e041b16eb36c1c37af5349d4a"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-47.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-47.yaml"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://www.djangoproject.com/weblog/2024/mar/04/security-releases","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2024/mar/04/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2024/mar/04/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"https://www.djangoproject.com/weblog/2024/mar/04/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/04/1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/03/04/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2266045","reference_id":"2266045","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2266045"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27351","reference_id":"CVE-2024-27351","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27351"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/","reference_id":"D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/"},{"reference_url":"https://github.com/advisories/GHSA-vm8q-m57g-pff3","reference_id":"GHSA-vm8q-m57g-pff3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vm8q-m57g-pff3"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1640","reference_id":"RHSA-2024:1640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1878","reference_id":"RHSA-2024:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3781","reference_id":"RHSA-2024:3781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5662","reference_id":"RHSA-2024:5662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4187","reference_id":"RHSA-2025:4187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4187"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6/","reference_id":"SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6/"},{"reference_url":"https://usn.ubuntu.com/6674-1/","reference_id":"USN-6674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6674-1/"},{"reference_url":"https://usn.ubuntu.com/6674-2/","reference_id":"USN-6674-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6674-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/","reference_id":"ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39558?format=json","purl":"pkg:pypi/django@3.2.25","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.25"},{"url":"http://public2.vulnerablecode.io/api/packages/39559?format=json","purl":"pkg:pypi/django@4.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1c7j-evpp-53eb"},{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-32d1-b8f2-hud5"},{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-5fbx-3yfb-fudx"},{"vulnerability":"VCID-62jv-ab6d-sqdb"},{"vulnerability":"VCID-63c7-mkxw-ufav"},{"vulnerability":"VCID-68nb-696n-n3bf"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-92bp-6kte-tyfs"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-ape9-66ck-nfez"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-bq5s-uknu-z7cn"},{"vulnerability":"VCID-cbsj-1qqg-1ba6"},{"vulnerability":"VCID-cg44-thdw-cygg"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-enen-3w2h-g3b8"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-heum-8mwz-sbcw"},{"vulnerability":"VCID-j2uz-w2ur-7ud4"},{"vulnerability":"VCID-jma1-9ags-xbfm"},{"vulnerability":"VCID-jt9m-kd3k-uqca"},{"vulnerability":"VCID-kv5d-p5n4-r7dp"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-q4cv-2m7d-3qd5"},{"vulnerability":"VCID-sz4x-rr8f-a3hf"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vm2w-caad-nyd3"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.11"},{"url":"http://public2.vulnerablecode.io/api/packages/39560?format=json","purl":"pkg:pypi/django@5.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1c7j-evpp-53eb"},{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-68nb-696n-n3bf"},{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-ape9-66ck-nfez"},{"vulnerability":"VCID-bq5s-uknu-z7cn"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-jt9m-kd3k-uqca"},{"vulnerability":"VCID-kv5d-p5n4-r7dp"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-q4cv-2m7d-3qd5"},{"vulnerability":"VCID-sz4x-rr8f-a3hf"},{"vulnerability":"VCID-vm2w-caad-nyd3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.3"}],"aliases":["BIT-django-2024-27351","CVE-2024-27351","GHSA-vm8q-m57g-pff3","PYSEC-2024-47"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bjn5-qpmt-qffx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8935?format=json","vulnerability_id":"VCID-ctk2-ykg7-h7ag","summary":"In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41164.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41164.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-41164","reference_id":"","reference_type":"","scores":[{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61354","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-41164"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.2/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/4.2/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/6f030b1149bd8fa4ba90452e77cb3edc095ce54e","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/6f030b1149bd8fa4ba90452e77cb3edc095ce54e"},{"reference_url":"https://github.com/django/django/commit/9c51b4dcfa0cefcb48231f4d71cafa80821f87b9","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/9c51b4dcfa0cefcb48231f4d71cafa80821f87b9"},{"reference_url":"https://github.com/django/django/commit/ba00bc5ec6a7eff5e08be438f7b5b0e9574e8ff0","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/ba00bc5ec6a7eff5e08be438f7b5b0e9574e8ff0"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-225.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-225.yaml"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231214-0002","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20231214-0002"},{"reference_url":"https://www.djangoproject.com/weblog/2023/sep/04/security-releases","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2023/sep/04/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2023/sep/04/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2023/sep/04/security-releases/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051226","reference_id":"1051226","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051226"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2237258","reference_id":"2237258","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2237258"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41164","reference_id":"CVE-2023-41164","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41164"},{"reference_url":"https://github.com/advisories/GHSA-7h4p-27mh-hmrw","reference_id":"GHSA-7h4p-27mh-hmrw","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7h4p-27mh-hmrw"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5208","reference_id":"RHSA-2023:5208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1878","reference_id":"RHSA-2024:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1878"},{"reference_url":"https://usn.ubuntu.com/6378-1/","reference_id":"USN-6378-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6378-1/"},{"reference_url":"https://usn.ubuntu.com/6414-2/","reference_id":"USN-6414-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6414-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36709?format=json","purl":"pkg:pypi/django@3.2.