Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django-termsandconditions@2.0.9
Typepypi
Namespace
Namedjango-termsandconditions
Version2.0.9
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.0.10
Latest_non_vulnerable_version2.0.11
Affected_by_vulnerabilities
0
url VCID-vseq-gn1f-aucd
vulnerability_id VCID-vseq-gn1f-aucd
summary 
Terms and Conditions Module vulnerable to Open Redirect
A vulnerability has been found in cyface Terms and Conditions Module up to 2.0.10 and classified as problematic. Affected by this vulnerability is the function returnTo of the file termsandconditions/views.py. The manipulation leads to open redirect. The attack can be launched remotely. Upgrading to version 2.0.11 can address this issue. The name of the patch is 03396a1c2e0af95e12a45c5faef7e47a4b513e1a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216175.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4589
reference_id
reference_type
scores
0
value 0.00218
scoring_system epss
scoring_elements 0.44457
published_at 2026-06-04T12:55:00Z
1
value 0.00218
scoring_system epss
scoring_elements 0.44479
published_at 2026-06-08T12:55:00Z
2
value 0.00218
scoring_system epss
scoring_elements 0.44513
published_at 2026-06-07T12:55:00Z
3
value 0.00218
scoring_system epss
scoring_elements 0.44535
published_at 2026-06-06T12:55:00Z
4
value 0.00218
scoring_system epss
scoring_elements 0.44527
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4589
1
reference_url https://github.com/cyface/django-termsandconditions
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cyface/django-termsandconditions
2
reference_url https://github.com/cyface/django-termsandconditions/commit/03396a1c2e0af95e12a45c5faef7e47a4b513e1a
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cyface/django-termsandconditions/commit/03396a1c2e0af95e12a45c5faef7e47a4b513e1a
3
reference_url https://github.com/cyface/django-termsandconditions/pull/239
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cyface/django-termsandconditions/pull/239
4
reference_url https://github.com/cyface/django-termsandconditions/releases/tag/v2.0.10
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cyface/django-termsandconditions/releases/tag/v2.0.10
5
reference_url https://github.com/cyface/django-termsandconditions/releases/tag/v2.0.11
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/cyface/django-termsandconditions/releases/tag/v2.0.11
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-4589
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-4589
7
reference_url https://vuldb.com/?id.216175
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://vuldb.com/?id.216175
8
reference_url https://github.com/advisories/GHSA-6rmf-cv6p-4h27
reference_id GHSA-6rmf-cv6p-4h27
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6rmf-cv6p-4h27
fixed_packages
0
url pkg:pypi/django-termsandconditions@2.0.10
purl pkg:pypi/django-termsandconditions@2.0.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django-termsandconditions@2.0.10
1
url pkg:pypi/django-termsandconditions@2.0.11
purl pkg:pypi/django-termsandconditions@2.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django-termsandconditions@2.0.11
aliases CVE-2022-4589, GHSA-6rmf-cv6p-4h27
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vseq-gn1f-aucd
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django-termsandconditions@2.0.9