Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/django@1.7.8
Typepypi
Namespace
Namedjango
Version1.7.8
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.2.30
Latest_non_vulnerable_version6.0.5
Affected_by_vulnerabilities
0
url VCID-27qc-gba4-aqfd
vulnerability_id VCID-27qc-gba4-aqfd
summary 
Denial-of-service possibility in logout() view by filling session store
A session can be created when anonymously accessing the `django.contrib.auth.views.logout` view (provided it wasn't decorated with `django.contrib.auth.decorators.login_required` as done in the admin). This allows an attacker to easily create many new session records by sending repeated requests, potentially filling up the session store or causing other users' session records to be evicted.
references
0
reference_url https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
fixed_packages
0
url pkg:pypi/django@1.7.10
purl pkg:pypi/django@1.7.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-697r-xhy8-efa5
2
vulnerability VCID-6p2m-vyft-xfe8
3
vulnerability VCID-9udu-eqvn-mqbj
4
vulnerability VCID-arff-yjfe-auhp
5
vulnerability VCID-ax42-esfz-vud2
6
vulnerability VCID-ax7m-uv4s-zkc1
7
vulnerability VCID-cbg1-8tp8-7ube
8
vulnerability VCID-fbee-vj2y-cfeb
9
vulnerability VCID-fynq-usj6-rfd3
10
vulnerability VCID-hzcv-euwq-eqeg
11
vulnerability VCID-nh19-fbce-wbfu
12
vulnerability VCID-qg2s-fuw3-nbda
13
vulnerability VCID-s4vz-wfcp-aygd
14
vulnerability VCID-u15a-4ste-43cy
15
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.10
1
url pkg:pypi/django@1.8.4
purl pkg:pypi/django@1.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-5sxw-p38k-q7cp
2
vulnerability VCID-697r-xhy8-efa5
3
vulnerability VCID-6p2m-vyft-xfe8
4
vulnerability VCID-9udu-eqvn-mqbj
5
vulnerability VCID-arff-yjfe-auhp
6
vulnerability VCID-ax42-esfz-vud2
7
vulnerability VCID-ax7m-uv4s-zkc1
8
vulnerability VCID-cbg1-8tp8-7ube
9
vulnerability VCID-fbee-vj2y-cfeb
10
vulnerability VCID-fynq-usj6-rfd3
11
vulnerability VCID-hs1y-thzf-qqct
12
vulnerability VCID-hzcv-euwq-eqeg
13
vulnerability VCID-j1jc-m7e2-5yck
14
vulnerability VCID-nh19-fbce-wbfu
15
vulnerability VCID-ptk1-k7b2-gkdm
16
vulnerability VCID-qg2s-fuw3-nbda
17
vulnerability VCID-s4vz-wfcp-aygd
18
vulnerability VCID-u15a-4ste-43cy
19
vulnerability VCID-yb2r-r8gy-3yhe
20
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.4
aliases GMS-2015-21
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-27qc-gba4-aqfd
1
url VCID-2bh9-k4at-r7hz
vulnerability_id VCID-2bh9-k4at-r7hz
summary sql injection
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7471
reference_id
reference_type
scores
0
value 0.09442
scoring_system epss
scoring_elements 0.92943
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7471
1
reference_url https://docs.djangoproject.com/en/3.0/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.0/releases/security
2
reference_url https://docs.djangoproject.com/en/3.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.0/releases/security/
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-hmr4-m2h5-33qx
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hmr4-m2h5-33qx
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd
7
reference_url https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b
8
reference_url https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147
9
reference_url https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml
11
reference_url https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/
14
reference_url https://seclists.org/bugtraq/2020/Feb/30
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2020/Feb/30
15
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
16
reference_url https://security.netapp.com/advisory/ntap-20200221-0006
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200221-0006
17
reference_url https://security.netapp.com/advisory/ntap-20200221-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200221-0006/
18
reference_url https://usn.ubuntu.com/4264-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4264-1
19
reference_url https://usn.ubuntu.com/4264-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4264-1/
20
reference_url https://www.debian.org/security/2020/dsa-4629
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4629
21
reference_url https://www.djangoproject.com/weblog/2020/feb/03/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2020/feb/03/security-releases
22
reference_url https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
23
reference_url https://www.openwall.com/lists/oss-security/2020/02/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/02/03/1
24
reference_url http://www.openwall.com/lists/oss-security/2020/02/03/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/02/03/1
25
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581
reference_id 950581
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950581
26
reference_url https://security.archlinux.org/ASA-202002-1
reference_id ASA-202002-1
reference_type
scores
url https://security.archlinux.org/ASA-202002-1
27
reference_url https://security.archlinux.org/AVG-1091
reference_id AVG-1091
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1091
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7471
reference_id CVE-2020-7471
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7471
fixed_packages
0
url pkg:pypi/django@1.11.28
purl pkg:pypi/django@1.11.28
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7b47-vsfh-y3gh
1
vulnerability VCID-9udu-eqvn-mqbj
2
vulnerability VCID-ax42-esfz-vud2
3
vulnerability VCID-ax7m-uv4s-zkc1
4
vulnerability VCID-fbee-vj2y-cfeb
5
vulnerability VCID-hzcv-euwq-eqeg
6
vulnerability VCID-qg2s-fuw3-nbda
7
vulnerability VCID-u15a-4ste-43cy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.28
1
url pkg:pypi/django@2.2.10
purl pkg:pypi/django@2.2.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f2p-wfbs-73hz
1
vulnerability VCID-3wbe-pfau-9uhb
2
vulnerability VCID-5a2y-2m62-1qfa
3
vulnerability VCID-7b47-vsfh-y3gh
4
vulnerability VCID-81q1-gytk-2uaq
5
vulnerability VCID-9hp4-hn21-zkg8
6
vulnerability VCID-9udu-eqvn-mqbj
7
vulnerability VCID-ax42-esfz-vud2
8
vulnerability VCID-ax7m-uv4s-zkc1
9
vulnerability VCID-b81v-3drw-xudf
10
vulnerability VCID-bbxx-48nj-pqcd
11
vulnerability VCID-dcv2-gx5a-pfe2
12
vulnerability VCID-dqkn-1888-y3er
13
vulnerability VCID-fbee-vj2y-cfeb
14
vulnerability VCID-fc6y-y2b1-v3d5
15
vulnerability VCID-gxju-xjh2-z7bn
16
vulnerability VCID-hzcv-euwq-eqeg
17
vulnerability VCID-jzbk-uswz-8ucg
18
vulnerability VCID-nxbs-37dx-rbbh
19
vulnerability VCID-punr-dfy5-v3g1
20
vulnerability VCID-qg2s-fuw3-nbda
21
vulnerability VCID-u15a-4ste-43cy
22
vulnerability VCID-u53d-8afk-c3gq
23
vulnerability VCID-vyzr-dkz3-vfg6
24
vulnerability VCID-xb3c-6rew-z3ba
25
vulnerability VCID-xu9t-qtjz-bud8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.10
2
url pkg:pypi/django@3.0.3
purl pkg:pypi/django@3.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3wbe-pfau-9uhb
1
vulnerability VCID-5a2y-2m62-1qfa
2
vulnerability VCID-7b47-vsfh-y3gh
3
vulnerability VCID-9hp4-hn21-zkg8
4
vulnerability VCID-9udu-eqvn-mqbj
5
vulnerability VCID-ax42-esfz-vud2
6
vulnerability VCID-ax7m-uv4s-zkc1
7
vulnerability VCID-b81v-3drw-xudf
8
vulnerability VCID-fbee-vj2y-cfeb
9
vulnerability VCID-fc6y-y2b1-v3d5
10
vulnerability VCID-gxju-xjh2-z7bn
11
vulnerability VCID-hzcv-euwq-eqeg
12
vulnerability VCID-nxbs-37dx-rbbh
13
vulnerability VCID-punr-dfy5-v3g1
14
vulnerability VCID-qg2s-fuw3-nbda
15
vulnerability VCID-u15a-4ste-43cy
16
vulnerability VCID-xb3c-6rew-z3ba
17
vulnerability VCID-xu9t-qtjz-bud8
18
vulnerability VCID-zvet-h29t-tub8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.3
aliases BIT-django-2020-7471, CVE-2020-7471, GHSA-hmr4-m2h5-33qx, PYSEC-2020-35
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2bh9-k4at-r7hz
2
url VCID-2bx5-jaat-u7ek
vulnerability_id VCID-2bx5-jaat-u7ek
summary The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-1766.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1766.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-1767.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1767.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-1894.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1894.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5964
reference_id
reference_type
scores
0
value 0.04693
scoring_system epss
scoring_elements 0.89523
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5964
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5963
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5963
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5964
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5964
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/2f5485346ee6f84b4e52068c04e043092daf55f7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2f5485346ee6f84b4e52068c04e043092daf55f7
9
reference_url https://github.com/django/django/commit/575f59f9bc7c59a5e41a081d1f5f55fc859c5012
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/575f59f9bc7c59a5e41a081d1f5f55fc859c5012
10
reference_url https://github.com/django/django/commit/8cc41ce7a7a8f6bebfdd89d5ab276cd0109f4fc5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/8cc41ce7a7a8f6bebfdd89d5ab276cd0109f4fc5
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-23.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-23.yaml
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5964
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5964
13
reference_url https://web.archive.org/web/20150906124157/http://www.securityfocus.com/bid/76440
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150906124157/http://www.securityfocus.com/bid/76440
14
reference_url https://web.archive.org/web/20150923161048/http://www.securitytracker.com/id/1033318
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150923161048/http://www.securitytracker.com/id/1033318
15
reference_url https://web.archive.org/web/20200228051814/http://www.securityfocus.com/bid/76440
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228051814/http://www.securityfocus.com/bid/76440
16
reference_url https://www.djangoproject.com/weblog/2015/aug/18/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/aug/18/security-releases
17
reference_url https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
18
reference_url http://www.debian.org/security/2015/dsa-3338
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3338
19
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
20
reference_url http://www.securityfocus.com/bid/76440
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/76440
21
reference_url http://www.securitytracker.com/id/1033318
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1033318
22
reference_url http://www.ubuntu.com/usn/USN-2720-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2720-1
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796104
reference_id 796104
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796104
24
reference_url https://github.com/advisories/GHSA-x38m-486c-2wr9
reference_id GHSA-x38m-486c-2wr9
reference_type
scores
url https://github.com/advisories/GHSA-x38m-486c-2wr9
25
reference_url https://usn.ubuntu.com/2720-1/
reference_id USN-2720-1
reference_type
scores
url https://usn.ubuntu.com/2720-1/
fixed_packages
0
url pkg:pypi/django@1.7.10
purl pkg:pypi/django@1.7.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-697r-xhy8-efa5
2
vulnerability VCID-6p2m-vyft-xfe8
3
vulnerability VCID-9udu-eqvn-mqbj
4
vulnerability VCID-arff-yjfe-auhp
5
vulnerability VCID-ax42-esfz-vud2
6
vulnerability VCID-ax7m-uv4s-zkc1
7
vulnerability VCID-cbg1-8tp8-7ube
8
vulnerability VCID-fbee-vj2y-cfeb
9
vulnerability VCID-fynq-usj6-rfd3
10
vulnerability VCID-hzcv-euwq-eqeg
11
vulnerability VCID-nh19-fbce-wbfu
12
vulnerability VCID-qg2s-fuw3-nbda
13
vulnerability VCID-s4vz-wfcp-aygd
14
vulnerability VCID-u15a-4ste-43cy
15
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.10
aliases CVE-2015-5964, GHSA-x38m-486c-2wr9, PYSEC-2015-23
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2bx5-jaat-u7ek
3
url VCID-697r-xhy8-efa5
vulnerability_id VCID-697r-xhy8-efa5
summary The password hasher in contrib/auth/hashers.py in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to enumerate users via a timing attack involving login requests.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0502.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0502.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-0504.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0504.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-0505.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0505.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-0506.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0506.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2513
reference_id
reference_type
scores
0
value 0.0125
scoring_system epss
scoring_elements 0.79646
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2513
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2512
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2512
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/67b46ba7016da2d259c1ecc7d666d11f5e1cfaab
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/67b46ba7016da2d259c1ecc7d666d11f5e1cfaab
9
reference_url https://github.com/django/django/commit/af7d09b0c5c6ab68e629fd9baf736f9dd203b18e
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/af7d09b0c5c6ab68e629fd9baf736f9dd203b18e
10
reference_url https://github.com/django/django/commit/f4e6e02f7713a6924d16540be279909ff4091eb6
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f4e6e02f7713a6924d16540be279909ff4091eb6
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-16.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-16.yaml
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2513
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2513
13
reference_url https://web.archive.org/web/20160322001143/http://www.securitytracker.com/id/1035152
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160322001143/http://www.securitytracker.com/id/1035152
14
reference_url https://web.archive.org/web/20200228001222/http://www.securityfocus.com/bid/83878
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228001222/http://www.securityfocus.com/bid/83878
15
reference_url https://www.djangoproject.com/weblog/2016/mar/01/security-releases