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.21"},{"url":"http://public2.vulnerablecode.io/api/packages/36711?format=json","purl":"pkg:pypi/django@4.1.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.11"},{"url":"http://public2.vulnerablecode.io/api/packages/36714?format=json","purl":"pkg:pypi/django@4.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1c7j-evpp-53eb"},{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-32d1-b8f2-hud5"},{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-5fbx-3yfb-fudx"},{"vulnerability":"VCID-62jv-ab6d-sqdb"},{"vulnerability":"VCID-63c7-mkxw-ufav"},{"vulnerability":"VCID-68nb-696n-n3bf"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-92bp-6kte-tyfs"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-ape9-66ck-nfez"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-bq5s-uknu-z7cn"},{"vulnerability":"VCID-cbsj-1qqg-1ba6"},{"vulnerability":"VCID-cg44-thdw-cygg"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-enen-3w2h-g3b8"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-heum-8mwz-sbcw"},{"vulnerability":"VCID-j2uz-w2ur-7ud4"},{"vulnerability":"VCID-jma1-9ags-xbfm"},{"vulnerability":"VCID-jt9m-kd3k-uqca"},{"vulnerability":"VCID-kv5d-p5n4-r7dp"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-q4cv-2m7d-3qd5"},{"vulnerability":"VCID-sz4x-rr8f-a3hf"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vm2w-caad-nyd3"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.5"}],"aliases":["BIT-django-2023-41164","CVE-2023-41164","GHSA-7h4p-27mh-hmrw","PYSEC-2023-225"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ctk2-ykg7-h7ag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3089?format=json","vulnerability_id":"VCID-dcv2-gx5a-pfe2","summary":"sql injection","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28346","reference_id":"","reference_type":"","scores":[{"value":"0.01971","scoring_system":"epss","scoring_elements":"0.83836","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28346"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/4.0/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-2gwj-7jmv-h26r","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2gwj-7jmv-h26r"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/2044dac5c6968441be6f534c4139bcf48c5c7e48","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/2044dac5c6968441be6f534c4139bcf48c5c7e48"},{"reference_url":"https://github.com/django/django/commit/2c09e68ec911919360d5f8502cefc312f9e03c5d","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/2c09e68ec911919360d5f8502cefc312f9e03c5d"},{"reference_url":"https://github.com/django/django/commit/800828887a0509ad1162d6d407e94d8de7eafc60","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/800828887a0509ad1162d6d407e94d8de7eafc60"},{"reference_url":"https://github.com/django/django/commit/93cae5cb2f9a4ef1514cf1a41f714fef08005200","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/93cae5cb2f9a4ef1514cf1a41f714fef08005200"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-190.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-190.yaml"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00013.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00013.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220609-0002","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220609-0002"},{"reference_url":"https://www.debian.org/security/2022/dsa-5254","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5254"},{"reference_url":"https://www.djangoproject.com/weblog/2022/apr/11/security-releases","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2022/apr/11/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2022/apr/11/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2022/apr/11/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/11/1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/04/11/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009677","reference_id":"1009677","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009677"},{"reference_url":"https://security.archlinux.org/ASA-202204-9","reference_id":"ASA-202204-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-9"},{"reference_url":"https://security.archlinux.org/AVG-2667","reference_id":"AVG-2667","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2667"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-28346","reference_id":"CVE-2022-28346","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-28346"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://usn.ubuntu.com/5373-1/","reference_id":"USN-5373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5373-1/"},{"reference_url":"https://usn.ubuntu.com/5373-2/","reference_id":"USN-5373-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5373-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26236?format=json","purl":"pkg:pypi/django@3.2.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-6bct-bfhb-xugt"},{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-qg2s-fuw3-nbda"},{"vulnerability":"VCID-rn9d-fd73-3kb9"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.13"},{"url":"http://public2.vulnerablecode.io/api/packages/26235?format=json","purl":"pkg:pypi/django@4.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-6bct-bfhb-xugt"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-qg2s-fuw3-nbda"},{"vulnerability":"VCID-rn9d-fd73-3kb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.4"}],"aliases":["BIT-django-2022-28346","CVE-2022-28346","GHSA-2gwj-7jmv-h26r","PYSEC-2022-190"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dcv2-gx5a-pfe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3088?format=json","vulnerability_id":"VCID-dqkn-1888-y3er","summary":"sql injection","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28347","reference_id":"","reference_type":"","scores":[{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71619","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28347"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/4.0/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-w24h-v9qh-8gxj","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w24h-v9qh-8gxj"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/00b0fc50e1738c7174c495464a5ef069408a4402","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/00b0fc50e1738c7174c495464a5ef069408a4402"},{"reference_url":"https://github.com/django/django/commit/29a6c98b4c13af82064f993f0acc6e8fafa4d3f5","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/29a6c98b4c13af82064f993f0acc6e8fafa4d3f5"},{"reference_url":"https://github.com/django/django/commit/6723a26e59b0b5429a0c5873941e01a2e1bdbb81","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/6723a26e59b0b5429a0c5873941e01a2e1bdbb81"},{"reference_url":"https://github.com/django/django/commit/9e19accb6e0a00ba77d5a95a91675bf18877c72d","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/9e19accb6e0a00ba77d5a95a91675bf18877c72d"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-191.