{"url":"http://public2.vulnerablecode.io/api/packages/9509?format=json","purl":"pkg:pypi/django@1.11.10","type":"pypi","namespace":"","name":"django","version":"1.11.10","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.11.19","latest_non_vulnerable_version":"6.0.5","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6026?format=json","vulnerability_id":"VCID-2bh9-k4at-r7hz","summary":"sql injection","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-7471","reference_id":"","reference_type":"","scores":[{"value":"0.09442","scoring_system":"epss","scoring_elements":"0.92943","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-7471"},{"reference_url":"https://docs.djangoproject.com/en/3.0/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/3.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/3.0/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/3.0/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-hmr4-m2h5-33qx","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hmr4-m2h5-33qx"},{"reference_url":"https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd"},{"reference_url":"https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b"},{"reference_url":"https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147"},{"reference_url":"https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-35.yaml"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/X45S86X5bZI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/"},{"reference_url":"https://seclists.org/bugtraq/2020/Feb/30","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2020/Feb/30"},{"reference_url":"https://security.gentoo.org/glsa/202004-17","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-17"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200221-0006","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200221-0006"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200221-0006/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200221-0006/"},{"reference_url":"https://usn.ubuntu.com/4264-1","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4264-1"},{"reference_url":"https://usn.ubuntu.com/4264-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4264-1/"},{"reference_url":"https://www.debian.org/security/2020/dsa-4629","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2020/dsa-4629"},{"reference_url":"https://www.djangoproject.com/weblog/2020/feb/03/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2020/feb/03/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2020/feb/03/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2020/feb/03/security-releases/"},{"reference_url":"https://www.openwall.com/lists/oss-security/2020/02/03/1","reference_id":"","reference_type":"","scores":[],"url":"https://www.openwall.com/lists/oss-security/2020/02/03/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/02/03/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2020/02/03/1"},{"reference_url":"https://security.archlinux.org/ASA-202002-1","reference_id":"ASA-202002-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202002-1"},{"reference_url":"https://security.archlinux.org/AVG-1091","reference_id":"AVG-1091","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1091"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-7471","reference_id":"CVE-2020-7471","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-7471"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13755?format=json","purl":"pkg:pypi/django@1.11.28","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-hzcv-euwq-eqeg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.28"},{"url":"http://public2.vulnerablecode.io/api/packages/13756?format=json","purl":"pkg:pypi/django@2.2.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f2p-wfbs-73hz"},{"vulnerability":"VCID-5a2y-2m62-1qfa"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-81q1-gytk-2uaq"},{"vulnerability":"VCID-9hp4-hn21-zkg8"},{"vulnerability":"VCID-b81v-3drw-xudf"},{"vulnerability":"VCID-bbxx-48nj-pqcd"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-fc6y-y2b1-v3d5"},{"vulnerability":"VCID-gxju-xjh2-z7bn"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-jzbk-uswz-8ucg"},{"vulnerability":"VCID-nxbs-37dx-rbbh"},{"vulnerability":"VCID-punr-dfy5-v3g1"},{"vulnerability":"VCID-u53d-8afk-c3gq"},{"vulnerability":"VCID-vyzr-dkz3-vfg6"},{"vulnerability":"VCID-xb3c-6rew-z3ba"},{"vulnerability":"VCID-xu9t-qtjz-bud8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.10"},{"url":"http://public2.vulnerablecode.io/api/packages/13757?format=json","purl":"pkg:pypi/django@3.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5a2y-2m62-1qfa"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-9hp4-hn21-zkg8"},{"vulnerability":"VCID-b81v-3drw-xudf"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-nxbs-37dx-rbbh"},{"vulnerability":"VCID-punr-dfy5-v3g1"},{"vulnerability":"VCID-xb3c-6rew-z3ba"},{"vulnerability":"VCID-xu9t-qtjz-bud8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.3"}],"aliases":["CVE-2020-7471","GHSA-hmr4-m2h5-33qx","PYSEC-2020-35"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2bh9-k4at-r7hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6144?format=json","vulnerability_id":"VCID-2jvg-udsm-nkax","summary":"open