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2016/mar/01/security-releases
16
reference_url https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
17
reference_url http://www.debian.org/security/2016/dsa-3544
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3544
18
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
19
reference_url http://www.securityfocus.com/bid/83878
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/83878
20
reference_url http://www.securitytracker.com/id/1035152
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035152
21
reference_url http://www.ubuntu.com/usn/USN-2915-1
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2915-1
22
reference_url http://www.ubuntu.com/usn/USN-2915-2
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2915-2
23
reference_url http://www.ubuntu.com/usn/USN-2915-3
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2915-3
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816434
reference_id 816434
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816434
25
reference_url https://github.com/advisories/GHSA-fp6p-5xvw-m74f
reference_id GHSA-fp6p-5xvw-m74f
reference_type
scores
url https://github.com/advisories/GHSA-fp6p-5xvw-m74f
26
reference_url https://usn.ubuntu.com/2915-1/
reference_id USN-2915-1
reference_type
scores
url https://usn.ubuntu.com/2915-1/
fixed_packages
0
url pkg:pypi/django@1.8.10
purl pkg:pypi/django@1.8.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-5sxw-p38k-q7cp
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-arff-yjfe-auhp
4
vulnerability VCID-ax42-esfz-vud2
5
vulnerability VCID-ax7m-uv4s-zkc1
6
vulnerability VCID-cbg1-8tp8-7ube
7
vulnerability VCID-fbee-vj2y-cfeb
8
vulnerability VCID-fynq-usj6-rfd3
9
vulnerability VCID-hs1y-thzf-qqct
10
vulnerability VCID-hzcv-euwq-eqeg
11
vulnerability VCID-j1jc-m7e2-5yck
12
vulnerability VCID-ptk1-k7b2-gkdm
13
vulnerability VCID-qg2s-fuw3-nbda
14
vulnerability VCID-s4vz-wfcp-aygd
15
vulnerability VCID-u15a-4ste-43cy
16
vulnerability VCID-yb2r-r8gy-3yhe
17
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.10
1
url pkg:pypi/django@1.9.3
purl pkg:pypi/django@1.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-9udu-eqvn-mqbj
2
vulnerability VCID-arff-yjfe-auhp
3
vulnerability VCID-ax42-esfz-vud2
4
vulnerability VCID-ax7m-uv4s-zkc1
5
vulnerability VCID-cbg1-8tp8-7ube
6
vulnerability VCID-fbee-vj2y-cfeb
7
vulnerability VCID-fynq-usj6-rfd3
8
vulnerability VCID-hs1y-thzf-qqct
9
vulnerability VCID-hzcv-euwq-eqeg
10
vulnerability VCID-ptk1-k7b2-gkdm
11
vulnerability VCID-qg2s-fuw3-nbda
12
vulnerability VCID-s4vz-wfcp-aygd
13
vulnerability VCID-u15a-4ste-43cy
14
vulnerability VCID-yb2r-r8gy-3yhe
15
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.3
aliases CVE-2016-2513, GHSA-fp6p-5xvw-m74f, PYSEC-2016-16
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-697r-xhy8-efa5
4
url VCID-6fef-e9tf-7kag
vulnerability_id VCID-6fef-e9tf-7kag
summary contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session record.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2015-09/msg00026.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-09/msg00026.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-1766.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1766.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-1767.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1767.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-1894.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1894.html
6
reference_url https://access.redhat.com/errata/RHSA-2015:1876
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1876
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5963
reference_id
reference_type
scores
0
value 0.05535
scoring_system epss
scoring_elements 0.90401
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5963
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5963
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5963
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5964
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5964
10
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
11
reference_url https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.8.4.txt#L9-L21
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.8.4.txt#L9-L21
12
reference_url https://github.com/django/django/commit/2eb86b01d7b59be06076f6179a454d0fd0afaff6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2eb86b01d7b59be06076f6179a454d0fd0afaff6
13
reference_url https://github.com/django/django/commit/2f5485346ee6f84b4e52068c04e043092daf55f7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2f5485346ee6f84b4e52068c04e043092daf55f7
14
reference_url https://github.com/django/django/commit/575f59f9bc7c59a5e41a081d1f5f55fc859c5012
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/575f59f9bc7c59a5e41a081d1f5f55fc859c5012
15
reference_url https://github.com/django/django/commit/8cc41ce7a7a8f6bebfdd89d5ab276cd0109f4fc5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/8cc41ce7a7a8f6bebfdd89d5ab276cd0109f4fc5
16
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-22.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-22.yaml
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5963
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5963
18
reference_url https://web.archive.org/web/20150904151934/http://www.securitytracker.com/id/1033318
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150904151934/http://www.securitytracker.com/id/1033318
19
reference_url https://web.archive.org/web/20200228050526/http://www.securityfocus.com/bid/76428
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228050526/http://www.securityfocus.com/bid/76428
20
reference_url https://www.djangoproject.com/weblog/2015/aug/18/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/aug/18/security-releases
21
reference_url https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
22
reference_url http://www.debian.org/security/2015/dsa-3338
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3338
23
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
24
reference_url http://www.securityfocus.com/bid/76428
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/76428
25
reference_url http://www.securitytracker.com/id/1033318
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1033318
26
reference_url http://www.ubuntu.com/usn/USN-2720-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2720-1
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796104
reference_id 796104
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796104
28
reference_url https://github.com/advisories/GHSA-pgxh-wfw4-jx2v
reference_id GHSA-pgxh-wfw4-jx2v
reference_type
scores
url https://github.com/advisories/GHSA-pgxh-wfw4-jx2v
29
reference_url https://usn.ubuntu.com/2720-1/
reference_id USN-2720-1
reference_type
scores
url https://usn.ubuntu.com/2720-1/
fixed_packages
0
url pkg:pypi/django@1.7.10
purl pkg:pypi/django@1.7.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-697r-xhy8-efa5
2
vulnerability VCID-6p2m-vyft-xfe8
3
vulnerability VCID-9udu-eqvn-mqbj
4
vulnerability VCID-arff-yjfe-auhp
5
vulnerability VCID-ax42-esfz-vud2
6
vulnerability VCID-ax7m-uv4s-zkc1
7
vulnerability VCID-cbg1-8tp8-7ube
8
vulnerability VCID-fbee-vj2y-cfeb
9
vulnerability VCID-fynq-usj6-rfd3
10
vulnerability VCID-hzcv-euwq-eqeg
11
vulnerability VCID-nh19-fbce-wbfu
12
vulnerability VCID-qg2s-fuw3-nbda
13
vulnerability VCID-s4vz-wfcp-aygd
14
vulnerability VCID-u15a-4ste-43cy
15
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.10
1
url pkg:pypi/django@1.8.4
purl pkg:pypi/django@1.8.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-5sxw-p38k-q7cp
2
vulnerability VCID-697r-xhy8-efa5
3
vulnerability VCID-6p2m-vyft-xfe8
4
vulnerability VCID-9udu-eqvn-mqbj
5
vulnerability VCID-arff-yjfe-auhp
6
vulnerability VCID-ax42-esfz-vud2
7
vulnerability VCID-ax7m-uv4s-zkc1
8
vulnerability VCID-cbg1-8tp8-7ube
9
vulnerability VCID-fbee-vj2y-cfeb
10
vulnerability VCID-fynq-usj6-rfd3
11
vulnerability VCID-hs1y-thzf-qqct
12
vulnerability VCID-hzcv-euwq-eqeg
13
vulnerability VCID-j1jc-m7e2-5yck
14
vulnerability VCID-nh19-fbce-wbfu
15
vulnerability VCID-ptk1-k7b2-gkdm
16
vulnerability VCID-qg2s-fuw3-nbda
17
vulnerability VCID-s4vz-wfcp-aygd
18
vulnerability VCID-u15a-4ste-43cy
19
vulnerability VCID-yb2r-r8gy-3yhe
20
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.4
aliases CVE-2015-5963, GHSA-pgxh-wfw4-jx2v, PYSEC-2015-22
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fef-e9tf-7kag
5
url VCID-6p2m-vyft-xfe8
vulnerability_id VCID-6p2m-vyft-xfe8
summary The get_format function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2 might allow remote attackers to obtain sensitive application secrets via a settings key in place of a date/time format setting, as demonstrated by SECRET_KEY.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173375.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173375.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174770.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174770.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2015-12/msg00014.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-12/msg00014.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2015-12/msg00017.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-12/msg00017.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-0129.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0129.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2016-0156.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0156.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2016-0157.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0157.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2016-0158.html
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0158.html
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8213
reference_id
reference_type
scores
0
value 0.03006
scoring_system epss
scoring_elements 0.86816
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8213
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8213
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8213
10
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
11
reference_url https://github.com/django/django/commit/316bc3fc9437c5960c24baceb93c73f1939711e4
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/316bc3fc9437c5960c24baceb93c73f1939711e4
12
reference_url https://github.com/django/django/commit/3ebbda0aef9e7a90ac6208bb8f9bc21228e2c7da
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/3ebbda0aef9e7a90ac6208bb8f9bc21228e2c7da
13
reference_url https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/8a01c6b53169ee079cb21ac5919fdafcc8c5e172
14
reference_url https://github.com/django/django/commit/9f83fc2f66f5a0bac7c291aec55df66050bb6991
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/9f83fc2f66f5a0bac7c291aec55df66050bb6991
15
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-11.yaml
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-11.yaml
16
reference_url https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued
17
reference_url https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/
18
reference_url http://www.debian.org/security/2015/dsa-3404
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3404
19
reference_url http://www.securityfocus.com/bid/77750
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/77750
20
reference_url http://www.securitytracker.com/id/1034237
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id/1034237
21
reference_url http://www.ubuntu.com/usn/USN-2816-1
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2816-1
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8213
reference_id CVE-2015-8213
reference_type
scores
0
value 2.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-8213
23
reference_url https://github.com/advisories/GHSA-6wcr-wcqm-3mfh
reference_id GHSA-6wcr-wcqm-3mfh
reference_type
scores
url https://github.com/advisories/GHSA-6wcr-wcqm-3mfh
24
reference_url https://usn.ubuntu.com/2816-1/
reference_id USN-2816-1
reference_type
scores
url https://usn.ubuntu.com/2816-1/
fixed_packages
0
url pkg:pypi/django@1.7.11
purl pkg:pypi/django@1.7.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-697r-xhy8-efa5
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-arff-yjfe-auhp
4
vulnerability VCID-ax42-esfz-vud2
5
vulnerability VCID-ax7m-uv4s-zkc1
6
vulnerability VCID-cbg1-8tp8-7ube
7
vulnerability VCID-fbee-vj2y-cfeb
8
vulnerability VCID-fynq-usj6-rfd3
9
vulnerability VCID-hzcv-euwq-eqeg
10
vulnerability VCID-nh19-fbce-wbfu
11
vulnerability VCID-qg2s-fuw3-nbda
12
vulnerability VCID-s4vz-wfcp-aygd
13
vulnerability VCID-u15a-4ste-43cy
14
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.11
1
url pkg:pypi/django@1.8.7
purl pkg:pypi/django@1.8.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-5sxw-p38k-q7cp
2
vulnerability VCID-697r-xhy8-efa5
3
vulnerability VCID-9udu-eqvn-mqbj
4
vulnerability VCID-arff-yjfe-auhp
5
vulnerability VCID-ax42-esfz-vud2
6
vulnerability VCID-ax7m-uv4s-zkc1
7
vulnerability VCID-cbg1-8tp8-7ube
8
vulnerability VCID-fbee-vj2y-cfeb
9
vulnerability VCID-fynq-usj6-rfd3
10
vulnerability VCID-hs1y-thzf-qqct
11
vulnerability VCID-hzcv-euwq-eqeg
12
vulnerability VCID-j1jc-m7e2-5yck
13
vulnerability VCID-nh19-fbce-wbfu
14
vulnerability VCID-ptk1-k7b2-gkdm
15
vulnerability VCID-qg2s-fuw3-nbda
16
vulnerability VCID-s4vz-wfcp-aygd
17
vulnerability VCID-u15a-4ste-43cy
18
vulnerability VCID-yb2r-r8gy-3yhe
19
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.7
2
url pkg:pypi/django@1.9rc2
purl pkg:pypi/django@1.9rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-9udu-eqvn-mqbj
2
vulnerability VCID-arff-yjfe-auhp
3
vulnerability VCID-ax42-esfz-vud2
4
vulnerability VCID-ax7m-uv4s-zkc1
5
vulnerability VCID-fbee-vj2y-cfeb
6
vulnerability VCID-fynq-usj6-rfd3
7
vulnerability VCID-hs1y-thzf-qqct
8
vulnerability VCID-hzcv-euwq-eqeg
9
vulnerability VCID-nh19-fbce-wbfu
10
vulnerability VCID-ptk1-k7b2-gkdm
11
vulnerability VCID-qg2s-fuw3-nbda
12
vulnerability VCID-s4vz-wfcp-aygd
13
vulnerability VCID-u15a-4ste-43cy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9rc2
aliases CVE-2015-8213, GHSA-6wcr-wcqm-3mfh, PYSEC-2015-11
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6p2m-vyft-xfe8
6
url VCID-9udu-eqvn-mqbj
vulnerability_id VCID-9udu-eqvn-mqbj
summary 
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.