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-191.yaml"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI"},{"reference_url":"https://www.debian.org/security/2022/dsa-5254","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5254"},{"reference_url":"https://www.djangoproject.com/weblog/2022/apr/11/security-releases","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2022/apr/11/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2022/apr/11/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2022/apr/11/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/11/1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/04/11/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009677","reference_id":"1009677","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009677"},{"reference_url":"https://security.archlinux.org/ASA-202204-9","reference_id":"ASA-202204-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-9"},{"reference_url":"https://security.archlinux.org/AVG-2667","reference_id":"AVG-2667","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2667"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-28347","reference_id":"CVE-2022-28347","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-28347"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://usn.ubuntu.com/5373-1/","reference_id":"USN-5373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26236?format=json","purl":"pkg:pypi/django@3.2.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-6bct-bfhb-xugt"},{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-qg2s-fuw3-nbda"},{"vulnerability":"VCID-rn9d-fd73-3kb9"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.13"},{"url":"http://public2.vulnerablecode.io/api/packages/26235?format=json","purl":"pkg:pypi/django@4.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-6bct-bfhb-xugt"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-qg2s-fuw3-nbda"},{"vulnerability":"VCID-rn9d-fd73-3kb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.4"}],"aliases":["BIT-django-2022-28347","CVE-2022-28347","GHSA-w24h-v9qh-8gxj","PYSEC-2022-191"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dqkn-1888-y3er"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8934?format=json","vulnerability_id":"VCID-e2p6-m8gu-jbfu","summary":"An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46695.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46695.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46695","reference_id":"","reference_type":"","scores":[{"value":"0.03582","scoring_system":"epss","scoring_elements":"0.87943","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46695"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.2/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/4.2/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/048a9ebb6ea468426cb4e57c71572cbbd975517f","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/048a9ebb6ea468426cb4e57c71572cbbd975517f"},{"reference_url":"https://github.com/django/django/commit/4965bfdde2e5a5c883685019e57d123a3368a75e","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/4965bfdde2e5a5c883685019e57d123a3368a75e"},{"reference_url":"https://github.com/django/django/commit/f9a7fb8466a7ba4857eaf930099b5258f3eafb2b","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/f9a7fb8466a7ba4857eaf930099b5258f3eafb2b"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-222.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-222.yaml"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231214-0001","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20231214-0001"},{"reference_url":"https://www.djangoproject.com/weblog/2023/nov/01/security-releases","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2023/nov/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2023/nov/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2023/nov/01/security-releases/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2247097","reference_id":"2247097","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2247097"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-46695","reference_id":"CVE-2023-46695","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-46695"},{"reference_url":"https://github.com/advisories/GHSA-qmf9-6jqf-j8fq","reference_id":"GHSA-qmf9-6jqf-j8fq","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qmf9-6jqf-j8fq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36716?format=json","purl":"pkg:pypi/django@3.2.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.23"},{"url":"http://public2.vulnerablecode.io/api/packages/36717?format=json","purl":"pkg:pypi/django@4.1.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.13"},{"url":"http://public2.vulnerablecode.io/api/packages/36718?format=json","purl":"pkg:pypi/django@4.2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1c7j-evpp-53eb"},{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-32d1-b8f2-hud5"},{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-5fbx-3yfb-fudx"},{"vulnerability":"VCID-62jv-ab6d-sqdb"},{"vulnerability":"VCID-63c7-mkxw-ufav"},{"vulnerability":"VCID-68nb-696n-n3bf"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-92bp-6kte-tyfs"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-ape9-66ck-nfez"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-bq5s-uknu-z7cn"},{"vulnerability":"VCID-cbsj-1qqg-1ba6"},{"vulnerability":"VCID-cg44-thdw-cygg"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-enen-3w2h-g3b8"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-heum-8mwz-sbcw"},{"vulnerability":"VCID-j2uz-w2ur-7ud4"},{"vulnerability":"VCID-jma1-9ags-xbfm"},{"vulnerability":"VCID-jt9m-kd3k-uqca"},{"vulnerability":"VCID-kv5d-p5n4-r7dp"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-q4cv-2m7d-3qd5"},{"vulnerability":"VCID-sz4x-rr8f-a3hf"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vm2w-caad-nyd3"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.7"}],"aliases":["BIT-django-2023-46695","CVE-2023-46695","GHSA-qmf9-6jqf-j8fq","PYSEC-2023-222"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2p6-m8gu-jbfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8715?format=json","vulnerability_id":"VCID-fwkd-bq8u-9kg8","summary":"An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24580.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24580.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24580","reference_id":"","reference_type":"","scores":[{"value":"0.22718","scoring_system":"epss","scoring_elements":"0.95962","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24580"},{"reference_url":"https://docs.djangoproject.com/en/4.1/releases/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.1/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.1/releases/security/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T19:24:08Z/"}],"url":"https://docs.djangoproject.com/en/4.1/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/628b33a854a9c68ec8a0c51f382f304a0044ec92","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/628b33a854a9c68ec8a0c51f382f304a0044ec92"},{"reference_url":"https://github.com/django/django/commit/83f1ea83e4553e211c1c5a0dfc197b66d4e50432","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/83f1ea83e4553e211c1c5a0dfc197b66d4e50432"},{"reference_url":"https://github.com/django/django/commit/a665ed5179f5bbd3db95ce67286d0192eff041d8","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/a665ed5179f5bbd3db95ce67286d0192eff041d8"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-13.