{"url":"http://public2.vulnerablecode.io/api/packages/42455?format=json","purl":"pkg:pypi/django@5.0.9","type":"pypi","namespace":"","name":"django","version":"5.0.9","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"5.0.14","latest_non_vulnerable_version":"6.0.5","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9286?format=json","vulnerability_id":"VCID-1umb-2rxg-bbdk","summary":"An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53907","reference_id":"","reference_type":"","scores":[{"value":"0.01038","scoring_system":"epss","scoring_elements":"0.77711","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53907"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://groups.google.com/g/django-announce","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/g/django-announce"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/12/msg00028.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2024/12/msg00028.html"},{"reference_url":"https://www.openwall.com/lists/oss-security/2024/12/04/3","reference_id":"","reference_type":"","scores":[],"url":"https://www.openwall.com/lists/oss-security/2024/12/04/3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/43092?format=json","purl":"pkg:pypi/django@5.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/43091?format=json","purl":"pkg:pypi/django@5.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.4"}],"aliases":["CVE-2024-53907","PYSEC-2024-156"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1umb-2rxg-bbdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9287?format=json","vulnerability_id":"VCID-4vry-9jdm-nyg9","summary":"An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53908","reference_id":"","reference_type":"","scores":[{"value":"0.00931","scoring_system":"epss","scoring_elements":"0.76454","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-53908"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://groups.google.com/g/django-announce","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/g/django-announce"},{"reference_url":"https://www.openwall.com/lists/oss-security/2024/12/04/3","reference_id":"","reference_type":"","scores":[],"url":"https://www.openwall.com/lists/oss-security/2024/12/04/3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/43092?format=json","purl":"pkg:pypi/django@5.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/43091?format=json","purl":"pkg:pypi/django@5.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.4"}],"aliases":["CVE-2024-53908","PYSEC-2024-157"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4vry-9jdm-nyg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9370?format=json","vulnerability_id":"VCID-a3e2-se1v-2yb5","summary":"An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.set_language are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27556","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01482","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27556"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://groups.google.com/g/django-announce","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/g/django-announce"},{"reference_url":"https://www.djangoproject.com/weblog/2025/apr/02/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2025/apr/02/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/04/02/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2025/04/02/2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/43628?format=json","purl":"pkg:pypi/django@5.0.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/43627?format=json","purl":"pkg:pypi/django@5.1.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.8"}],"aliases":["CVE-2025-27556","PYSEC-2025-14"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a3e2-se1v-2yb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9294?format=json","vulnerability_id":"VCID-chey-b3c1-pbe5","summary":"An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions clean_ipv6_address and is_valid_ipv6_address are vulnerable, as is the django.forms.GenericIPAddressField form field. (The django.db.models.GenericIPAddressField model field is not affected.)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56374","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24578","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56374"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://groups.google.com/g/django-announce","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/g/django-announce"},{"reference_url":"https://www.djangoproject.com/weblog/2025/jan/14/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2025/jan/14/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/01/14/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2025/01/14/2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/43226?format=json","purl":"pkg:pypi/django@5.0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/43225?format=json","purl":"pkg:pypi/django@5.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.5"}],"aliases":["CVE-2024-56374","PYSEC-2025-1"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chey-b3c1-pbe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9320?format=json","vulnerability_id":"VCID-nyc2-p1rp-xkb4","summary":"An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap() method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26699","reference_id":"","reference_type":"","scores":[{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52366","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26699"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://groups.google.com/g/django-announce","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/g/django-announce"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00012.html"},{"reference_url":"https://www.djangoproject.com/weblog/2025/mar/06/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2025/mar/06/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/03/06/12","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2025/03/06/12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/43495?format=json","purl":"pkg:pypi/django@5.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a3e2-se1v-2yb5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/43494?format=json","purl":"pkg:pypi/django@5.1.