NFKC normalization in Python is slow on Windows. As a consequence, `django.http.HttpResponseRedirect`, `django.http.HttpResponsePermanentRedirect`, and the shortcut `django.shortcuts.redirect`  were subject to a potential  denial-of-service attack via certain inputs with a very large number of Unicode characters.
Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.
Django would like to thank Seokchan Yoon for reporting this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64458.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64458.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-64458
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.07194
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-64458
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/
url https://docs.djangoproject.com/en/dev/releases/security/
4
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
5
reference_url https://github.com/django/django/commit/3790593781d26168e7306b5b2f8ea0309de16242
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/3790593781d26168e7306b5b2f8ea0309de16242
6
reference_url https://github.com/django/django/commit/4f5d904b63751dea9ffc3b0e046404a7fa5881ac
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4f5d904b63751dea9ffc3b0e046404a7fa5881ac
7
reference_url https://github.com/django/django/commit/6e13348436fccf8f22982921d6a3a3e65c956a9f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6e13348436fccf8f22982921d6a3a3e65c956a9f
8
reference_url https://github.com/django/django/commit/770eea38d7a0e9ba9455140b5a9a9e33618226a7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/770eea38d7a0e9ba9455140b5a9a9e33618226a7
9
reference_url https://groups.google.com/g/django-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/
url https://groups.google.com/g/django-announce
10
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
11
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-05T16:20:23Z/
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2412649
reference_id 2412649
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2412649
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-64458
reference_id CVE-2025-64458
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-64458
14
reference_url https://github.com/advisories/GHSA-qw25-v68c-qjf3
reference_id GHSA-qw25-v68c-qjf3
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qw25-v68c-qjf3
fixed_packages
0
url pkg:pypi/django@4.2.26
purl pkg:pypi/django@4.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3d6k-rdsh-k7hm
2
vulnerability VCID-3vk6-hdbc-2bhz
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-7jbt-5zw2-vff2
7
vulnerability VCID-92bp-6kte-tyfs
8
vulnerability VCID-cbsj-1qqg-1ba6
9
vulnerability VCID-cg44-thdw-cygg
10
vulnerability VCID-dac4-fa2z-bkdq
11
vulnerability VCID-enen-3w2h-g3b8
12
vulnerability VCID-heum-8mwz-sbcw
13
vulnerability VCID-j2uz-w2ur-7ud4
14
vulnerability VCID-jma1-9ags-xbfm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.26
1
url pkg:pypi/django@5.1.14
purl pkg:pypi/django@5.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d6k-rdsh-k7hm
1
vulnerability VCID-7jbt-5zw2-vff2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.14
2
url pkg:pypi/django@5.2.8
purl pkg:pypi/django@5.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-3vk6-hdbc-2bhz
4
vulnerability VCID-5fbx-3yfb-fudx
5
vulnerability VCID-62jv-ab6d-sqdb
6
vulnerability VCID-63c7-mkxw-ufav
7
vulnerability VCID-7jbt-5zw2-vff2
8
vulnerability VCID-92bp-6kte-tyfs
9
vulnerability VCID-92z2-3rbz-77h9
10
vulnerability VCID-cbsj-1qqg-1ba6
11
vulnerability VCID-cg44-thdw-cygg
12
vulnerability VCID-dac4-fa2z-bkdq
13
vulnerability VCID-enen-3w2h-g3b8
14
vulnerability VCID-g22z-jue5-8udz
15
vulnerability VCID-heum-8mwz-sbcw
16
vulnerability VCID-j2uz-w2ur-7ud4
17
vulnerability VCID-jma1-9ags-xbfm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.8
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5fbx-3yfb-fudx
1
vulnerability VCID-62jv-ab6d-sqdb
2
vulnerability VCID-92bp-6kte-tyfs
3
vulnerability VCID-cbsj-1qqg-1ba6
4
vulnerability VCID-enen-3w2h-g3b8
5
vulnerability VCID-jma1-9ags-xbfm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
aliases BIT-django-2025-64458, CVE-2025-64458, GHSA-qw25-v68c-qjf3, PYSEC-2025-107
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9udu-eqvn-mqbj
7
url VCID-arff-yjfe-auhp
vulnerability_id VCID-arff-yjfe-auhp
summary Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)
references
0
reference_url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
1
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
2
reference_url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
3
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
4
reference_url https://seclists.org/bugtraq/2020/Jan/9
reference_id
reference_type
scores
url https://seclists.org/bugtraq/2020/Jan/9
5
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
url https://security.gentoo.org/glsa/202004-17
6
reference_url https://security.netapp.com/advisory/ntap-20200110-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200110-0003/
7
reference_url https://usn.ubuntu.com/4224-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4224-1/
8
reference_url https://www.debian.org/security/2020/dsa-4598
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4598
9
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
fixed_packages
0
url pkg:pypi/django@1.11.27
purl pkg:pypi/django@1.11.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-7b47-vsfh-y3gh
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-ax42-esfz-vud2
4
vulnerability VCID-ax7m-uv4s-zkc1
5
vulnerability VCID-fbee-vj2y-cfeb
6
vulnerability VCID-hzcv-euwq-eqeg
7
vulnerability VCID-qg2s-fuw3-nbda
8
vulnerability VCID-u15a-4ste-43cy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.27
1
url pkg:pypi/django@2.2.9
purl pkg:pypi/django@2.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-2f2p-wfbs-73hz
2
vulnerability VCID-3wbe-pfau-9uhb
3
vulnerability VCID-5a2y-2m62-1qfa
4
vulnerability VCID-7b47-vsfh-y3gh
5
vulnerability VCID-81q1-gytk-2uaq
6
vulnerability VCID-9hp4-hn21-zkg8
7
vulnerability VCID-9udu-eqvn-mqbj
8
vulnerability VCID-ax42-esfz-vud2
9
vulnerability VCID-ax7m-uv4s-zkc1
10
vulnerability VCID-b81v-3drw-xudf
11
vulnerability VCID-bbxx-48nj-pqcd
12
vulnerability VCID-dcv2-gx5a-pfe2
13
vulnerability VCID-dqkn-1888-y3er
14
vulnerability VCID-fbee-vj2y-cfeb
15
vulnerability VCID-fc6y-y2b1-v3d5
16
vulnerability VCID-gxju-xjh2-z7bn
17
vulnerability VCID-hzcv-euwq-eqeg
18
vulnerability VCID-jzbk-uswz-8ucg
19
vulnerability VCID-nxbs-37dx-rbbh
20
vulnerability VCID-punr-dfy5-v3g1
21
vulnerability VCID-qg2s-fuw3-nbda
22
vulnerability VCID-u15a-4ste-43cy
23
vulnerability VCID-u53d-8afk-c3gq
24
vulnerability VCID-vyzr-dkz3-vfg6
25
vulnerability VCID-xb3c-6rew-z3ba
26
vulnerability VCID-xu9t-qtjz-bud8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9
aliases PYSEC-2019-86
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-arff-yjfe-auhp
8
url VCID-ax42-esfz-vud2
vulnerability_id VCID-ax42-esfz-vud2
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45231.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45231.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-45231
reference_id
reference_type
scores
0
value 0.00235
scoring_system epss
scoring_elements 0.46478
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-45231
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
5
reference_url https://github.com/django/django/commit/3c733c78d6f8e50296d6e248968b6516c92a53ca
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/3c733c78d6f8e50296d6e248968b6516c92a53ca
6
reference_url https://github.com/django/django/commit/96d84047715ea1715b4bd1594e46122b8a77b9e2
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/96d84047715ea1715b4bd1594e46122b8a77b9e2
7
reference_url https://github.com/django/django/commit/bf4888d317ba4506d091eeac6e8b4f1fcc731199
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/bf4888d317ba4506d091eeac6e8b4f1fcc731199
8
reference_url https://groups.google.com/forum/#%21forum/django-announce
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:35:34Z/
url https://groups.google.com/forum/#%21forum/django-announce
9
reference_url https://www.djangoproject.com/weblog/2024/sep/03/security-releases
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2024/sep/03/security-releases
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2314496
reference_id 2314496
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2314496
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-45231
reference_id CVE-2024-45231
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-45231
12
reference_url https://github.com/advisories/GHSA-rrqc-c2jx-6jgv
reference_id GHSA-rrqc-c2jx-6jgv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rrqc-c2jx-6jgv
13
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
14
reference_url https://usn.ubuntu.com/6987-1/
reference_id USN-6987-1
reference_type
scores
url https://usn.ubuntu.com/6987-1/
fixed_packages
0
url pkg:pypi/django@4.2.16
purl pkg:pypi/django@4.2.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1umb-2rxg-bbdk
1
vulnerability VCID-32d1-b8f2-hud5
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-3vk6-hdbc-2bhz
4
vulnerability VCID-4vry-9jdm-nyg9
5
vulnerability VCID-5fbx-3yfb-fudx
6
vulnerability VCID-62jv-ab6d-sqdb
7
vulnerability VCID-63c7-mkxw-ufav
8
vulnerability VCID-7jbt-5zw2-vff2
9
vulnerability VCID-92bp-6kte-tyfs
10
vulnerability VCID-9udu-eqvn-mqbj
11
vulnerability VCID-ax7m-uv4s-zkc1
12
vulnerability VCID-cbsj-1qqg-1ba6
13
vulnerability VCID-cg44-thdw-cygg
14
vulnerability VCID-chey-b3c1-pbe5
15
vulnerability VCID-dac4-fa2z-bkdq
16
vulnerability VCID-em3c-ceug-cubp
17
vulnerability VCID-enen-3w2h-g3b8
18
vulnerability VCID-fbee-vj2y-cfeb
19
vulnerability VCID-heum-8mwz-sbcw
20
vulnerability VCID-j2uz-w2ur-7ud4
21
vulnerability VCID-jma1-9ags-xbfm
22
vulnerability VCID-nyc2-p1rp-xkb4
23
vulnerability VCID-u15a-4ste-43cy
24
vulnerability VCID-vpgq-jhzc-j7h2
25
vulnerability VCID-xmq2-18at-y3gj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.16
1
url pkg:pypi/django@5.0.9
purl pkg:pypi/django@5.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1umb-2rxg-bbdk
1
vulnerability VCID-4vry-9jdm-nyg9
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-a3e2-se1v-2yb5
4
vulnerability VCID-ax7m-uv4s-zkc1
5
vulnerability VCID-chey-b3c1-pbe5
6
vulnerability VCID-fbee-vj2y-cfeb
7
vulnerability VCID-nyc2-p1rp-xkb4
8
vulnerability VCID-u15a-4ste-43cy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.0.9
2
url pkg:pypi/django@5.1.1
purl pkg:pypi/django@5.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1umb-2rxg-bbdk
1
vulnerability VCID-3d6k-rdsh-k7hm
2
vulnerability VCID-4vry-9jdm-nyg9
3
vulnerability VCID-7jbt-5zw2-vff2
4
vulnerability VCID-9udu-eqvn-mqbj
5
vulnerability VCID-a3e2-se1v-2yb5
6
vulnerability VCID-ax7m-uv4s-zkc1
7
vulnerability VCID-chey-b3c1-pbe5
8
vulnerability VCID-em3c-ceug-cubp
9
vulnerability VCID-fbee-vj2y-cfeb
10
vulnerability VCID-nyc2-p1rp-xkb4
11
vulnerability VCID-u15a-4ste-43cy
12
vulnerability VCID-vpgq-jhzc-j7h2
13
vulnerability VCID-xmq2-18at-y3gj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.1
aliases CVE-2024-45231, GHSA-rrqc-c2jx-6jgv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ax42-esfz-vud2
9
url VCID-ax7m-uv4s-zkc1
vulnerability_id VCID-ax7m-uv4s-zkc1
summary An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed QuerySet.annotate() or QuerySet.alias().