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-13.yaml"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T19:24:08Z/"}],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T19:24:08Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00023.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230316-0006","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20230316-0006"},{"reference_url":"https://www.djangoproject.com/weblog/2023/feb/14/security-releases","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2023/feb/14/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2023/feb/14/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T19:24:08Z/"}],"url":"https://www.djangoproject.com/weblog/2023/feb/14/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/02/14/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T19:24:08Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/02/14/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031290","reference_id":"1031290","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031290"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2169402","reference_id":"2169402","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2169402"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-24580","reference_id":"CVE-2023-24580","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-24580"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B/","reference_id":"FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T19:24:08Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B/"},{"reference_url":"https://github.com/advisories/GHSA-2hrw-hx67-34x6","reference_id":"GHSA-2hrw-hx67-34x6","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-2hrw-hx67-34x6"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/","reference_id":"HWY6DQWRVBALV73BPUVBXC3QIYUM24IK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T19:24:08Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/","reference_id":"LTZVAKU5ALQWOKFTPISE257VCVIYGFQI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T19:24:08Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230316-0006/","reference_id":"ntap-20230316-0006","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T19:24:08Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230316-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2097","reference_id":"RHSA-2023:2097","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2097"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2101","reference_id":"RHSA-2023:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4692","reference_id":"RHSA-2023:4692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4692"},{"reference_url":"https://usn.ubuntu.com/5868-1/","reference_id":"USN-5868-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5868-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77/","reference_id":"VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T19:24:08Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP/","reference_id":"YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T19:24:08Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/30399?format=json","purl":"pkg:pypi/django@3.2.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-rn9d-fd73-3kb9"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.18"},{"url":"http://public2.vulnerablecode.io/api/packages/30400?format=json","purl":"pkg:pypi/django@4.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-rn9d-fd73-3kb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/30401?format=json","purl":"pkg:pypi/django@4.1.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-rn9d-fd73-3kb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.7"}],"aliases":["BIT-django-2023-24580","CVE-2023-24580","GHSA-2hrw-hx67-34x6","PYSEC-2023-13"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwkd-bq8u-9kg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8806?format=json","vulnerability_id":"VCID-kmv2-339j-8ugc","summary":"In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36053.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36053.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-36053","reference_id":"","reference_type":"","scores":[{"value":"0.09595","scoring_system":"epss","scoring_elements":"0.93006","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-36053"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.2/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/"}],"url":"https://docs.djangoproject.com/en/4.2/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/454f2fb93437f98917283336201b4048293f7582","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/454f2fb93437f98917283336201b4048293f7582"},{"reference_url":"https://github.com/django/django/commit/ad0410ec4f458aa39803e5f6b9a3736527062dcd","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/ad0410ec4f458aa39803e5f6b9a3736527062dcd"},{"reference_url":"https://github.com/django/django/commit/b7c5feb35a31799de6e582ad6a5a91a9de74e0f9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/b7c5feb35a31799de6e582ad6a5a91a9de74e0f9"},{"reference_url":"https://github.com/django/django/commit/beb3f3d55940d9aa7198bf9d424ab74e873aec3d","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/beb3f3d55940d9aa7198bf9d424ab74e873aec3d"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-100.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-100.yaml"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/"}],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00022.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://www.debian.org/security/2023/dsa-5465","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/"}],"url":"https://www.debian.org/security/2023/dsa-5465"},{"reference_url":"https://www.djangoproject.com/weblog/2023/jul/03/security-releases","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2023/jul/03/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2023/jul/03/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/"}],"url":"https://www.djangoproject.com/weblog/2023/jul/03/security-releases/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040225","reference_id":"1040225","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040225"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2218004","reference_id":"2218004","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2218004"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-36053","reference_id":"CVE-2023-36053","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-36053"},{"reference_url":"https://github.com/advisories/GHSA-jh3w-4vvf-mjgr","reference_id":"GHSA-jh3w-4vvf-mjgr","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-jh3w-4vvf-mjgr"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A/","reference_id":"NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4692","reference_id":"RHSA-2023:4692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4693","reference_id":"RHSA-2023:4693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5931","reference_id":"RHSA-2023:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6818","reference_id":"RHSA-2023:6818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0212","reference_id":"RHSA-2024:0212","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0212"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1878","reference_id":"RHSA-2024:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1878"},{"reference_url":"https://usn.ubuntu.com/6203-1/","reference_id":"USN-6203-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6203-1/"},{"reference_url":"https://usn.ubuntu.com/6203-2/","reference_id":"USN-6203-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6203-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS/","reference_id":"XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/","reference_id":"ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-22T16:03:28Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33184?format=json","purl":"pkg:pypi/django@3.2.