redirect","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0265","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0265"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14574","reference_id":"","reference_type":"","scores":[{"value":"0.0748","scoring_system":"epss","scoring_elements":"0.91901","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14574"},{"reference_url":"https://github.com/advisories/GHSA-5hg3-6c2f-f3wr","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5hg3-6c2f-f3wr"},{"reference_url":"https://github.com/django/django/commit/6fffc3c6d420e44f4029d5643f38d00a39b08525","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/6fffc3c6d420e44f4029d5643f38d00a39b08525"},{"reference_url":"https://github.com/django/django/commit/c4e5ff7fdb5fce447675e90291fd33fddd052b3c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/c4e5ff7fdb5fce447675e90291fd33fddd052b3c"},{"reference_url":"https://github.com/django/django/commit/d6eaee092709aad477a9894598496c6deec532ff","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/d6eaee092709aad477a9894598496c6deec532ff"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2018-2.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2018-2.yaml"},{"reference_url":"https://usn.ubuntu.com/3726-1","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3726-1"},{"reference_url":"https://usn.ubuntu.com/3726-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3726-1/"},{"reference_url":"https://web.archive.org/web/20190901075632/http://www.securitytracker.com/id/1041403","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20190901075632/http://www.securitytracker.com/id/1041403"},{"reference_url":"https://web.archive.org/web/20200227115315/http://www.securityfocus.com/bid/104970","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20200227115315/http://www.securityfocus.com/bid/104970"},{"reference_url":"https://www.debian.org/security/2018/dsa-4264","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4264"},{"reference_url":"https://www.djangoproject.com/weblog/2018/aug/01/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2018/aug/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2018/aug/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2018/aug/01/security-releases/"},{"reference_url":"http://www.securityfocus.com/bid/104970","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104970"},{"reference_url":"http://www.securitytracker.com/id/1041403","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1041403"},{"reference_url":"https://security.archlinux.org/ASA-201808-1","reference_id":"ASA-201808-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201808-1"},{"reference_url":"https://security.archlinux.org/AVG-743","reference_id":"AVG-743","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-743"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14574","reference_id":"CVE-2018-14574","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14574"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10572?format=json","purl":"pkg:pypi/django@1.11.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-bxu2-wqcg-1ueh"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-wj2g-v6dz-2yeq"},{"vulnerability":"VCID-wsx7-6bfa-pugr"},{"vulnerability":"VCID-x2hp-rmcn-gbah"},{"vulnerability":"VCID-ypwa-2rh9-gyex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.15"},{"url":"http://public2.vulnerablecode.io/api/packages/10571?format=json","purl":"pkg:pypi/django@2.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-wj2g-v6dz-2yeq"},{"vulnerability":"VCID-wsx7-6bfa-pugr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.8"}],"aliases":["CVE-2018-14574","GHSA-5hg3-6c2f-f3wr","PYSEC-2018-2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2jvg-udsm-nkax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6176?format=json","vulnerability_id":"VCID-5sxw-p38k-q7cp","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2927","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0265","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0265"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7537","reference_id":"","reference_type":"","scores":[{"value":"0.03173","scoring_system":"epss","scoring_elements":"0.87168","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7537"},{"reference_url":"https://github.com/advisories/GHSA-2f9x-5v75-3qv4","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2f9x-5v75-3qv4"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/94c5da1d17a6b0d378866c66b605102c19f7988c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/94c5da1d17a6b0d378866c66b605102c19f7988c"},{"reference_url":"https://github.com/django/django/commit/a91436360b79a6ff995c3e5018bcc666dfaf1539","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/a91436360b79a6ff995c3e5018bcc666dfaf1539"},{"reference_url":"https://github.com/django/django/commit/d17974a287a6ea2e361daff88fcc004cbd6835fa","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/d17974a287a6ea2e361daff88fcc004cbd6835fa"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2018-6.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2018-6.