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57833.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57833.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-57833
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17327
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-57833
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/
url https://docs.djangoproject.com/en/dev/releases/security/
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/102965ea93072fe3c39a30be437c683ec1106ef5
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/102965ea93072fe3c39a30be437c683ec1106ef5
7
reference_url https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92
8
reference_url https://github.com/django/django/commit/4c044fcc866ec226f612c475950b690b0139d243
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4c044fcc866ec226f612c475950b690b0139d243
9
reference_url https://groups.google.com/g/django-announce
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/
url https://groups.google.com/g/django-announce
10
reference_url https://lists.debian.org/debian-lts-announce/2025/09/msg00017.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/09/msg00017.html
11
reference_url https://medium.com/@EyalSec/django-unauthenticated-0-click-rce-and-sql-injection-using-default-configuration-059964f3f898
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/
url https://medium.com/@EyalSec/django-unauthenticated-0-click-rce-and-sql-injection-using-default-configuration-059964f3f898
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-57833
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-57833
13
reference_url https://www.djangoproject.com/weblog/2025/sep/03/security-releases
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/sep/03/security-releases
14
reference_url https://www.djangoproject.com/weblog/2025/sep/03/security-releases/
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-08T17:33:03Z/
url https://www.djangoproject.com/weblog/2025/sep/03/security-releases/
15
reference_url http://www.openwall.com/lists/oss-security/2025/09/03/3
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/09/03/3
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113865
reference_id 1113865
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113865
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2392990
reference_id 2392990
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2392990
18
reference_url https://github.com/advisories/GHSA-6w2r-r2m5-xq5w
reference_id GHSA-6w2r-r2m5-xq5w
reference_type
scores
url https://github.com/advisories/GHSA-6w2r-r2m5-xq5w
19
reference_url https://access.redhat.com/errata/RHSA-2025:16403
reference_id RHSA-2025:16403
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16403
20
reference_url https://access.redhat.com/errata/RHSA-2025:16404
reference_id RHSA-2025:16404
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16404
21
reference_url https://access.redhat.com/errata/RHSA-2025:16487
reference_id RHSA-2025:16487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16487
22
reference_url https://access.redhat.com/errata/RHSA-2025:16514
reference_id RHSA-2025:16514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16514
23
reference_url https://access.redhat.com/errata/RHSA-2025:17498
reference_id RHSA-2025:17498
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17498
24
reference_url https://access.redhat.com/errata/RHSA-2025:17499
reference_id RHSA-2025:17499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17499
25
reference_url https://access.redhat.com/errata/RHSA-2025:17500
reference_id RHSA-2025:17500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17500
26
reference_url https://access.redhat.com/errata/RHSA-2025:17606
reference_id RHSA-2025:17606
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17606
27
reference_url https://access.redhat.com/errata/RHSA-2025:17613
reference_id RHSA-2025:17613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17613
28
reference_url https://access.redhat.com/errata/RHSA-2025:17614
reference_id RHSA-2025:17614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17614
29
reference_url https://usn.ubuntu.com/7736-1/
reference_id USN-7736-1
reference_type
scores
url https://usn.ubuntu.com/7736-1/
fixed_packages
0
url pkg:pypi/django@4.2.24
purl pkg:pypi/django@4.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3d6k-rdsh-k7hm
2
vulnerability VCID-3vk6-hdbc-2bhz
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-7jbt-5zw2-vff2
7
vulnerability VCID-92bp-6kte-tyfs
8
vulnerability VCID-9udu-eqvn-mqbj
9
vulnerability VCID-cbsj-1qqg-1ba6
10
vulnerability VCID-cg44-thdw-cygg
11
vulnerability VCID-dac4-fa2z-bkdq
12
vulnerability VCID-enen-3w2h-g3b8
13
vulnerability VCID-heum-8mwz-sbcw
14
vulnerability VCID-j2uz-w2ur-7ud4
15
vulnerability VCID-jma1-9ags-xbfm
16
vulnerability VCID-u15a-4ste-43cy
17
vulnerability VCID-vpgq-jhzc-j7h2
18
vulnerability VCID-xmq2-18at-y3gj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.24
1
url pkg:pypi/django@5.1.12
purl pkg:pypi/django@5.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d6k-rdsh-k7hm
1
vulnerability VCID-7jbt-5zw2-vff2
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-u15a-4ste-43cy
4
vulnerability VCID-vpgq-jhzc-j7h2
5
vulnerability VCID-xmq2-18at-y3gj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.12
2
url pkg:pypi/django@5.2.6
purl pkg:pypi/django@5.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-3vk6-hdbc-2bhz
4
vulnerability VCID-5fbx-3yfb-fudx
5
vulnerability VCID-62jv-ab6d-sqdb
6
vulnerability VCID-63c7-mkxw-ufav
7
vulnerability VCID-7jbt-5zw2-vff2
8
vulnerability VCID-92bp-6kte-tyfs
9
vulnerability VCID-92z2-3rbz-77h9
10
vulnerability VCID-9udu-eqvn-mqbj
11
vulnerability VCID-cbsj-1qqg-1ba6
12
vulnerability VCID-cg44-thdw-cygg
13
vulnerability VCID-dac4-fa2z-bkdq
14
vulnerability VCID-enen-3w2h-g3b8
15
vulnerability VCID-g22z-jue5-8udz
16
vulnerability VCID-heum-8mwz-sbcw
17
vulnerability VCID-j2uz-w2ur-7ud4
18
vulnerability VCID-jma1-9ags-xbfm
19
vulnerability VCID-u15a-4ste-43cy
20
vulnerability VCID-vpgq-jhzc-j7h2
21
vulnerability VCID-xmq2-18at-y3gj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.6
aliases BIT-django-2025-57833, CVE-2025-57833, GHSA-6w2r-r2m5-xq5w, PYSEC-2025-105
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ax7m-uv4s-zkc1
10
url VCID-azdn-r9pz-pqd4
vulnerability_id VCID-azdn-r9pz-pqd4
summary The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-1678.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1678.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-1686.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1686.html
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5143
reference_id
reference_type
scores
0
value 0.15813
scoring_system epss
scoring_elements 0.9485
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5143
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5143
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5144
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5144
8
reference_url https://github.com/advisories/GHSA-h582-2pch-3xv3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-h582-2pch-3xv3
9
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
10
reference_url https://github.com/django/django/commit/1828f4341ec53a8684112d24031b767eba557663
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/1828f4341ec53a8684112d24031b767eba557663
11
reference_url https://github.com/django/django/commit/2e47f3e401c29bc2ba5ab794d483cb0820855fb9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/2e47f3e401c29bc2ba5ab794d483cb0820855fb9
12
reference_url https://github.com/django/django/commit/66d12d1ababa8f062857ee5eb43276493720bf16
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/66d12d1ababa8f062857ee5eb43276493720bf16
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-20.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-20.yaml
14
reference_url https://security.gentoo.org/glsa/201510-06
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201510-06
15
reference_url https://www.djangoproject.com/weblog/2015/jul/08/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/jul/08/security-releases
16
reference_url https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
17
reference_url http://www.debian.org/security/2015/dsa-3305
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3305
18
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
19
reference_url http://www.securityfocus.com/bid/75666
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/75666
20
reference_url http://www.securitytracker.com/id/1032820
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1032820
21
reference_url http://www.ubuntu.com/usn/USN-2671-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2671-1
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5143
reference_id CVE-2015-5143
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5143
23
reference_url https://usn.ubuntu.com/2671-1/
reference_id USN-2671-1
reference_type
scores
url https://usn.ubuntu.com/2671-1/
fixed_packages
0
url pkg:pypi/django@1.7.9
purl pkg:pypi/django@1.7.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27qc-gba4-aqfd
1
vulnerability VCID-2bh9-k4at-r7hz
2
vulnerability VCID-2bx5-jaat-u7ek
3
vulnerability VCID-697r-xhy8-efa5
4
vulnerability VCID-6fef-e9tf-7kag
5
vulnerability VCID-6p2m-vyft-xfe8
6
vulnerability VCID-9udu-eqvn-mqbj
7
vulnerability VCID-arff-yjfe-auhp
8
vulnerability VCID-ax42-esfz-vud2
9
vulnerability VCID-ax7m-uv4s-zkc1
10
vulnerability VCID-cbg1-8tp8-7ube
11
vulnerability VCID-fbee-vj2y-cfeb
12
vulnerability VCID-fynq-usj6-rfd3
13
vulnerability VCID-hzcv-euwq-eqeg
14
vulnerability VCID-nh19-fbce-wbfu
15
vulnerability VCID-qg2s-fuw3-nbda
16
vulnerability VCID-s4vz-wfcp-aygd
17
vulnerability VCID-u15a-4ste-43cy
18
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.9
1
url pkg:pypi/django@1.8.3
purl pkg:pypi/django@1.8.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27qc-gba4-aqfd
1
vulnerability VCID-2bh9-k4at-r7hz
2
vulnerability VCID-5sxw-p38k-q7cp
3
vulnerability VCID-697r-xhy8-efa5
4
vulnerability VCID-6fef-e9tf-7kag
5
vulnerability VCID-6p2m-vyft-xfe8
6
vulnerability VCID-9udu-eqvn-mqbj
7
vulnerability VCID-arff-yjfe-auhp
8
vulnerability VCID-ax42-esfz-vud2
9
vulnerability VCID-ax7m-uv4s-zkc1
10
vulnerability VCID-cbg1-8tp8-7ube
11
vulnerability VCID-fbee-vj2y-cfeb
12
vulnerability VCID-fynq-usj6-rfd3
13
vulnerability VCID-hs1y-thzf-qqct
14
vulnerability VCID-hzcv-euwq-eqeg
15
vulnerability VCID-j1jc-m7e2-5yck
16
vulnerability VCID-nh19-fbce-wbfu
17
vulnerability VCID-ptk1-k7b2-gkdm
18
vulnerability VCID-qg2s-fuw3-nbda
19
vulnerability VCID-s4vz-wfcp-aygd
20
vulnerability VCID-u15a-4ste-43cy
21
vulnerability VCID-yb2r-r8gy-3yhe
22
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.3
aliases CVE-2015-5143, GHSA-h582-2pch-3xv3, PYSEC-2015-20
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-azdn-r9pz-pqd4
11
url VCID-cbg1-8tp8-7ube
vulnerability_id VCID-cbg1-8tp8-7ube
summary Cross-site scripting (XSS) vulnerability in the dismissChangeRelatedObjectPopup function in contrib/admin/static/admin/js/admin/RelatedObjectLookups.js in Django before 1.8.14, 1.9.x before 1.9.8, and 1.10.x before 1.10rc1 allows remote attackers to inject arbitrary web script or HTML via vectors involving unsafe usage of Element.innerHTML.