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.7"}],"aliases":["CVE-2025-26699","PYSEC-2025-13"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nyc2-p1rp-xkb4"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/264200?format=json","vulnerability_id":"VCID-ax42-esfz-vud2","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45231","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46478","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45231"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://github.com/django/django/commit/3c733c78d6f8e50296d6e248968b6516c92a53ca","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/3c733c78d6f8e50296d6e248968b6516c92a53ca"},{"reference_url":"https://github.com/django/django/commit/96d84047715ea1715b4bd1594e46122b8a77b9e2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/96d84047715ea1715b4bd1594e46122b8a77b9e2"},{"reference_url":"https://github.com/django/django/commit/bf4888d317ba4506d091eeac6e8b4f1fcc731199","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/bf4888d317ba4506d091eeac6e8b4f1fcc731199"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://www.djangoproject.com/weblog/2024/sep/03/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2024/sep/03/security-releases"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45231","reference_id":"CVE-2024-45231","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45231"},{"reference_url":"https://github.com/advisories/GHSA-rrqc-c2jx-6jgv","reference_id":"GHSA-rrqc-c2jx-6jgv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rrqc-c2jx-6jgv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42456?format=json","purl":"pkg:pypi/django@4.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-32d1-b8f2-hud5"},{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-5fbx-3yfb-fudx"},{"vulnerability":"VCID-62jv-ab6d-sqdb"},{"vulnerability":"VCID-63c7-mkxw-ufav"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-92bp-6kte-tyfs"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-cbsj-1qqg-1ba6"},{"vulnerability":"VCID-cg44-thdw-cygg"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-enen-3w2h-g3b8"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-heum-8mwz-sbcw"},{"vulnerability":"VCID-j2uz-w2ur-7ud4"},{"vulnerability":"VCID-jma1-9ags-xbfm"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.16"},{"url":"http://public2.vulnerablecode.io/api/packages/42455?format=json","purl":"pkg:pypi/django@5.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/42454?format=json","purl":"pkg:pypi/django@5.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.1"}],"aliases":["CVE-2024-45231","GHSA-rrqc-c2jx-6jgv"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ax42-esfz-vud2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9220?format=json","vulnerability_id":"VCID-jt9m-kd3k-uqca","summary":"An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45230","reference_id":"","reference_type":"","scores":[{"value":"0.02721","scoring_system":"epss","scoring_elements":"0.86191","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45230"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://github.com/django/django/commit/022ab0a75c76ab2ea31dfcc5f2cf5501e378d397","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/022ab0a75c76ab2ea31dfcc5f2cf5501e378d397"},{"reference_url":"https://github.com/django/django/commit/813de2672bd7361e9a453ab62cd6e52f96b6525b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/813de2672bd7361e9a453ab62cd6e52f96b6525b"},{"reference_url":"https://github.com/django/django/commit/d147a8ebbdf28c17cafbbe2884f0bc57e2bf82e2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/d147a8ebbdf28c17cafbbe2884f0bc57e2bf82e2"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-102.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-102.yaml"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://www.djangoproject.com/weblog/2024/sep/03/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2024/sep/03/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2024/sep/03/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2024/sep/03/security-releases/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45230","reference_id":"CVE-2024-45230","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45230"},{"reference_url":"https://github.com/advisories/GHSA-5hgc-2vfp-mqvc","reference_id":"GHSA-5hgc-2vfp-mqvc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5hgc-2vfp-mqvc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/42456?format=json","purl":"pkg:pypi/django@4.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-32d1-b8f2-hud5"},{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-5fbx-3yfb-fudx"},{"vulnerability":"VCID-62jv-ab6d-sqdb"},{"vulnerability":"VCID-63c7-mkxw-ufav"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-92bp-6kte-tyfs"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-cbsj-1qqg-1ba6"},{"vulnerability":"VCID-cg44-thdw-cygg"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-enen-3w2h-g3b8"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-heum-8mwz-sbcw"},{"vulnerability":"VCID-j2uz-w2ur-7ud4"},{"vulnerability":"VCID-jma1-9ags-xbfm"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.16"},{"url":"http://public2.vulnerablecode.io/api/packages/42455?format=json","purl":"pkg:pypi/django@5.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/42454?format=json","purl":"pkg:pypi/django@5.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1umb-2rxg-bbdk"},{"vulnerability":"VCID-3d6k-rdsh-k7hm"},{"vulnerability":"VCID-4vry-9jdm-nyg9"},{"vulnerability":"VCID-7jbt-5zw2-vff2"},{"vulnerability":"VCID-9udu-eqvn-mqbj"},{"vulnerability":"VCID-a3e2-se1v-2yb5"},{"vulnerability":"VCID-ax7m-uv4s-zkc1"},{"vulnerability":"VCID-chey-b3c1-pbe5"},{"vulnerability":"VCID-em3c-ceug-cubp"},{"vulnerability":"VCID-fbee-vj2y-cfeb"},{"vulnerability":"VCID-nyc2-p1rp-xkb4"},{"vulnerability":"VCID-u15a-4ste-43cy"},{"vulnerability":"VCID-vpgq-jhzc-j7h2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.1"}],"aliases":["CVE-2024-45230","GHSA-5hgc-2vfp-mqvc","PYSEC-2024-102"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jt9m-kd3k-uqca"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.9"}