{"url":"http://public2.vulnerablecode.io/api/packages/936403?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u7?distro=trixie","type":"deb","namespace":"debian","name":"python-django","version":"2:2.2.28-1~deb11u7","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2:2.2.28-1~deb11u8","latest_non_vulnerable_version":"3:5.2.14-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11392?format=json","vulnerability_id":"VCID-4ztz-fq98-5fh1","summary":"In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41164.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41164.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-41164","reference_id":"","reference_type":"","scores":[{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61202","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61025","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61143","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61116","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61154","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61095","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61045","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61097","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61092","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61053","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61019","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61067","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61083","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61104","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.6109","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61103","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.6112","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61113","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61071","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-41164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.2/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/4.2/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/6f030b1149bd8fa4ba90452e77cb3edc095ce54e","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/6f030b1149bd8fa4ba90452e77cb3edc095ce54e"},{"reference_url":"https://github.com/django/django/commit/9c51b4dcfa0cefcb48231f4d71cafa80821f87b9","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/9c51b4dcfa0cefcb48231f4d71cafa80821f87b9"},{"reference_url":"https://github.com/django/django/commit/ba00bc5ec6a7eff5e08be438f7b5b0e9574e8ff0","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/ba00bc5ec6a7eff5e08be438f7b5b0e9574e8ff0"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-225.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-225.yaml"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231214-0002","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20231214-0002"},{"reference_url":"https://www.djangoproject.com/weblog/2023/sep/04/security-releases","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2023/sep/04/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2023/sep/04/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2023/sep/04/security-releases/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051226","reference_id":"1051226","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051226"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2237258","reference_id":"2237258","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2237258"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41164","reference_id":"CVE-2023-41164","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41164"},{"reference_url":"https://github.com/advisories/GHSA-7h4p-27mh-hmrw","reference_id":"GHSA-7h4p-27mh-hmrw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7h4p-27mh-hmrw"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5208","reference_id":"RHSA-2023:5208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1878","reference_id":"RHSA-2024:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1878"},{"reference_url":"https://usn.ubuntu.com/6378-1/","reference_id":"USN-6378-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6378-1/"},{"reference_url":"https://usn.ubuntu.com/6414-2/","reference_id":"USN-6414-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6414-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936332?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-jzae-1awh-k7cm"},{"vulnerability":"VCID-mga4-an1w-qqf9"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-xhpa-mffz-syfy"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936403?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936330?format=json","purl":"pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-jzae-1awh-k7cm"},{"vulnerability":"VCID-mga4-an1w-qqf9"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-xhpa-mffz-syfy"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.19-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936404?format=json","purl":"pkg:deb/debian/python-django@3:3.2.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936373?format=json","purl":"pkg:deb/debian/python-django@3:3.2.25-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.25-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936334?format=json","purl":"pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936333?format=json","purl":"pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-ssut-reka-r3f8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1041995?format=json","purl":"pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.30-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088727?format=json","purl":"pkg:deb/debian/python-django@3:5.2.13-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.13-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1103049?format=json","purl":"pkg:deb/debian/python-django@3:5.2.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112573?format=json","purl":"pkg:deb/debian/python-django@3:5.2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-2%3Fdistro=trixie"}],"aliases":["BIT-django-2023-41164","CVE-2023-41164","GHSA-7h4p-27mh-hmrw","PYSEC-2023-225"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ztz-fq98-5fh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15097?format=json","vulnerability_id":"VCID-896g-hqec-ryb9","summary":"An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2.22. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are viewed in terminals or processed by external systems.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48432.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48432.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48432","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61555","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61502","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61474","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61512","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61378","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61446","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6146","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61439","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61423","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61377","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61407","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61404","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61452","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61457","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61442","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61455","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61471","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61467","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61428","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/"}],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-47.