references
0
reference_url http://packetstormsecurity.com/files/137965/Django-3.3.0-Script-Insertion.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/137965/Django-3.3.0-Script-Insertion.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-1594.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1594.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-1595.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1595.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-1596.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1596.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6186
reference_id
reference_type
scores
0
value 0.16367
scoring_system epss
scoring_elements 0.94972
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6186
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6186
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6186
6
reference_url http://seclists.org/fulldisclosure/2016/Jul/53
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2016/Jul/53
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/django/django/commit/6fa150b2f8b601668083042324c4add534143cb1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6fa150b2f8b601668083042324c4add534143cb1
10
reference_url https://github.com/django/django/commit/d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158
11
reference_url https://github.com/django/django/commit/f68e5a99164867ab0e071a936470958ed867479d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f68e5a99164867ab0e071a936470958ed867479d
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-2.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-2.yaml
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMLLFAUT4J4IP4P2KI4NOVWRMHA22WUJ
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMLLFAUT4J4IP4P2KI4NOVWRMHA22WUJ
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMLLFAUT4J4IP4P2KI4NOVWRMHA22WUJ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DMLLFAUT4J4IP4P2KI4NOVWRMHA22WUJ/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KHHPN6MISX5I6UTXQHYLPTLEEUE6WDXW
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KHHPN6MISX5I6UTXQHYLPTLEEUE6WDXW
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KHHPN6MISX5I6UTXQHYLPTLEEUE6WDXW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KHHPN6MISX5I6UTXQHYLPTLEEUE6WDXW/
17
reference_url https://web.archive.org/web/20201022155237/http://www.securityfocus.com/archive/1/538947/100/0/threaded
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201022155237/http://www.securityfocus.com/archive/1/538947/100/0/threaded
18
reference_url https://web.archive.org/web/20210123154652/http://www.securityfocus.com/bid/92058
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123154652/http://www.securityfocus.com/bid/92058
19
reference_url https://web.archive.org/web/20211204042848/http://www.securitytracker.com/id/1036338
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20211204042848/http://www.securitytracker.com/id/1036338
20
reference_url https://www.djangoproject.com/weblog/2016/jul/18/security-releases
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2016/jul/18/security-releases
21
reference_url https://www.djangoproject.com/weblog/2016/jul/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2016/jul/18/security-releases/
22
reference_url https://www.exploit-db.com/exploits/40129
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/40129
23
reference_url https://www.exploit-db.com/exploits/40129/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/40129/
24
reference_url http://www.debian.org/security/2016/dsa-3622
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3622
25
reference_url http://www.securityfocus.com/archive/1/538947/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/538947/100/0/threaded
26
reference_url http://www.securityfocus.com/bid/92058
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/92058
27
reference_url http://www.securitytracker.com/id/1036338
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036338
28
reference_url http://www.ubuntu.com/usn/USN-3039-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-3039-1
29
reference_url http://www.vulnerability-lab.com/get_content.php?id=1869
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vulnerability-lab.com/get_content.php?id=1869
30
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831799
reference_id 831799
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831799
31
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/40129.txt
reference_id CVE-2016-6186
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/40129.txt
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6186
reference_id CVE-2016-6186
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6186
33
reference_url https://www.vulnerability-lab.com/get_content.php?id=1869
reference_id CVE-2016-6186
reference_type exploit
scores
url https://www.vulnerability-lab.com/get_content.php?id=1869
34
reference_url https://github.com/advisories/GHSA-c8c8-9472-w52h
reference_id GHSA-c8c8-9472-w52h
reference_type
scores
url https://github.com/advisories/GHSA-c8c8-9472-w52h
35
reference_url https://usn.ubuntu.com/3039-1/
reference_id USN-3039-1
reference_type
scores
url https://usn.ubuntu.com/3039-1/
fixed_packages
0
url pkg:pypi/django@1.8.14
purl pkg:pypi/django@1.8.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-5sxw-p38k-q7cp
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-arff-yjfe-auhp
4
vulnerability VCID-ax42-esfz-vud2
5
vulnerability VCID-ax7m-uv4s-zkc1
6
vulnerability VCID-fbee-vj2y-cfeb
7
vulnerability VCID-fynq-usj6-rfd3
8
vulnerability VCID-hs1y-thzf-qqct
9
vulnerability VCID-hzcv-euwq-eqeg
10
vulnerability VCID-j1jc-m7e2-5yck
11
vulnerability VCID-ptk1-k7b2-gkdm
12
vulnerability VCID-qg2s-fuw3-nbda
13
vulnerability VCID-s4vz-wfcp-aygd
14
vulnerability VCID-u15a-4ste-43cy
15
vulnerability VCID-yb2r-r8gy-3yhe
16
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.14
1
url pkg:pypi/django@1.9.8
purl pkg:pypi/django@1.9.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-9udu-eqvn-mqbj
2
vulnerability VCID-arff-yjfe-auhp
3
vulnerability VCID-ax42-esfz-vud2
4
vulnerability VCID-ax7m-uv4s-zkc1
5
vulnerability VCID-fbee-vj2y-cfeb
6
vulnerability VCID-fynq-usj6-rfd3
7
vulnerability VCID-hs1y-thzf-qqct
8
vulnerability VCID-hzcv-euwq-eqeg
9
vulnerability VCID-ptk1-k7b2-gkdm
10
vulnerability VCID-qg2s-fuw3-nbda
11
vulnerability VCID-s4vz-wfcp-aygd
12
vulnerability VCID-u15a-4ste-43cy
13
vulnerability VCID-yb2r-r8gy-3yhe
14
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.8
2
url pkg:pypi/django@1.10rc1
purl pkg:pypi/django@1.10rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-8gkb-43x6-d7a8
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-arff-yjfe-auhp
4
vulnerability VCID-ax42-esfz-vud2
5
vulnerability VCID-ax7m-uv4s-zkc1
6
vulnerability VCID-fbee-vj2y-cfeb
7
vulnerability VCID-fynq-usj6-rfd3
8
vulnerability VCID-hs1y-thzf-qqct
9
vulnerability VCID-hzcv-euwq-eqeg
10
vulnerability VCID-ptk1-k7b2-gkdm
11
vulnerability VCID-qg2s-fuw3-nbda
12
vulnerability VCID-s4vz-wfcp-aygd
13
vulnerability VCID-u15a-4ste-43cy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.10rc1
aliases CVE-2016-6186, GHSA-c8c8-9472-w52h, PYSEC-2016-2
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbg1-8tp8-7ube
12
url VCID-fbee-vj2y-cfeb
vulnerability_id VCID-fbee-vj2y-cfeb
summary content spoofing
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48432.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48432.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48432
reference_id
reference_type
scores
0
value 0.00411
scoring_system epss
scoring_elements 0.6171
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48432
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/
url https://docs.djangoproject.com/en/dev/releases/security/
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-47.yaml
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-47.yaml
7
reference_url https://groups.google.com/g/django-announce
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/
url https://groups.google.com/g/django-announce
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-48432
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-48432
9
reference_url https://www.djangoproject.com/weblog/2025/jun/04/security-releases
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/jun/04/security-releases
10
reference_url https://www.djangoproject.com/weblog/2025/jun/04/security-releases/
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/
url https://www.djangoproject.com/weblog/2025/jun/04/security-releases/
11
reference_url https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases
12
reference_url http://www.openwall.com/lists/oss-security/2025/06/04/5
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/04/5
13
reference_url http://www.openwall.com/lists/oss-security/2025/06/10/2
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/10/2
14
reference_url http://www.openwall.com/lists/oss-security/2025/06/10/3
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/10/3
15
reference_url http://www.openwall.com/lists/oss-security/2025/06/10/4
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/06/10/4
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107282
reference_id 1107282
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107282
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2370365
reference_id 2370365
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2370365
18
reference_url https://security.archlinux.org/ASA-202506-6
reference_id ASA-202506-6
reference_type
scores
url https://security.archlinux.org/ASA-202506-6
19
reference_url https://security.archlinux.org/AVG-2894
reference_id AVG-2894
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2894
20
reference_url https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/
reference_id bugfix-releases
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/
url https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/
21
reference_url https://github.com/advisories/GHSA-7xr5-9hcq-chf9
reference_id GHSA-7xr5-9hcq-chf9
reference_type
scores
url https://github.com/advisories/GHSA-7xr5-9hcq-chf9
22
reference_url https://access.redhat.com/errata/RHSA-2025:14686
reference_id RHSA-2025:14686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14686
23
reference_url https://access.redhat.com/errata/RHSA-2025:16487
reference_id RHSA-2025:16487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16487
24
reference_url https://usn.ubuntu.com/7555-1/
reference_id USN-7555-1
reference_type
scores
url https://usn.ubuntu.com/7555-1/
fixed_packages
0
url pkg:pypi/django@4.2.22
purl pkg:pypi/django@4.2.22
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3d6k-rdsh-k7hm
2
vulnerability VCID-3vk6-hdbc-2bhz
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-7jbt-5zw2-vff2
7
vulnerability VCID-92bp-6kte-tyfs
8
vulnerability VCID-9udu-eqvn-mqbj
9
vulnerability VCID-ax7m-uv4s-zkc1
10
vulnerability VCID-cbsj-1qqg-1ba6
11
vulnerability VCID-cg44-thdw-cygg
12
vulnerability VCID-dac4-fa2z-bkdq
13
vulnerability VCID-enen-3w2h-g3b8
14
vulnerability VCID-heum-8mwz-sbcw
15
vulnerability VCID-j2uz-w2ur-7ud4
16
vulnerability VCID-jma1-9ags-xbfm
17
vulnerability VCID-u15a-4ste-43cy
18
vulnerability VCID-vpgq-jhzc-j7h2
19
vulnerability VCID-xmq2-18at-y3gj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.22
1
url pkg:pypi/django@5.1.10
purl pkg:pypi/django@5.1.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d6k-rdsh-k7hm
1
vulnerability VCID-7jbt-5zw2-vff2
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-ax7m-uv4s-zkc1
4
vulnerability VCID-u15a-4ste-43cy
5
vulnerability VCID-vpgq-jhzc-j7h2
6
vulnerability VCID-xmq2-18at-y3gj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.10
2
url pkg:pypi/django@5.2.2
purl pkg:pypi/django@5.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-3vk6-hdbc-2bhz
4
vulnerability VCID-5fbx-3yfb-fudx
5
vulnerability VCID-62jv-ab6d-sqdb
6
vulnerability VCID-63c7-mkxw-ufav
7
vulnerability VCID-7jbt-5zw2-vff2
8
vulnerability VCID-92bp-6kte-tyfs
9
vulnerability VCID-92z2-3rbz-77h9
10
vulnerability VCID-9udu-eqvn-mqbj
11
vulnerability VCID-ax7m-uv4s-zkc1
12
vulnerability VCID-cbsj-1qqg-1ba6
13
vulnerability VCID-cg44-thdw-cygg
14
vulnerability VCID-dac4-fa2z-bkdq
15
vulnerability VCID-enen-3w2h-g3b8
16
vulnerability VCID-g22z-jue5-8udz
17
vulnerability VCID-heum-8mwz-sbcw
18
vulnerability VCID-j2uz-w2ur-7ud4
19
vulnerability VCID-jma1-9ags-xbfm
20
vulnerability VCID-u15a-4ste-43cy
21
vulnerability VCID-vpgq-jhzc-j7h2
22
vulnerability VCID-xmq2-18at-y3gj
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.2
aliases BIT-django-2025-48432, CVE-2025-48432, GHSA-7xr5-9hcq-chf9, PYSEC-2025-47
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fbee-vj2y-cfeb
13
url VCID-fkch-835a-4ffd
vulnerability_id VCID-fkch-835a-4ffd
summary Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an (1) email message to the EmailValidator, a (2) URL to the URLValidator, or unspecified vectors to the (3) validate_ipv4_address or (4) validate_slug validator.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5144
reference_id
reference_type
scores
0
value 0.01493
scoring_system epss
scoring_elements 0.81375
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5144
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5143
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5144
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5144
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.4.21.txt#L30-L54
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.4.21.txt#L30-L54
8
reference_url https://github.com/django/django/commit/1ba1cdce7d58e6740fe51955d945b56ae51d072a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/1ba1cdce7d58e6740fe51955d945b56ae51d072a
9
reference_url https://github.com/django/django/commit/574dd5e0b0fbb877ae5827b1603d298edc9bb2a0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/574dd5e0b0fbb877ae5827b1603d298edc9bb2a0
10
reference_url https://github.com/django/django/commit/8f9a4d3a2bc42f14bb437defd30c7315adbff22c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/8f9a4d3a2bc42f14bb437defd30c7315adbff22c
11