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.20"},{"url":"http://public2.vulnerablecode.io/api/packages/33183?format=json","purl":"pkg:pypi/django@4.1.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.10"},{"url":"http://public2.vulnerablecode.io/api/packages/33182?format=json","purl":"pkg:pypi/django@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1c7j-evpp-53eb"},{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-32d1-b8f2-hud5"},{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-5fbx-3yfb-fudx"},{"vulnerability":"VCID-62jv-ab6d-sqdb"},{"vulnerability":"VCID-63c7-mkxw-ufav"},{"vulnerability":"VCID-68nb-696n-n3bf"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-92bp-6kte-tyfs"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-ape9-66ck-nfez"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-bq5s-uknu-z7cn"},{"vulnerability":"VCID-cbsj-1qqg-1ba6"},{"vulnerability":"VCID-cg44-thdw-cygg"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-enen-3w2h-g3b8"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-heum-8mwz-sbcw"},{"vulnerability":"VCID-j2uz-w2ur-7ud4"},{"vulnerability":"VCID-jma1-9ags-xbfm"},{"vulnerability":"VCID-jt9m-kd3k-uqca"},{"vulnerability":"VCID-kv5d-p5n4-r7dp"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-q4cv-2m7d-3qd5"},{"vulnerability":"VCID-sz4x-rr8f-a3hf"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vm2w-caad-nyd3"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.3"}],"aliases":["BIT-django-2023-36053","CVE-2023-36053","GHSA-jh3w-4vvf-mjgr","PYSEC-2023-100"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kmv2-339j-8ugc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8706?format=json","vulnerability_id":"VCID-nyy8-t17r-syex","summary":"In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23969.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23969.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23969","reference_id":"","reference_type":"","scores":[{"value":"0.06091","scoring_system":"epss","scoring_elements":"0.90908","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23969"},{"reference_url":"https://docs.djangoproject.com/en/4.1/releases/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.1/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.1/releases/security/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-27T14:17:12Z/"}],"url":"https://docs.djangoproject.com/en/4.1/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/4452642f193533e288a52c02efb5bbc766a68f95","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/4452642f193533e288a52c02efb5bbc766a68f95"},{"reference_url":"https://github.com/django/django/commit/9d7bd5a56b1ce0576e8e07a8001373576d277942","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/9d7bd5a56b1ce0576e8e07a8001373576d277942"},{"reference_url":"https://github.com/django/django/commit/c7e0151fdf33e1b11d488b6f67b94fdf3a30614a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c7e0151fdf33e1b11d488b6f67b94fdf3a30614a"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-12.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-12.yaml"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-27T14:17:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00000.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230302-0007","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20230302-0007"},{"reference_url":"https://www.djangoproject.com/weblog/2023/feb/01/security-releases","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2023/feb/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2023/feb/01/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-27T14:17:12Z/"}],"url":"https://www.djangoproject.com/weblog/2023/feb/01/security-releases/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030251","reference_id":"1030251","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030251"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2166457","reference_id":"2166457","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2166457"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-23969","reference_id":"CVE-2023-23969","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-23969"},{"reference_url":"https://github.com/advisories/GHSA-q2jf-h9jm-m7p4","reference_id":"GHSA-q2jf-h9jm-m7p4","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-q2jf-h9jm-m7p4"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/","reference_id":"HWY6DQWRVBALV73BPUVBXC3QIYUM24IK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-27T14:17:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/","reference_id":"LTZVAKU5ALQWOKFTPISE257VCVIYGFQI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-27T14:17:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230302-0007/","reference_id":"ntap-20230302-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-27T14:17:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230302-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2097","reference_id":"RHSA-2023:2097","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2097"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2101","reference_id":"RHSA-2023:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2101"},{"reference_url":"https://usn.ubuntu.com/5837-1/","reference_id":"USN-5837-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5837-1/"},{"reference_url":"https://usn.ubuntu.com/5837-2/","reference_id":"USN-5837-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5837-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/30193?format=json","purl":"pkg:pypi/django@3.2.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-rn9d-fd73-3kb9"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.17"},{"url":"http://public2.vulnerablecode.io/api/packages/30194?format=json","purl":"pkg:pypi/django@4.