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-47.yaml"},{"reference_url":"https://groups.google.com/g/django-announce","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/"}],"url":"https://groups.google.com/g/django-announce"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-48432","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-48432"},{"reference_url":"https://www.djangoproject.com/weblog/2025/jun/04/security-releases","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2025/jun/04/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2025/jun/04/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/"}],"url":"https://www.djangoproject.com/weblog/2025/jun/04/security-releases/"},{"reference_url":"https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/06/04/5","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/06/04/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/06/10/2","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/06/10/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/06/10/3","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/06/10/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/06/10/4","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/06/10/4"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107282","reference_id":"1107282","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107282"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370365","reference_id":"2370365","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370365"},{"reference_url":"https://security.archlinux.org/ASA-202506-6","reference_id":"ASA-202506-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202506-6"},{"reference_url":"https://security.archlinux.org/AVG-2894","reference_id":"AVG-2894","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2894"},{"reference_url":"https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/","reference_id":"bugfix-releases","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T13:20:12Z/"}],"url":"https://www.djangoproject.com/weblog/2025/jun/10/bugfix-releases/"},{"reference_url":"https://github.com/advisories/GHSA-7xr5-9hcq-chf9","reference_id":"GHSA-7xr5-9hcq-chf9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7xr5-9hcq-chf9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14686","reference_id":"RHSA-2025:14686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16487","reference_id":"RHSA-2025:16487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16487"},{"reference_url":"https://usn.ubuntu.com/7555-1/","reference_id":"USN-7555-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7555-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936332?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-jzae-1awh-k7cm"},{"vulnerability":"VCID-mga4-an1w-qqf9"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-xhpa-mffz-syfy"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936403?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936330?format=json","purl":"pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-jzae-1awh-k7cm"},{"vulnerability":"VCID-mga4-an1w-qqf9"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-xhpa-mffz-syfy"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.19-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936373?format=json","purl":"pkg:deb/debian/python-django@3:3.2.25-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.25-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936424?format=json","purl":"pkg:deb/debian/python-django@3:4.2.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936334?format=json","purl":"pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936333?format=json","purl":"pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-ssut-reka-r3f8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1041995?format=json","purl":"pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.30-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088727?format=json","purl":"pkg:deb/debian/python-django@3:5.2.13-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.13-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1103049?format=json","purl":"pkg:deb/debian/python-django@3:5.2.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112573?format=json","purl":"pkg:deb/debian/python-django@3:5.2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-2%3Fdistro=trixie"}],"aliases":["BIT-django-2025-48432","CVE-2025-48432","GHSA-7xr5-9hcq-chf9","PYSEC-2025-47"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-896g-hqec-ryb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11405?format=json","vulnerability_id":"VCID-8m4b-y4va-kqgm","summary":"In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43665.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43665.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-43665","reference_id":"","reference_type":"","scores":[{"value":"0.02194","scoring_system":"epss","scoring_elements":"0.84423","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02194","scoring_system":"epss","scoring_elements":"0.84404","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02194","scoring_system":"epss","scoring_elements":"0.844","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86189","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.8603","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.8617","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86148","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86129","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86119","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86099","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86047","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86046","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86066","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86237","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86198","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86185","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86091","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0279","scoring_system":"epss","scoring_elements":"0.86076","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-43665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/4.2/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/4.2/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/4.2/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/be9c27c4d18c2e6a5be8af4e53c0797440794473","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/be9c27c4d18c2e6a5be8af4e53c0797440794473"},{"reference_url":"https://github.com/django/django/commit/c7b7024742250414e426ad49fb80db943e7ba4e8","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c7b7024742250414e426ad49fb80db943e7ba4e8"},{"reference_url":"https://github.com/django/django/commit/ccdade1a0262537868d7ca64374de3d957ca50c5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/ccdade1a0262537868d7ca64374de3d957ca50c5"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-226.