reference_url https://github.com/django/django/commit/ae49b4d994656bc037513dcd064cb9ce5bb85649
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/ae49b4d994656bc037513dcd064cb9ce5bb85649
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-10.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-10.yaml
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5144
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5144
14
reference_url https://security.gentoo.org/glsa/201510-06
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201510-06
15
reference_url https://web.archive.org/web/20150924150801/http://www.securitytracker.com/id/1032820
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150924150801/http://www.securitytracker.com/id/1032820
16
reference_url https://web.archive.org/web/20200228050526/http://www.securityfocus.com/bid/75665
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228050526/http://www.securityfocus.com/bid/75665
17
reference_url https://www.djangoproject.com/weblog/2015/jul/08/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2015/jul/08/security-releases
18
reference_url https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
19
reference_url http://www.debian.org/security/2015/dsa-3305
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3305
20
reference_url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
21
reference_url http://www.securityfocus.com/bid/75665
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/75665
22
reference_url http://www.securitytracker.com/id/1032820
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1032820
23
reference_url http://www.ubuntu.com/usn/USN-2671-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2671-1
24
reference_url https://github.com/advisories/GHSA-q5qw-4364-5hhm
reference_id GHSA-q5qw-4364-5hhm
reference_type
scores
url https://github.com/advisories/GHSA-q5qw-4364-5hhm
25
reference_url https://usn.ubuntu.com/2671-1/
reference_id USN-2671-1
reference_type
scores
url https://usn.ubuntu.com/2671-1/
fixed_packages
0
url pkg:pypi/django@1.7.9
purl pkg:pypi/django@1.7.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27qc-gba4-aqfd
1
vulnerability VCID-2bh9-k4at-r7hz
2
vulnerability VCID-2bx5-jaat-u7ek
3
vulnerability VCID-697r-xhy8-efa5
4
vulnerability VCID-6fef-e9tf-7kag
5
vulnerability VCID-6p2m-vyft-xfe8
6
vulnerability VCID-9udu-eqvn-mqbj
7
vulnerability VCID-arff-yjfe-auhp
8
vulnerability VCID-ax42-esfz-vud2
9
vulnerability VCID-ax7m-uv4s-zkc1
10
vulnerability VCID-cbg1-8tp8-7ube
11
vulnerability VCID-fbee-vj2y-cfeb
12
vulnerability VCID-fynq-usj6-rfd3
13
vulnerability VCID-hzcv-euwq-eqeg
14
vulnerability VCID-nh19-fbce-wbfu
15
vulnerability VCID-qg2s-fuw3-nbda
16
vulnerability VCID-s4vz-wfcp-aygd
17
vulnerability VCID-u15a-4ste-43cy
18
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.9
1
url pkg:pypi/django@1.8.3
purl pkg:pypi/django@1.8.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-27qc-gba4-aqfd
1
vulnerability VCID-2bh9-k4at-r7hz
2
vulnerability VCID-5sxw-p38k-q7cp
3
vulnerability VCID-697r-xhy8-efa5
4
vulnerability VCID-6fef-e9tf-7kag
5
vulnerability VCID-6p2m-vyft-xfe8
6
vulnerability VCID-9udu-eqvn-mqbj
7
vulnerability VCID-arff-yjfe-auhp
8
vulnerability VCID-ax42-esfz-vud2
9
vulnerability VCID-ax7m-uv4s-zkc1
10
vulnerability VCID-cbg1-8tp8-7ube
11
vulnerability VCID-fbee-vj2y-cfeb
12
vulnerability VCID-fynq-usj6-rfd3
13
vulnerability VCID-hs1y-thzf-qqct
14
vulnerability VCID-hzcv-euwq-eqeg
15
vulnerability VCID-j1jc-m7e2-5yck
16
vulnerability VCID-nh19-fbce-wbfu
17
vulnerability VCID-ptk1-k7b2-gkdm
18
vulnerability VCID-qg2s-fuw3-nbda
19
vulnerability VCID-s4vz-wfcp-aygd
20
vulnerability VCID-u15a-4ste-43cy
21
vulnerability VCID-yb2r-r8gy-3yhe
22
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.3
aliases CVE-2015-5144, GHSA-q5qw-4364-5hhm, PYSEC-2015-10
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fkch-835a-4ffd
14
url VCID-fynq-usj6-rfd3
vulnerability_id VCID-fynq-usj6-rfd3
summary insufficient validation
references
0
reference_url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19844
reference_id
reference_type
scores
0
value 0.13973
scoring_system epss
scoring_elements 0.94448
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19844
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/dev/releases/security/
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-vfq6-hq5r-27r6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-vfq6-hq5r-27r6
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26
8
reference_url https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e
9
reference_url https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70
10
reference_url https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml
12
reference_url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/
15
reference_url https://seclists.org/bugtraq/2020/Jan/9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2020/Jan/9
16
reference_url https://security.gentoo.org/glsa/202004-17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202004-17
17
reference_url https://security.netapp.com/advisory/ntap-20200110-0003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200110-0003
18
reference_url https://security.netapp.com/advisory/ntap-20200110-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200110-0003/
19
reference_url https://usn.ubuntu.com/4224-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4224-1
20
reference_url https://usn.ubuntu.com/4224-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4224-1/
21
reference_url https://www.debian.org/security/2020/dsa-4598
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4598
22
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases
23
reference_url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937
reference_id 946937
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946937
25
reference_url https://security.archlinux.org/AVG-1080
reference_id AVG-1080
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1080
26
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md
reference_id CVE-2019-19844
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/47879.md
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19844
reference_id CVE-2019-19844
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19844
28
reference_url https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
reference_id CVE-2019-19844
reference_type exploit
scores
url https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/
29
reference_url https://usn.ubuntu.com/6722-1/
reference_id USN-6722-1
reference_type
scores
url https://usn.ubuntu.com/6722-1/
fixed_packages
0
url pkg:pypi/django@1.11.27
purl pkg:pypi/django@1.11.27
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-7b47-vsfh-y3gh
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-ax42-esfz-vud2
4
vulnerability VCID-ax7m-uv4s-zkc1
5
vulnerability VCID-fbee-vj2y-cfeb
6
vulnerability VCID-hzcv-euwq-eqeg
7
vulnerability VCID-qg2s-fuw3-nbda
8
vulnerability VCID-u15a-4ste-43cy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.27
1
url pkg:pypi/django@2.2.9
purl pkg:pypi/django@2.2.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-2f2p-wfbs-73hz
2
vulnerability VCID-3wbe-pfau-9uhb
3
vulnerability VCID-5a2y-2m62-1qfa
4
vulnerability VCID-7b47-vsfh-y3gh
5
vulnerability VCID-81q1-gytk-2uaq
6
vulnerability VCID-9hp4-hn21-zkg8
7
vulnerability VCID-9udu-eqvn-mqbj
8
vulnerability VCID-ax42-esfz-vud2
9
vulnerability VCID-ax7m-uv4s-zkc1
10
vulnerability VCID-b81v-3drw-xudf
11
vulnerability VCID-bbxx-48nj-pqcd
12
vulnerability VCID-dcv2-gx5a-pfe2
13
vulnerability VCID-dqkn-1888-y3er
14
vulnerability VCID-fbee-vj2y-cfeb
15
vulnerability VCID-fc6y-y2b1-v3d5
16
vulnerability VCID-gxju-xjh2-z7bn
17
vulnerability VCID-hzcv-euwq-eqeg
18
vulnerability VCID-jzbk-uswz-8ucg
19
vulnerability VCID-nxbs-37dx-rbbh
20
vulnerability VCID-punr-dfy5-v3g1
21
vulnerability VCID-qg2s-fuw3-nbda
22
vulnerability VCID-u15a-4ste-43cy
23
vulnerability VCID-u53d-8afk-c3gq
24
vulnerability VCID-vyzr-dkz3-vfg6
25
vulnerability VCID-xb3c-6rew-z3ba
26
vulnerability VCID-xu9t-qtjz-bud8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9
2
url pkg:pypi/django@3.0.1
purl pkg:pypi/django@3.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-3wbe-pfau-9uhb
2
vulnerability VCID-5a2y-2m62-1qfa
3
vulnerability VCID-7b47-vsfh-y3gh
4
vulnerability VCID-9hp4-hn21-zkg8
5
vulnerability VCID-9udu-eqvn-mqbj
6
vulnerability VCID-ax42-esfz-vud2
7
vulnerability VCID-ax7m-uv4s-zkc1
8
vulnerability VCID-b81v-3drw-xudf
9
vulnerability VCID-fbee-vj2y-cfeb
10
vulnerability VCID-fc6y-y2b1-v3d5
11
vulnerability VCID-gxju-xjh2-z7bn
12
vulnerability VCID-hzcv-euwq-eqeg
13
vulnerability VCID-nxbs-37dx-rbbh
14
vulnerability VCID-punr-dfy5-v3g1
15
vulnerability VCID-qg2s-fuw3-nbda
16
vulnerability VCID-u15a-4ste-43cy
17
vulnerability VCID-xb3c-6rew-z3ba
18
vulnerability VCID-xu9t-qtjz-bud8
19
vulnerability VCID-zvet-h29t-tub8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.1
aliases CVE-2019-19844, GHSA-vfq6-hq5r-27r6, PYSEC-2019-16
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fynq-usj6-rfd3
15
url VCID-hzcv-euwq-eqeg
vulnerability_id VCID-hzcv-euwq-eqeg
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33203.json
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33203.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33203
reference_id
reference_type
scores
0
value 0.00327
scoring_system epss
scoring_elements 0.5585
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33203
2
reference_url https://docs.djangoproject.com/en/3.2/releases/security
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/3.2/releases/security
3
reference_url https://docs.djangoproject.com/en/3.2/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/3.2/releases/security/
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-68w8-qjq3-2gfm
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90
8
reference_url https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/20c67a0693c4ede2b09af02574823485e82e4c8f
9
reference_url https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/dfaba12cda060b8b292ae1d271b44bf810b1c5b9
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2021-98.yaml
11
reference_url https://groups.google.com/forum/#!forum/django-announce
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!forum/django-announce
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33203
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33203
14
reference_url https://security.netapp.com/advisory/ntap-20210727-0004
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210727-0004
15
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases
16
reference_url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2021/jun/02/security-releases/
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966251
reference_id 1966251
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966251
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
reference_id 989394
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989394
19
reference_url https://security.archlinux.org/ASA-202106-41
reference_id ASA-202106-41
reference_type
scores
url https://security.archlinux.org/ASA-202106-41
20
reference_url https://security.archlinux.org/AVG-2026
reference_id AVG-2026
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2026
21
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
22
reference_url https://access.redhat.com/errata/RHSA-2021:3490
reference_id RHSA-2021:3490
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3490
23
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
24
reference_url https://access.redhat.com/errata/RHSA-2021:5070
reference_id RHSA-2021:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5070
25
reference_url https://usn.ubuntu.com/4975-1/
reference_id USN-4975-1
reference_type
scores
url https://usn.ubuntu.com/4975-1/
26
reference_url https://usn.ubuntu.com/4975-2/
reference_id USN-4975-2
reference_type
scores
url https://usn.ubuntu.com/4975-2/
fixed_packages
0
url pkg:pypi/django@2.2.24
purl pkg:pypi/django@2.2.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f2p-wfbs-73hz
1
vulnerability VCID-81q1-gytk-2uaq
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-ax42-esfz-vud2
4
vulnerability VCID-ax7m-uv4s-zkc1
5
vulnerability VCID-bbxx-48nj-pqcd
6
vulnerability VCID-dcv2-gx5a-pfe2
7
vulnerability VCID-dqkn-1888-y3er
8
vulnerability VCID-fbee-vj2y-cfeb
9
vulnerability VCID-fc6y-y2b1-v3d5
10
vulnerability VCID-jzbk-uswz-8ucg
11
vulnerability VCID-qg2s-fuw3-nbda
12
vulnerability VCID-u15a-4ste-43cy
13
vulnerability VCID-vyzr-dkz3-vfg6
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24
1
url pkg:pypi/django@3.1.12
purl pkg:pypi/django@3.1.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9udu-eqvn-mqbj
1
vulnerability VCID-ax42-esfz-vud2
2
vulnerability VCID-ax7m-uv4s-zkc1
3
vulnerability VCID-fbee-vj2y-cfeb
4
vulnerability VCID-fc6y-y2b1-v3d5
5
vulnerability VCID-qg2s-fuw3-nbda
6
vulnerability VCID-u15a-4ste-43cy
7
vulnerability VCID-zvet-h29t-tub8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12
2
url pkg:pypi/django@3.2.4
purl pkg:pypi/django@3.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2f2p-wfbs-73hz
1
vulnerability VCID-5k3f-9smv-8bev
2
vulnerability VCID-6bct-bfhb-xugt
3
vulnerability VCID-7u6e-a3ng-fude
4
vulnerability VCID-81q1-gytk-2uaq
5
vulnerability VCID-9udu-eqvn-mqbj
6
vulnerability VCID-ax42-esfz-vud2
7
vulnerability VCID-ax7m-uv4s-zkc1
8
vulnerability VCID-bbxx-48nj-pqcd
9
vulnerability VCID-bjn5-qpmt-qffx
10
vulnerability VCID-ctk2-ykg7-h7ag
11
vulnerability VCID-dcv2-gx5a-pfe2
12
vulnerability VCID-dqkn-1888-y3er
13
vulnerability VCID-e2p6-m8gu-jbfu
14
vulnerability VCID-fbee-vj2y-cfeb
15
vulnerability VCID-fc6y-y2b1-v3d5
16
vulnerability VCID-fwkd-bq8u-9kg8
17
vulnerability VCID-jzbk-uswz-8ucg
18
vulnerability VCID-kmv2-339j-8ugc
19
vulnerability VCID-nyy8-t17r-syex
20
vulnerability VCID-qg2s-fuw3-nbda
21
vulnerability VCID-rn9d-fd73-3kb9
22
vulnerability VCID-u15a-4ste-43cy
23
vulnerability VCID-vyzr-dkz3-vfg6
24
vulnerability VCID-x4s4-qav9-xbet
25
vulnerability VCID-zvet-h29t-tub8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4
aliases BIT-django-2021-33203, CVE-2021-33203, GHSA-68w8-qjq3-2gfm, PYSEC-2021-98