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html"},{"reference_url":"https://usn.ubuntu.com/3591-1","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3591-1"},{"reference_url":"https://usn.ubuntu.com/3591-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3591-1/"},{"reference_url":"https://www.debian.org/security/2018/dsa-4161","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4161"},{"reference_url":"https://www.djangoproject.com/weblog/2018/mar/06/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2018/mar/06/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2018/mar/06/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2018/mar/06/security-releases/"},{"reference_url":"http://www.securityfocus.com/bid/103357","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/103357"},{"reference_url":"https://security.archlinux.org/ASA-201803-5","reference_id":"ASA-201803-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-5"},{"reference_url":"https://security.archlinux.org/AVG-649","reference_id":"AVG-649","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-649"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7537","reference_id":"CVE-2018-7537","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7537"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9511?format=json","purl":"pkg:pypi/django@1.11.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-2jvg-udsm-nkax"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-bxu2-wqcg-1ueh"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-wj2g-v6dz-2yeq"},{"vulnerability":"VCID-wsx7-6bfa-pugr"},{"vulnerability":"VCID-x2hp-rmcn-gbah"},{"vulnerability":"VCID-ypwa-2rh9-gyex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.11"},{"url":"http://public2.vulnerablecode.io/api/packages/9512?format=json","purl":"pkg:pypi/django@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jvg-udsm-nkax"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-wj2g-v6dz-2yeq"},{"vulnerability":"VCID-wsx7-6bfa-pugr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.3"}],"aliases":["CVE-2018-7537","GHSA-2f9x-5v75-3qv4","PYSEC-2018-6"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5sxw-p38k-q7cp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6016?format=json","vulnerability_id":"VCID-7b47-vsfh-y3gh","summary":"sql injection","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9402","reference_id":"","reference_type":"","scores":[{"value":"0.84997","scoring_system":"epss","scoring_elements":"0.99364","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9402"},{"reference_url":"https://docs.djangoproject.com/en/3.0/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/3.0/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/3.0/releases/security/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://docs.djangoproject.com/en/3.0/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-3gh2-xw74-jmcw","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3gh2-xw74-jmcw"},{"reference_url":"https://github.com/django/django/commit/6695d29b1c1ce979725816295a26ecc64ae0e927","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/6695d29b1c1ce979725816295a26ecc64ae0e927"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-345.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-345.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-36.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-36.yaml"},{"reference_url":"https://groups.google.com/forum/#%21topic/django-announce/fLUh_pOaKrY","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://groups.google.com/forum/#%21topic/django-announce/fLUh_pOaKrY"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/fLUh_pOaKrY","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/fLUh_pOaKrY"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00035.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00035.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY"},{"reference_url":"https://security.gentoo.org/glsa/202004-17","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://security.gentoo.org/glsa/202004-17"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200327-0004","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200327-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200327-0004/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://security.netapp.com/advisory/ntap-20200327-0004/"},{"reference_url":"https://usn.ubuntu.com/4296-1","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4296-1"},{"reference_url":"https://usn.ubuntu.com/4296-1/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://usn.ubuntu.com/4296-1/"},{"reference_url":"https://www.debian.org/security/2020/dsa-4705","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://www.debian.org/security/2020/dsa-4705"},{"reference_url":"https://www.djangoproject.com/weblog/2020/mar/04/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2020/mar/04/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2020/mar/04/security-releases/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://www.djangoproject.com/weblog/2020/mar/04/security-releases/"},{"reference_url":"https://security.archlinux.org/ASA-202003-5","reference_id":"ASA-202003-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202003-5"},{"reference_url":"https://security.archlinux.org/AVG-1111","reference_id":"AVG-1111","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1111"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-9402","reference_id":"CVE-2020-9402","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-9402"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13763?format=json","purl":"pkg:pypi/django@1.11.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hzcv-euwq-eqeg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.29"},{"url":"http://public2.vulnerablecode.io/api/packages/13764?format=json","purl":"pkg:pypi/django@2.