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-226.yaml"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231221-0001","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20231221-0001"},{"reference_url":"https://www.djangoproject.com/weblog/2023/oct/04/security-releases","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2023/oct/04/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2023/oct/04/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2023/oct/04/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/04/1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2024/03/04/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053475","reference_id":"1053475","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053475"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241046","reference_id":"2241046","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241046"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43665","reference_id":"CVE-2023-43665","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43665"},{"reference_url":"https://github.com/advisories/GHSA-h8gc-pgj2-vjm3","reference_id":"GHSA-h8gc-pgj2-vjm3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h8gc-pgj2-vjm3"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6158","reference_id":"RHSA-2023:6158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1878","reference_id":"RHSA-2024:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1878"},{"reference_url":"https://usn.ubuntu.com/6414-1/","reference_id":"USN-6414-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6414-1/"},{"reference_url":"https://usn.ubuntu.com/6414-2/","reference_id":"USN-6414-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6414-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936332?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-jzae-1awh-k7cm"},{"vulnerability":"VCID-mga4-an1w-qqf9"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-xhpa-mffz-syfy"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936403?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936330?format=json","purl":"pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-jzae-1awh-k7cm"},{"vulnerability":"VCID-mga4-an1w-qqf9"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-xhpa-mffz-syfy"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.19-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936373?format=json","purl":"pkg:deb/debian/python-django@3:3.2.25-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.25-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936405?format=json","purl":"pkg:deb/debian/python-django@3:4.2.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936334?format=json","purl":"pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936333?format=json","purl":"pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-ssut-reka-r3f8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1041995?format=json","purl":"pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.30-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088727?format=json","purl":"pkg:deb/debian/python-django@3:5.2.13-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.13-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1103049?format=json","purl":"pkg:deb/debian/python-django@3:5.2.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112573?format=json","purl":"pkg:deb/debian/python-django@3:5.2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-2%3Fdistro=trixie"}],"aliases":["BIT-django-2023-43665","CVE-2023-43665","GHSA-h8gc-pgj2-vjm3","PYSEC-2023-226"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8m4b-y4va-kqgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12375?format=json","vulnerability_id":"VCID-8xgs-8xjr-cber","summary":"An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24680.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24680.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24680","reference_id":"","reference_type":"","scores":[{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80573","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80532","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80515","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.8052","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80501","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80478","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80463","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80446","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80439","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80413","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.8041","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80408","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80379","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80386","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80402","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80383","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80372","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80343","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80355","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01394","scoring_system":"epss","scoring_elements":"0.80335","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460"},{"reference_url":"https://docs.djangoproject.com/en/5.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/5.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/5.0/releases/security/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/"}],"url":"https://docs.djangoproject.com/en/5.0/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/16a8fe18a3b81250f4fa57e3f93f0599dc4895bc","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/16a8fe18a3b81250f4fa57e3f93f0599dc4895bc"},{"reference_url":"https://github.com/django/django/commit/55519d6cf8998fe4c8f5c8abffc2b10a7c3d14e9","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/55519d6cf8998fe4c8f5c8abffc2b10a7c3d14e9"},{"reference_url":"https://github.com/django/django/commit/572ea07e84b38ea8de0551f4b4eda685d91d09d2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/572ea07e84b38ea8de0551f4b4eda685d91d09d2"},{"reference_url":"https://github.com/django/django/commit/c1171ffbd570db90ca206c30f8e2b9f691243820","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/c1171ffbd570db90ca206c30f8e2b9f691243820"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-28.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-28.yaml"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/"}],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24680","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24680"},{"reference_url":"https://www.djangoproject.com/weblog/2024/feb/06/security-releases","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2024/feb/06/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2024/feb/06/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/"}],"url":"https://www.djangoproject.com/weblog/2024/feb/06/security-releases/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2261856","reference_id":"2261856","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2261856"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/","reference_id":"D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/"},{"reference_url":"https://github.com/advisories/GHSA-xxj9-f6rv-m3x4","reference_id":"GHSA-xxj9-f6rv-m3x4","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xxj9-f6rv-m3x4"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1057","reference_id":"RHSA-2024:1057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1878","reference_id":"RHSA-2024:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2731","reference_id":"RHSA-2024:2731","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5662","reference_id":"RHSA-2024:5662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5662"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6/","reference_id":"SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6/"},{"reference_url":"https://usn.ubuntu.com/6623-1/","reference_id":"USN-6623-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6623-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/","reference_id":"ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936332?