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hzcv-euwq-eqeg
16
url VCID-nh19-fbce-wbfu
vulnerability_id VCID-nh19-fbce-wbfu
summary The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting (XSS) attacks via a URL containing basic authentication, as demonstrated by http://mysite.example.com\@attacker.com.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0502.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0502.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-0504.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0504.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-0505.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0505.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-0506.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0506.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2512
reference_id
reference_type
scores
0
value 0.01203
scoring_system epss
scoring_elements 0.79245
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2512
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2512
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2512
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513
7
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
8
reference_url https://github.com/django/django/commit/382ab137312961ad62feb8109d70a5a581fe8350
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/382ab137312961ad62feb8109d70a5a581fe8350
9
reference_url https://github.com/django/django/commit/c5544d289233f501917e25970c03ed444abbd4f0
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c5544d289233f501917e25970c03ed444abbd4f0
10
reference_url https://github.com/django/django/commit/fc6d147a63f89795dbcdecb0559256470fff4380
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/fc6d147a63f89795dbcdecb0559256470fff4380
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-15.yaml
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-15.yaml
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2512
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-2512
13
reference_url https://web.archive.org/web/20210123090815/http://www.securityfocus.com/bid/83879
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123090815/http://www.securityfocus.com/bid/83879
14
reference_url https://web.archive.org/web/20210413200202/http://www.securitytracker.com/id/1035152
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210413200202/http://www.securitytracker.com/id/1035152
15
reference_url https://www.djangoproject.com/weblog/2016/mar/01/security-releases
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2016/mar/01/security-releases
16
reference_url https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2016/mar/01/security-releases/
17
reference_url http://www.debian.org/security/2016/dsa-3544
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3544
18
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
19
reference_url http://www.securityfocus.com/bid/83879
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/83879
20
reference_url http://www.securitytracker.com/id/1035152
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035152
21
reference_url http://www.ubuntu.com/usn/USN-2915-1
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2915-1
22
reference_url http://www.ubuntu.com/usn/USN-2915-2
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2915-2
23
reference_url http://www.ubuntu.com/usn/USN-2915-3
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2915-3
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816434
reference_id 816434
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816434
25
reference_url https://github.com/advisories/GHSA-pw27-w7w4-9qc7
reference_id GHSA-pw27-w7w4-9qc7
reference_type
scores
url https://github.com/advisories/GHSA-pw27-w7w4-9qc7
26
reference_url https://usn.ubuntu.com/2915-1/
reference_id USN-2915-1
reference_type
scores
url https://usn.ubuntu.com/2915-1/
fixed_packages
0
url pkg:pypi/django@1.8.10
purl pkg:pypi/django@1.8.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-5sxw-p38k-q7cp
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-arff-yjfe-auhp
4
vulnerability VCID-ax42-esfz-vud2
5
vulnerability VCID-ax7m-uv4s-zkc1
6
vulnerability VCID-cbg1-8tp8-7ube
7
vulnerability VCID-fbee-vj2y-cfeb
8
vulnerability VCID-fynq-usj6-rfd3
9
vulnerability VCID-hs1y-thzf-qqct
10
vulnerability VCID-hzcv-euwq-eqeg
11
vulnerability VCID-j1jc-m7e2-5yck
12
vulnerability VCID-ptk1-k7b2-gkdm
13
vulnerability VCID-qg2s-fuw3-nbda
14
vulnerability VCID-s4vz-wfcp-aygd
15
vulnerability VCID-u15a-4ste-43cy
16
vulnerability VCID-yb2r-r8gy-3yhe
17
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.10
1
url pkg:pypi/django@1.9.3
purl pkg:pypi/django@1.9.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-9udu-eqvn-mqbj
2
vulnerability VCID-arff-yjfe-auhp
3
vulnerability VCID-ax42-esfz-vud2
4
vulnerability VCID-ax7m-uv4s-zkc1
5
vulnerability VCID-cbg1-8tp8-7ube
6
vulnerability VCID-fbee-vj2y-cfeb
7
vulnerability VCID-fynq-usj6-rfd3
8
vulnerability VCID-hs1y-thzf-qqct
9
vulnerability VCID-hzcv-euwq-eqeg
10
vulnerability VCID-ptk1-k7b2-gkdm
11
vulnerability VCID-qg2s-fuw3-nbda
12
vulnerability VCID-s4vz-wfcp-aygd
13
vulnerability VCID-u15a-4ste-43cy
14
vulnerability VCID-yb2r-r8gy-3yhe
15
vulnerability VCID-zuca-q98m-w7bk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.3
aliases CVE-2016-2512, GHSA-pw27-w7w4-9qc7, PYSEC-2016-15
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nh19-fbce-wbfu
17
url VCID-qg2s-fuw3-nbda
vulnerability_id VCID-qg2s-fuw3-nbda
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36359
reference_id
reference_type
scores
0
value 0.01374
scoring_system epss
scoring_elements 0.80552
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36359
1
reference_url https://docs.djangoproject.com/en/4.0/releases/security
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/4.0/releases/security
2
reference_url https://docs.djangoproject.com/en/4.0/releases/security/
reference_id
reference_type
scores
url https://docs.djangoproject.com/en/4.0/releases/security/
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-8x94-hmjh-97hq
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8x94-hmjh-97hq
5
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
6
reference_url https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80
7
reference_url https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3
8
reference_url https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml
10
reference_url https://groups.google.com/g/django-announce/c/8cz--gvaJr4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/django-announce/c/8cz--gvaJr4
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
13
reference_url https://security.netapp.com/advisory/ntap-20220915-0008
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220915-0008
14
reference_url https://www.debian.org/security/2022/dsa-5254
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5254
15
reference_url https://www.djangoproject.com/weblog/2022/aug/03/security-releases
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2022/aug/03/security-releases
16
reference_url https://www.djangoproject.com/weblog/2022/aug/03/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2022/aug/03/security-releases/
17
reference_url http://www.openwall.com/lists/oss-security/2022/08/03/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/08/03/1
18
reference_url https://security.archlinux.org/AVG-2810
reference_id AVG-2810
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2810
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36359
reference_id CVE-2022-36359
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36359
20
reference_url https://security.gentoo.org/glsa/202509-03
reference_id GLSA-202509-03
reference_type
scores
url https://security.gentoo.org/glsa/202509-03
21
reference_url https://usn.ubuntu.com/5549-1/
reference_id USN-5549-1
reference_type
scores
url https://usn.ubuntu.com/5549-1/
fixed_packages
0
url pkg:pypi/django@3.2.15
purl pkg:pypi/django@3.2.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5k3f-9smv-8bev
1
vulnerability VCID-7u6e-a3ng-fude
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-ax42-esfz-vud2
4
vulnerability VCID-ax7m-uv4s-zkc1
5
vulnerability VCID-bjn5-qpmt-qffx
6
vulnerability VCID-ctk2-ykg7-h7ag
7
vulnerability VCID-e2p6-m8gu-jbfu
8
vulnerability VCID-fbee-vj2y-cfeb
9
vulnerability VCID-fwkd-bq8u-9kg8
10
vulnerability VCID-kmv2-339j-8ugc
11
vulnerability VCID-nyy8-t17r-syex
12
vulnerability VCID-rn9d-fd73-3kb9
13
vulnerability VCID-u15a-4ste-43cy
14
vulnerability VCID-x4s4-qav9-xbet
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.15
1
url pkg:pypi/django@4.0.7
purl pkg:pypi/django@4.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5k3f-9smv-8bev
1
vulnerability VCID-9udu-eqvn-mqbj
2
vulnerability VCID-ax42-esfz-vud2
3
vulnerability VCID-ax7m-uv4s-zkc1
4
vulnerability VCID-fbee-vj2y-cfeb
5
vulnerability VCID-fwkd-bq8u-9kg8
6
vulnerability VCID-kmv2-339j-8ugc
7
vulnerability VCID-nyy8-t17r-syex
8
vulnerability VCID-rn9d-fd73-3kb9
9
vulnerability VCID-u15a-4ste-43cy
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.0.7
aliases BIT-django-2022-36359, CVE-2022-36359, GHSA-8x94-hmjh-97hq, PYSEC-2022-245
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qg2s-fuw3-nbda
18
url VCID-s4vz-wfcp-aygd
vulnerability_id VCID-s4vz-wfcp-aygd
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9014
reference_id
reference_type
scores
0
value 0.03671
scoring_system epss
scoring_elements 0.88099
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9014
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9013
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9013
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9014
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9014
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7233
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7234
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
7
reference_url https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19
8
reference_url https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472
9
reference_url https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-18.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-18.yaml
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9014
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-9014
16
reference_url https://web.archive.org/web/20210123185619/http://www.securityfocus.com/bid/94068
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210123185619/http://www.securityfocus.com/bid/94068
17
reference_url https://web.archive.org/web/20211204043252/http://www.securitytracker.com/id/1037159
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20211204043252/http://www.securitytracker.com/id/1037159
18
reference_url https://www.djangoproject.com/weblog/2016/nov/01/security-releases
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2016/nov/01/security-releases
19
reference_url https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
20
reference_url http://www.debian.org/security/2017/dsa-3835
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2017/dsa-3835
21
reference_url http://www.securityfocus.com/bid/94068
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94068
22
reference_url http://www.securitytracker.com/id/1037159
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037159
23
reference_url http://www.ubuntu.com/usn/USN-3115-1
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-3115-1
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842856
reference_id 842856
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842856
25
reference_url https://security.archlinux.org/ASA-201611-15
reference_id ASA-201611-15
reference_type
scores
url https://security.archlinux.org/ASA-201611-15
26
reference_url https://security.archlinux.org/AVG-57
reference_id AVG-57
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-57
27
reference_url https://github.com/advisories/GHSA-3f2c-jm6v-cr35
reference_id GHSA-3f2c-jm6v-cr35
reference_type
scores
url https://github.com/advisories/GHSA-3f2c-jm6v-cr35
28
reference_url https://usn.ubuntu.com/3115-1/
reference_id USN-3115-1
reference_type
scores
url https://usn.ubuntu.com/3115-1/
fixed_packages
0
url pkg:pypi/django@1.8.16
purl pkg:pypi/django@1.8.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-5sxw-p38k-q7cp
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-arff-yjfe-auhp
4
vulnerability VCID-ax42-esfz-vud2
5
vulnerability VCID-ax7m-uv4s-zkc1
6
vulnerability VCID-fbee-vj2y-cfeb
7
vulnerability VCID-fynq-usj6-rfd3
8
vulnerability VCID-hzcv-euwq-eqeg
9
vulnerability VCID-j1jc-m7e2-5yck
10
vulnerability VCID-ptk1-k7b2-gkdm
11
vulnerability VCID-qg2s-fuw3-nbda
12
vulnerability VCID-u15a-4ste-43cy
13
vulnerability VCID-yb2r-r8gy-3yhe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.16
1
url pkg:pypi/django@1.9.11
purl pkg:pypi/django@1.9.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-9udu-eqvn-mqbj
2
vulnerability VCID-arff-yjfe-auhp
3
vulnerability VCID-ax42-esfz-vud2
4
vulnerability VCID-ax7m-uv4s-zkc1
5
vulnerability VCID-fbee-vj2y-cfeb
6
vulnerability VCID-fynq-usj6-rfd3
7
vulnerability VCID-hzcv-euwq-eqeg
8
vulnerability VCID-ptk1-k7b2-gkdm
9
vulnerability VCID-qg2s-fuw3-nbda
10
vulnerability VCID-u15a-4ste-43cy
11
vulnerability VCID-yb2r-r8gy-3yhe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.11
2
url pkg:pypi/django@1.10.3
purl pkg:pypi/django@1.10.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-8gkb-43x6-d7a8
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-arff-yjfe-auhp
4
vulnerability VCID-ax42-esfz-vud2
5
vulnerability VCID-ax7m-uv4s-zkc1
6
vulnerability VCID-fbee-vj2y-cfeb
7
vulnerability VCID-fynq-usj6-rfd3
8
vulnerability VCID-hzcv-euwq-eqeg
9
vulnerability VCID-ptk1-k7b2-gkdm
10
vulnerability VCID-qg2s-fuw3-nbda
11
vulnerability VCID-u15a-4ste-43cy
12
vulnerability VCID-yb2r-r8gy-3yhe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.10.3
aliases CVE-2016-9014, GHSA-3f2c-jm6v-cr35, PYSEC-2016-18
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s4vz-wfcp-aygd
19
url VCID-u15a-4ste-43cy
vulnerability_id VCID-u15a-4ste-43cy
summary 
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.