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-rn9d-fd73-3kb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/30195?format=json","purl":"pkg:pypi/django@4.1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-rn9d-fd73-3kb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.6"}],"aliases":["BIT-django-2023-23969","CVE-2023-23969","GHSA-q2jf-h9jm-m7p4","PYSEC-2023-12"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nyy8-t17r-syex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1168?format=json","vulnerability_id":"VCID-qg2s-fuw3-nbda","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36359","reference_id":"","reference_type":"","scores":[{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80552","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36359"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/4.0/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-8x94-hmjh-97hq","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8x94-hmjh-97hq"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80"},{"reference_url":"https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3"},{"reference_url":"https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml"},{"reference_url":"https://groups.google.com/g/django-announce/c/8cz--gvaJr4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/g/django-announce/c/8cz--gvaJr4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220915-0008","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220915-0008"},{"reference_url":"https://www.debian.org/security/2022/dsa-5254","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5254"},{"reference_url":"https://www.djangoproject.com/weblog/2022/aug/03/security-releases","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2022/aug/03/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2022/aug/03/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2022/aug/03/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/08/03/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/08/03/1"},{"reference_url":"https://security.archlinux.org/AVG-2810","reference_id":"AVG-2810","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2810"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-36359","reference_id":"CVE-2022-36359","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-36359"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://usn.ubuntu.com/5549-1/","reference_id":"USN-5549-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5549-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27512?format=json","purl":"pkg:pypi/django@3.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-rn9d-fd73-3kb9"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.15"},{"url":"http://public2.vulnerablecode.io/api/packages/27513?format=json","purl":"pkg:pypi/django@4.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-rn9d-fd73-3kb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.7"}],"aliases":["BIT-django-2022-36359","CVE-2022-36359","GHSA-8x94-hmjh-97hq","PYSEC-2022-245"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qg2s-fuw3-nbda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8770?format=json","vulnerability_id":"VCID-rn9d-fd73-3kb9","summary":"In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's \"Uploading multiple files\" documentation suggested otherwise.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31047.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31047.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-31047","reference_id":"","reference_type":"","scores":[{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32498","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-31047"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.2/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-29T15:49:48Z/"}],"url":"https://docs.djangoproject.com/en/4.2/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/21b1b1fc03e5f9e9f8c977ee6e35618dd3b353dd","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/21b1b1fc03e5f9e9f8c977ee6e35618dd3b353dd"},{"reference_url":"https://github.com/django/django/commit/e7c3a2ccc3a562328600be05068ed9149e12ce64","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/e7c3a2ccc3a562328600be05068ed9149e12ce64"},{"reference_url":"https://github.com/django/django/commit/eed53d0011622e70b936e203005f0e6f4ac48965","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/eed53d0011622e70b936e203005f0e6f4ac48965"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-61.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-61.yaml"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DNEHD6N435OE2XUFGDAAVAXSYWLCUBFD","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DNEHD6N435OE2XUFGDAAVAXSYWLCUBFD"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230609-0008","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20230609-0008"},{"reference_url":"https://www.djangoproject.com/weblog/2023/may/03/security-releases","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2023/may/03/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2023/may/03/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-29T15:49:48Z/"}],"url":"https://www.djangoproject.com/weblog/2023/may/03/security-releases/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035467","reference_id":"1035467","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2192565","reference_id":"2192565","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2192565"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW/","reference_id":"A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-29T15:49:48Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A45VKTUVQ2BN6D5ZLZGCM774R6QGFOHW/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31047","reference_id":"CVE-2023-31047","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-31047"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNEHD6N435OE2XUFGDAAVAXSYWLCUBFD/","reference_id":"DNEHD6N435OE2XUFGDAAVAXSYWLCUBFD","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-29T15:49:48Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNEHD6N435OE2XUFGDAAVAXSYWLCUBFD/"},{"reference_url":"https://github.com/advisories/GHSA-r3xc-prgr-mg9p","reference_id":"GHSA-r3xc-prgr-mg9p","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-r3xc-prgr-mg9p"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230609-0008/","reference_id":"ntap-20230609-0008","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-29T15:49:48Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230609-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4591","reference_id":"RHSA-2023:4591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5931","reference_id":"RHSA-2023:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6818","reference_id":"RHSA-2023:6818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6818"},{"reference_url":"https://usn.ubuntu.com/6054-1/","reference_id":"USN-6054-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6054-1/"},{"reference_url":"https://usn.ubuntu.com/6054-2/","reference_id":"USN-6054-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6054-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/32435?format=json","purl":"pkg:pypi/django@3.2.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.19"},{"url":"http://public2.vulnerablecode.io/api/packages/32436?format=json","purl":"pkg:pypi/django@4.1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-kmv2-339j-8ugc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/32437?format=json","purl":"pkg:pypi/django@4.