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-jzae-1awh-k7cm"},{"vulnerability":"VCID-mga4-an1w-qqf9"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-xhpa-mffz-syfy"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936403?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936330?format=json","purl":"pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-jzae-1awh-k7cm"},{"vulnerability":"VCID-mga4-an1w-qqf9"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-xhpa-mffz-syfy"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.19-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936373?format=json","purl":"pkg:deb/debian/python-django@3:3.2.25-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.25-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936406?format=json","purl":"pkg:deb/debian/python-django@3:4.2.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936334?format=json","purl":"pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936333?format=json","purl":"pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-ssut-reka-r3f8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1041995?format=json","purl":"pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.30-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088727?format=json","purl":"pkg:deb/debian/python-django@3:5.2.13-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.13-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1103049?format=json","purl":"pkg:deb/debian/python-django@3:5.2.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112573?format=json","purl":"pkg:deb/debian/python-django@3:5.2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-2%3Fdistro=trixie"}],"aliases":["BIT-django-2024-24680","CVE-2024-24680","GHSA-xxj9-f6rv-m3x4","PYSEC-2024-28"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8xgs-8xjr-cber"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15000?format=json","vulnerability_id":"VCID-9abh-apwm-ebab","summary":"An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.strip_tags() function is vulnerable to a potential denial-of-service (slow performance) when processing inputs containing large sequences of incomplete HTML tags. The template filter striptags is also vulnerable, because it is built on top of strip_tags().","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32873.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32873.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32873","reference_id":"","reference_type":"","scores":[{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37674","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.3732","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.3734","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37692","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37577","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37659","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37613","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37717","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37596","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37647","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37661","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37641","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.3717","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37092","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.3712","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.372","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37181","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37114","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.3723","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T14:36:22Z/"}],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/9f3419b519799d69f2aba70b9d25abe2e70d03e0","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/9f3419b519799d69f2aba70b9d25abe2e70d03e0"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-37.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2025-37.yaml"},{"reference_url":"https://groups.google.com/g/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T14:36:22Z/"}],"url":"https://groups.google.com/g/django-announce"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32873","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32873"},{"reference_url":"https://www.djangoproject.com/weblog/2025/may/07/security-releases","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2025/may/07/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2025/may/07/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T14:36:22Z/"}],"url":"https://www.djangoproject.com/weblog/2025/may/07/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2025/05/07/1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2025/05/07/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104872","reference_id":"1104872","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104872"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2364980","reference_id":"2364980","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2364980"},{"reference_url":"https://security.archlinux.org/ASA-202505-10","reference_id":"ASA-202505-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202505-10"},{"reference_url":"https://security.archlinux.org/AVG-2876","reference_id":"AVG-2876","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2876"},{"reference_url":"https://github.com/advisories/GHSA-8j24-cjrq-gr2m","reference_id":"GHSA-8j24-cjrq-gr2m","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8j24-cjrq-gr2m"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://usn.ubuntu.com/7501-1/","reference_id":"USN-7501-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7501-1/"},{"reference_url":"https://usn.ubuntu.com/7501-2/","reference_id":"USN-7501-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7501-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936332?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-jzae-1awh-k7cm"},{"vulnerability":"VCID-mga4-an1w-qqf9"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-xhpa-mffz-syfy"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936403?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936330?format=json","purl":"pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-jzae-1awh-k7cm"},{"vulnerability":"VCID-mga4-an1w-qqf9"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-xhpa-mffz-syfy"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.19-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936373?format=json","purl":"pkg:deb/debian/python-django@3:3.2.25-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.25-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936423?format=json","purl":"pkg:deb/debian/python-django@3:4.2.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936334?format=json","purl":"pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936333?format=json","purl":"pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-ssut-reka-r3f8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1041995?format=json","purl":"pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.30-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088727?format=json","purl":"pkg:deb/debian/python-django@3:5.2.13-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.13-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1103049?format=json","purl":"pkg:deb/debian/python-django@3:5.2.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112573?format=json","purl":"pkg:deb/debian/python-django@3:5.2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-2%3Fdistro=trixie"}],"aliases":["BIT-django-2025-32873","CVE-2025-32873","GHSA-8j24-cjrq-gr2m","PYSEC-2025-37"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9abh-apwm-ebab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12636?format=json","vulnerability_id":"VCID-jh1e-72hp-fuf4","summary":"In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27351.