The methods `QuerySet.filter()`, `QuerySet.exclude()`, and `QuerySet.get()`, and the class `Q()`, are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the `_connector` argument.
Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.
Django would like to thank cyberstan for reporting this issue.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64459.json
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64459.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-64459
reference_id
reference_type
scores
0
value 0.00256
scoring_system epss
scoring_elements 0.49195
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-64459
2
reference_url https://docs.djangoproject.com/en/dev/releases/security
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://docs.djangoproject.com/en/dev/releases/security
3
reference_url https://docs.djangoproject.com/en/dev/releases/security/
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/
url https://docs.djangoproject.com/en/dev/releases/security/
4
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
5
reference_url https://github.com/django/django/commit/06dd38324ac3d60d83d9f3adabf0dcdf423d2a85
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/06dd38324ac3d60d83d9f3adabf0dcdf423d2a85
6
reference_url https://github.com/django/django/commit/59ae82e67053d281ff4562a24bbba21299f0a7d4
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/59ae82e67053d281ff4562a24bbba21299f0a7d4
7
reference_url https://github.com/django/django/commit/6703f364d767e949c5b0e4016433ef75063b4f9b
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6703f364d767e949c5b0e4016433ef75063b4f9b
8
reference_url https://github.com/django/django/commit/72d2c87431f2ae0431d65d0ec792047f078c8241
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/72d2c87431f2ae0431d65d0ec792047f078c8241
9
reference_url https://github.com/omarkurt/django-connector-CVE-2025-64459-testbed
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/omarkurt/django-connector-CVE-2025-64459-testbed
10
reference_url https://groups.google.com/g/django-announce
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/
url https://groups.google.com/g/django-announce
11
reference_url https://shivasurya.me/security/django/2025/11/07/django-sql-injection-CVE-2025-64459.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://shivasurya.me/security/django/2025/11/07/django-sql-injection-CVE-2025-64459.html
12
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases
13
reference_url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-06T04:55:36Z/
url https://www.djangoproject.com/weblog/2025/nov/05/security-releases/
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120139
reference_id 1120139
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120139
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2412651
reference_id 2412651
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2412651
16
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52456.py
reference_id CVE-2025-64459
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52456.py
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-64459
reference_id CVE-2025-64459
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-64459
18
reference_url https://github.com/advisories/GHSA-frmv-pr5f-9mcr
reference_id GHSA-frmv-pr5f-9mcr
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-frmv-pr5f-9mcr
19
reference_url https://access.redhat.com/errata/RHSA-2025:23069
reference_id RHSA-2025:23069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23069
20
reference_url https://access.redhat.com/errata/RHSA-2025:23070
reference_id RHSA-2025:23070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23070
21
reference_url https://access.redhat.com/errata/RHSA-2025:23130
reference_id RHSA-2025:23130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23130
22
reference_url https://access.redhat.com/errata/RHSA-2025:23131
reference_id RHSA-2025:23131
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23131
23
reference_url https://access.redhat.com/errata/RHSA-2025:23133
reference_id RHSA-2025:23133
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23133
24
reference_url https://access.redhat.com/errata/RHSA-2025:23196
reference_id RHSA-2025:23196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23196
25
reference_url https://access.redhat.com/errata/RHSA-2026:1596
reference_id RHSA-2026:1596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1596
26
reference_url https://usn.ubuntu.com/7859-1/
reference_id USN-7859-1
reference_type
scores
url https://usn.ubuntu.com/7859-1/
fixed_packages
0
url pkg:pypi/django@4.2.26
purl pkg:pypi/django@4.2.26
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3d6k-rdsh-k7hm
2
vulnerability VCID-3vk6-hdbc-2bhz
3
vulnerability VCID-5fbx-3yfb-fudx
4
vulnerability VCID-62jv-ab6d-sqdb
5
vulnerability VCID-63c7-mkxw-ufav
6
vulnerability VCID-7jbt-5zw2-vff2
7
vulnerability VCID-92bp-6kte-tyfs
8
vulnerability VCID-cbsj-1qqg-1ba6
9
vulnerability VCID-cg44-thdw-cygg
10
vulnerability VCID-dac4-fa2z-bkdq
11
vulnerability VCID-enen-3w2h-g3b8
12
vulnerability VCID-heum-8mwz-sbcw
13
vulnerability VCID-j2uz-w2ur-7ud4
14
vulnerability VCID-jma1-9ags-xbfm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@4.2.26
1
url pkg:pypi/django@5.1.14
purl pkg:pypi/django@5.1.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3d6k-rdsh-k7hm
1
vulnerability VCID-7jbt-5zw2-vff2
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.1.14
2
url pkg:pypi/django@5.2.8
purl pkg:pypi/django@5.2.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-32d1-b8f2-hud5
1
vulnerability VCID-3ccr-92q5-aqfk
2
vulnerability VCID-3d6k-rdsh-k7hm
3
vulnerability VCID-3vk6-hdbc-2bhz
4
vulnerability VCID-5fbx-3yfb-fudx
5
vulnerability VCID-62jv-ab6d-sqdb
6
vulnerability VCID-63c7-mkxw-ufav
7
vulnerability VCID-7jbt-5zw2-vff2
8
vulnerability VCID-92bp-6kte-tyfs
9
vulnerability VCID-92z2-3rbz-77h9
10
vulnerability VCID-cbsj-1qqg-1ba6
11
vulnerability VCID-cg44-thdw-cygg
12
vulnerability VCID-dac4-fa2z-bkdq
13
vulnerability VCID-enen-3w2h-g3b8
14
vulnerability VCID-g22z-jue5-8udz
15
vulnerability VCID-heum-8mwz-sbcw
16
vulnerability VCID-j2uz-w2ur-7ud4
17
vulnerability VCID-jma1-9ags-xbfm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@5.2.8
3
url pkg:pypi/django@6.0a1
purl pkg:pypi/django@6.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5fbx-3yfb-fudx
1
vulnerability VCID-62jv-ab6d-sqdb
2
vulnerability VCID-92bp-6kte-tyfs
3
vulnerability VCID-cbsj-1qqg-1ba6
4
vulnerability VCID-enen-3w2h-g3b8
5
vulnerability VCID-jma1-9ags-xbfm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@6.0a1
aliases BIT-django-2025-64459, CVE-2025-64459, GHSA-frmv-pr5f-9mcr, PYSEC-2025-108
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u15a-4ste-43cy
20
url VCID-zuca-q98m-w7bk
vulnerability_id VCID-zuca-q98m-w7bk
summary cross-site request forgery
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2038.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2038.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2039.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2039.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-2040.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2040.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-2041.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2041.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-2042.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2042.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2016-2043.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2043.html
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7401
reference_id
reference_type
scores
0
value 0.04799
scoring_system epss
scoring_elements 0.89658
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7401
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/django/django
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django
9
reference_url https://github.com/django/django/commit/6118ab7d0676f0d622278e5be215f14fb5410b6a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6118ab7d0676f0d622278e5be215f14fb5410b6a
10
reference_url https://github.com/django/django/commit/6fe846a8f08dc959003f298b5407e321c6fe3735
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/6fe846a8f08dc959003f298b5407e321c6fe3735
11
reference_url https://github.com/django/django/commit/d1bc980db1c0fffd6d60677e62f70beadb9fe64a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/django/django/commit/d1bc980db1c0fffd6d60677e62f70beadb9fe64a
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-3.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-3.yaml
13
reference_url https://web.archive.org/web/20200227223637/http://www.securityfocus.com/bid/93182
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227223637/http://www.securityfocus.com/bid/93182
14
reference_url https://web.archive.org/web/20210927195154/http://www.securitytracker.com/id/1036899
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210927195154/http://www.securitytracker.com/id/1036899
15
reference_url https://www.djangoproject.com/weblog/2016/sep/26/security-releases
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.djangoproject.com/weblog/2016/sep/26/security-releases
16
reference_url https://www.djangoproject.com/weblog/2016/sep/26/security-releases/
reference_id
reference_type
scores
url https://www.djangoproject.com/weblog/2016/sep/26/security-releases/
17
reference_url http://www.debian.org/security/2016/dsa-3678
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3678
18
reference_url http://www.securityfocus.com/bid/93182
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/93182
19
reference_url http://www.securitytracker.com/id/1036899
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036899
20
reference_url http://www.ubuntu.com/usn/USN-3089-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-3089-1
21
reference_url https://security.archlinux.org/ASA-201610-13
reference_id ASA-201610-13
reference_type
scores
url https://security.archlinux.org/ASA-201610-13
22
reference_url https://security.archlinux.org/AVG-35
reference_id AVG-35
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-35
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7401
reference_id CVE-2016-7401
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7401
24
reference_url https://github.com/advisories/GHSA-crhm-qpjc-cm64
reference_id GHSA-crhm-qpjc-cm64
reference_type
scores
url https://github.com/advisories/GHSA-crhm-qpjc-cm64
25
reference_url https://usn.ubuntu.com/3089-1/
reference_id USN-3089-1
reference_type
scores
url https://usn.ubuntu.com/3089-1/
fixed_packages
0
url pkg:pypi/django@1.8.15
purl pkg:pypi/django@1.8.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-5sxw-p38k-q7cp
2
vulnerability VCID-9udu-eqvn-mqbj
3
vulnerability VCID-arff-yjfe-auhp
4
vulnerability VCID-ax42-esfz-vud2
5
vulnerability VCID-ax7m-uv4s-zkc1
6
vulnerability VCID-fbee-vj2y-cfeb
7
vulnerability VCID-fynq-usj6-rfd3
8
vulnerability VCID-hs1y-thzf-qqct
9
vulnerability VCID-hzcv-euwq-eqeg
10
vulnerability VCID-j1jc-m7e2-5yck
11
vulnerability VCID-ptk1-k7b2-gkdm
12
vulnerability VCID-qg2s-fuw3-nbda
13
vulnerability VCID-s4vz-wfcp-aygd
14
vulnerability VCID-u15a-4ste-43cy
15
vulnerability VCID-yb2r-r8gy-3yhe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.8.15
1
url pkg:pypi/django@1.9.10
purl pkg:pypi/django@1.9.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2bh9-k4at-r7hz
1
vulnerability VCID-9udu-eqvn-mqbj
2
vulnerability VCID-arff-yjfe-auhp
3
vulnerability VCID-ax42-esfz-vud2
4
vulnerability VCID-ax7m-uv4s-zkc1
5
vulnerability VCID-fbee-vj2y-cfeb
6
vulnerability VCID-fynq-usj6-rfd3
7
vulnerability VCID-hs1y-thzf-qqct
8
vulnerability VCID-hzcv-euwq-eqeg
9
vulnerability VCID-ptk1-k7b2-gkdm
10
vulnerability VCID-qg2s-fuw3-nbda
11
vulnerability VCID-s4vz-wfcp-aygd
12
vulnerability VCID-u15a-4ste-43cy
13
vulnerability VCID-yb2r-r8gy-3yhe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.9.10
aliases CVE-2016-7401, GHSA-crhm-qpjc-cm64, PYSEC-2016-3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zuca-q98m-w7bk
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/django@1.7.8