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1c7j-evpp-53eb"},{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-32d1-b8f2-hud5"},{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-5fbx-3yfb-fudx"},{"vulnerability":"VCID-62jv-ab6d-sqdb"},{"vulnerability":"VCID-63c7-mkxw-ufav"},{"vulnerability":"VCID-68nb-696n-n3bf"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-92bp-6kte-tyfs"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-ape9-66ck-nfez"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-bq5s-uknu-z7cn"},{"vulnerability":"VCID-cbsj-1qqg-1ba6"},{"vulnerability":"VCID-cg44-thdw-cygg"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-enen-3w2h-g3b8"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-heum-8mwz-sbcw"},{"vulnerability":"VCID-j2uz-w2ur-7ud4"},{"vulnerability":"VCID-jma1-9ags-xbfm"},{"vulnerability":"VCID-jt9m-kd3k-uqca"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-kv5d-p5n4-r7dp"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-q4cv-2m7d-3qd5"},{"vulnerability":"VCID-sz4x-rr8f-a3hf"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vm2w-caad-nyd3"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.1"}],"aliases":["BIT-django-2023-31047","CVE-2023-31047","GHSA-r3xc-prgr-mg9p","PYSEC-2023-61"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rn9d-fd73-3kb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9056?format=json","vulnerability_id":"VCID-x4s4-qav9-xbet","summary":"An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24680.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24680.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24680","reference_id":"","reference_type":"","scores":[{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80693","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24680"},{"reference_url":"https://docs.djangoproject.com/en/5.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/5.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/5.0/releases/security/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/"}],"url":"https://docs.djangoproject.com/en/5.0/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/16a8fe18a3b81250f4fa57e3f93f0599dc4895bc","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/16a8fe18a3b81250f4fa57e3f93f0599dc4895bc"},{"reference_url":"https://github.com/django/django/commit/55519d6cf8998fe4c8f5c8abffc2b10a7c3d14e9","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/55519d6cf8998fe4c8f5c8abffc2b10a7c3d14e9"},{"reference_url":"https://github.com/django/django/commit/572ea07e84b38ea8de0551f4b4eda685d91d09d2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/572ea07e84b38ea8de0551f4b4eda685d91d09d2"},{"reference_url":"https://github.com/django/django/commit/c1171ffbd570db90ca206c30f8e2b9f691243820","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c1171ffbd570db90ca206c30f8e2b9f691243820"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-28.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-28.yaml"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/"}],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://www.djangoproject.com/weblog/2024/feb/06/security-releases","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2024/feb/06/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2024/feb/06/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/"}],"url":"https://www.djangoproject.com/weblog/2024/feb/06/security-releases/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2261856","reference_id":"2261856","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2261856"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24680","reference_id":"CVE-2024-24680","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24680"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/","reference_id":"D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/"},{"reference_url":"https://github.com/advisories/GHSA-xxj9-f6rv-m3x4","reference_id":"GHSA-xxj9-f6rv-m3x4","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xxj9-f6rv-m3x4"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1057","reference_id":"RHSA-2024:1057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1640","reference_id":"RHSA-2024:1640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1878","reference_id":"RHSA-2024:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2731","reference_id":"RHSA-2024:2731","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5662","reference_id":"RHSA-2024:5662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5662"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6/","reference_id":"SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6/"},{"reference_url":"https://usn.ubuntu.com/6623-1/","reference_id":"USN-6623-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6623-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/","reference_id":"ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38481?format=json","purl":"pkg:pypi/django@3.2.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bjn5-qpmt-qffx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.24"},{"url":"http://public2.vulnerablecode.io/api/packages/38482?format=json","purl":"pkg:pypi/django@4.2.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1c7j-evpp-53eb"},{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-32d1-b8f2-hud5"},{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-5fbx-3yfb-fudx"},{"vulnerability":"VCID-62jv-ab6d-sqdb"},{"vulnerability":"VCID-63c7-mkxw-ufav"},{"vulnerability":"VCID-68nb-696n-n3bf"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-92bp-6kte-tyfs"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-ape9-66ck-nfez"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-bq5s-uknu-z7cn"},{"vulnerability":"VCID-cbsj-1qqg-1ba6"},{"vulnerability":"VCID-cg44-thdw-cygg"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-enen-3w2h-g3b8"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-heum-8mwz-sbcw"},{"vulnerability":"VCID-j2uz-w2ur-7ud4"},{"vulnerability":"VCID-jma1-9ags-xbfm"},{"vulnerability":"VCID-jt9m-kd3k-uqca"},{"vulnerability":"VCID-kv5d-p5n4-r7dp"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-q4cv-2m7d-3qd5"},{"vulnerability":"VCID-sz4x-rr8f-a3hf"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vm2w-caad-nyd3"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.10"},{"url":"http://public2.vulnerablecode.io/api/packages/38483?format=json","purl":"pkg:pypi/django@5.