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27351.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27351","reference_id":"","reference_type":"","scores":[{"value":"0.01855","scoring_system":"epss","scoring_elements":"0.82977","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85763","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85751","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85698","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85799","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85717","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85701","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85687","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.8567","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85665","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85642","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85646","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.8565","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85635","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85624","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85604","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85599","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85755","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85738","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64460"},{"reference_url":"https://docs.djangoproject.com/en/5.0/releases/security","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.djangoproject.com/en/5.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/5.0/releases/security/","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"https://docs.djangoproject.com/en/5.0/releases/security/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/072963e4c4d0b3a7a8c5412bc0c7d27d1a9c3521","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/072963e4c4d0b3a7a8c5412bc0c7d27d1a9c3521"},{"reference_url":"https://github.com/django/django/commit/3394fc6132436eca89e997083bae9985fb7e761e","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/3394fc6132436eca89e997083bae9985fb7e761e"},{"reference_url":"https://github.com/django/django/commit/3c9a2771cc80821e041b16eb36c1c37af5349d4a","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/django/django/commit/3c9a2771cc80821e041b16eb36c1c37af5349d4a"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-47.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-47.yaml"},{"reference_url":"https://groups.google.com/forum/#%21forum/django-announce","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"https://groups.google.com/forum/#%21forum/django-announce"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27351","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-27351"},{"reference_url":"https://www.djangoproject.com/weblog/2024/mar/04/security-releases","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.djangoproject.com/weblog/2024/mar/04/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2024/mar/04/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"https://www.djangoproject.com/weblog/2024/mar/04/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/04/1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/03/04/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2266045","reference_id":"2266045","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2266045"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/","reference_id":"D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2JIRXEDP4ZET5KFMAPPYSK663Q52NEX/"},{"reference_url":"https://github.com/advisories/GHSA-vm8q-m57g-pff3","reference_id":"GHSA-vm8q-m57g-pff3","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vm8q-m57g-pff3"},{"reference_url":"https://security.gentoo.org/glsa/202509-03","reference_id":"GLSA-202509-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1878","reference_id":"RHSA-2024:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3781","reference_id":"RHSA-2024:3781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5662","reference_id":"RHSA-2024:5662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4187","reference_id":"RHSA-2025:4187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4187"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6/","reference_id":"SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN2PLJGYSAAG5KUVIUFJYKD3BLQ4OSN6/"},{"reference_url":"https://usn.ubuntu.com/6674-1/","reference_id":"USN-6674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6674-1/"},{"reference_url":"https://usn.ubuntu.com/6674-2/","reference_id":"USN-6674-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6674-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/","reference_id":"ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-20T19:41:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936332?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-jzae-1awh-k7cm"},{"vulnerability":"VCID-mga4-an1w-qqf9"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-xhpa-mffz-syfy"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936403?format=json","purl":"pkg:deb/debian/python-django@2:2.2.28-1~deb11u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936330?format=json","purl":"pkg:deb/debian/python-django@3:3.2.19-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-jzae-1awh-k7cm"},{"vulnerability":"VCID-mga4-an1w-qqf9"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-xhpa-mffz-syfy"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.19-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936373?format=json","purl":"pkg:deb/debian/python-django@3:3.2.25-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:3.2.25-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936407?format=json","purl":"pkg:deb/debian/python-django@3:4.2.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936334?format=json","purl":"pkg:deb/debian/python-django@3:4.2.28-0%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ac4c-321h-tqfk"},{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-ssut-reka-r3f8"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.28-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936333?format=json","purl":"pkg:deb/debian/python-django@3:4.2.29-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1adz-zw3h-pqek"},{"vulnerability":"VCID-46pv-pzsu-jucd"},{"vulnerability":"VCID-ff2a-at5f-2qa8"},{"vulnerability":"VCID-gfym-spzk-w7gk"},{"vulnerability":"VCID-ssut-reka-r3f8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1041995?format=json","purl":"pkg:deb/debian/python-django@3:4.2.30-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buuq-c9ps-jfdu"},{"vulnerability":"VCID-rwyy-f7jh-pubf"},{"vulnerability":"VCID-z47n-5z72-u3bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:4.2.30-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088727?format=json","purl":"pkg:deb/debian/python-django@3:5.2.13-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.13-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1103049?format=json","purl":"pkg:deb/debian/python-django@3:5.2.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112573?format=json","purl":"pkg:deb/debian/python-django@3:5.2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@3:5.2.14-2%3Fdistro=trixie"}],"aliases":["BIT-django-2024-27351","CVE-2024-27351","GHSA-vm8q-m57g-pff3","PYSEC-2024-47"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jh1e-72hp-fuf4"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-django@2:2.2.28-1~deb11u7%3Fdistro=trixie"}