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1c7j-evpp-53eb"},{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-68nb-696n-n3bf"},{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-ape9-66ck-nfez"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-bq5s-uknu-z7cn"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-jt9m-kd3k-uqca"},{"vulnerability":"VCID-kv5d-p5n4-r7dp"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-q4cv-2m7d-3qd5"},{"vulnerability":"VCID-sz4x-rr8f-a3hf"},{"vulnerability":"VCID-vm2w-caad-nyd3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.2"}],"aliases":["BIT-django-2024-24680","CVE-2024-24680","GHSA-xxj9-f6rv-m3x4","PYSEC-2024-28"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x4s4-qav9-xbet"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1169?format=json","vulnerability_id":"VCID-2f2p-wfbs-73hz","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23833","reference_id":"","reference_type":"","scores":[{"value":"0.0142","scoring_system":"epss","scoring_elements":"0.80902","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23833"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/4.0/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-6cw3-g6wv-c2xv","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6cw3-g6wv-c2xv"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/c477b761804984c932704554ad35f78a2e230c6a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c477b761804984c932704554ad35f78a2e230c6a"},{"reference_url":"https://github.com/django/django/commit/d16133568ef9c9b42cb7a08bdf9ff3feec2e5468","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/d16133568ef9c9b42cb7a08bdf9ff3feec2e5468"},{"reference_url":"https://github.com/django/django/commit/f9c7d48fdd6f198a6494a9202f90242f176e4fc9","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/f9c7d48fdd6f198a6494a9202f90242f176e4fc9"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-20.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-20.yaml"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220221-0003","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220221-0003"},{"reference_url":"https://www.debian.org/security/2022/dsa-5254","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5254"},{"reference_url":"https://www.djangoproject.com/weblog/2022/feb/01/security-releases","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2022/feb/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2022/feb/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2022/feb/01/security-releases/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004752","reference_id":"1004752","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004752"},{"reference_url":"https://security.archlinux.org/AVG-2808","reference_id":"AVG-2808","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2808"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23833","reference_id":"CVE-2022-23833","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23833"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://usn.ubuntu.com/5269-1/","reference_id":"USN-5269-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5269-1/"},{"reference_url":"https://usn.ubuntu.com/5269-2/","reference_id":"USN-5269-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5269-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25361?format=json","purl":"pkg:pypi/django@2.2.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.27"},{"url":"http://public2.vulnerablecode.io/api/packages/25362?format=json","purl":"pkg:pypi/django@3.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-6bct-bfhb-xugt"},{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-qg2s-fuw3-nbda"},{"vulnerability":"VCID-rn9d-fd73-3kb9"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.12"},{"url":"http://public2.vulnerablecode.io/api/packages/25363?format=json","purl":"pkg:pypi/django@4.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-6bct-bfhb-xugt"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-qg2s-fuw3-nbda"},{"vulnerability":"VCID-rn9d-fd73-3kb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.2"}],"aliases":["BIT-django-2022-23833","CVE-2022-23833","GHSA-6cw3-g6wv-c2xv","PYSEC-2022-20"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2f2p-wfbs-73hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1170?format=json","vulnerability_id":"VCID-81q1-gytk-2uaq","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22818","reference_id":"","reference_type":"","scores":[{"value":"0.01009","scoring_system":"epss","scoring_elements":"0.77387","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22818"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.0/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/4.0/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-95rw-fx8r-36v6","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-95rw-fx8r-36v6"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/01422046065d2b51f8f613409cad2c81b39487e5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/01422046065d2b51f8f613409cad2c81b39487e5"},{"reference_url":"https://github.com/django/django/commit/1a1e8278c46418bde24c86a65443b0674bae65e2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/1a1e8278c46418bde24c86a65443b0674bae65e2"},{"reference_url":"https://github.com/django/django/commit/c27a7eb9f40b64990398978152e62b6ff839c2e6","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c27a7eb9f40b64990398978152e62b6ff839c2e6"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-19.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-19.yaml"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220221-0003","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220221-0003"},{"reference_url":"https://www.debian.org/security/2022/dsa-5254","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5254"},{"reference_url":"https://www.djangoproject.com/weblog/2022/feb/01/security-releases","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2022/feb/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2022/feb/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2022/feb/01/security-releases/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004752","reference_id":"1004752","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004752"},{"reference_url":"https://security.archlinux.org/AVG-2808","reference_id":"AVG-2808","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2808"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22818","reference_id":"CVE-2022-22818","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22818"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://usn.ubuntu.com/5269-1/","reference_id":"USN-5269-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5269-1/"},{"reference_url":"https://usn.ubuntu.com/5269-2/","reference_id":"USN-5269-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5269-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25361?format=json","purl":"pkg:pypi/django@2.2.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.27"},{"url":"http://public2.vulnerablecode.io/api/packages/25362?format=json","purl":"pkg:pypi/django@3.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-6bct-bfhb-xugt"},{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-qg2s-fuw3-nbda"},{"vulnerability":"VCID-rn9d-fd73-3kb9"},{"vulnerability":"VCID-x4s4-qav9-xbet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.12"},{"url":"http://public2.vulnerablecode.io/api/packages/25363?format=json","purl":"pkg:pypi/django@4.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-6bct-bfhb-xugt"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-qg2s-fuw3-nbda"},{"vulnerability":"VCID-rn9d-fd73-3kb9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.2"}],"aliases":["BIT-django-2022-22818","CVE-2022-22818","GHSA-95rw-fx8r-36v6","PYSEC-2022-19"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-81q1-gytk-2uaq"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.12"}