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f2p-wfbs-73hz"},{"vulnerability":"VCID-5a2y-2m62-1qfa"},{"vulnerability":"VCID-81q1-gytk-2uaq"},{"vulnerability":"VCID-9hp4-hn21-zkg8"},{"vulnerability":"VCID-b81v-3drw-xudf"},{"vulnerability":"VCID-bbxx-48nj-pqcd"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-fc6y-y2b1-v3d5"},{"vulnerability":"VCID-gxju-xjh2-z7bn"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-jzbk-uswz-8ucg"},{"vulnerability":"VCID-nxbs-37dx-rbbh"},{"vulnerability":"VCID-punr-dfy5-v3g1"},{"vulnerability":"VCID-u53d-8afk-c3gq"},{"vulnerability":"VCID-vyzr-dkz3-vfg6"},{"vulnerability":"VCID-xb3c-6rew-z3ba"},{"vulnerability":"VCID-xu9t-qtjz-bud8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.11"},{"url":"http://public2.vulnerablecode.io/api/packages/13765?format=json","purl":"pkg:pypi/django@3.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5a2y-2m62-1qfa"},{"vulnerability":"VCID-9hp4-hn21-zkg8"},{"vulnerability":"VCID-b81v-3drw-xudf"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-nxbs-37dx-rbbh"},{"vulnerability":"VCID-punr-dfy5-v3g1"},{"vulnerability":"VCID-xb3c-6rew-z3ba"},{"vulnerability":"VCID-xu9t-qtjz-bud8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.4"}],"aliases":["CVE-2020-9402","GHSA-3gh2-xw74-jmcw","PYSEC-2020-345","PYSEC-2020-36"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7b47-vsfh-y3gh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6075?format=json","vulnerability_id":"VCID-bxu2-wqcg-1ueh","summary":"cross-site scripting","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12308","reference_id":"","reference_type":"","scores":[{"value":"0.01603","scoring_system":"epss","scoring_elements":"0.8203","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12308"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/1.11.21","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/1.11.21"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/1.11.21/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/1.11.21/"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/2.1.9","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/2.1.9"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/2.1.9/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/2.1.9/"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/2.2.2","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/2.2.2"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/2.2.2/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/2.2.2/"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-7rp2-fm2h-wchj","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7rp2-fm2h-wchj"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/09186a13d975de6d049f8b3e05484f66b01ece62","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/09186a13d975de6d049f8b3e05484f66b01ece62"},{"reference_url":"https://github.com/django/django/commit/afddabf8428ddc89a332f7a78d0d21eaf2b5a673","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/afddabf8428ddc89a332f7a78d0d21eaf2b5a673"},{"reference_url":"https://github.com/django/django/commit/c238701859a52d584f349cce15d56c8e8137c52b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/c238701859a52d584f349cce15d56c8e8137c52b"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-79.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-79.yaml"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/GEbHU7YoVz8","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/GEbHU7YoVz8"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00001.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00001.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USYRARSYB7PE3S2ZQO7PZNWMH7RPGL5G/"},{"reference_url":"https://seclists.org/bugtraq/2019/Jul/10","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Jul/10"},{"reference_url":"https://security.gentoo.org/glsa/202004-17","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-17"},{"reference_url":"https://usn.ubuntu.com/4043-1","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4043-1"},{"reference_url":"https://usn.ubuntu.com/4043-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4043-1/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4476","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4476"},{"reference_url":"https://www.djangoproject.com/weblog/2019/jun/03/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/jun/03/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2019/jun/03/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/jun/03/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/06/03/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/06/03/2"},{"reference_url":"http://www.securityfocus.com/bid/108559","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/108559"},{"reference_url":"https://security.archlinux.org/ASA-201906-2","reference_id":"ASA-201906-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201906-2"},{"reference_url":"https://security.archlinux.org/AVG-969","reference_id":"AVG-969","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-969"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12308","reference_id":"CVE-2019-12308","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12308"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/12244?format=json","purl":"pkg:pypi/django@1.11.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-x2hp-rmcn-gbah"},{"vulnerability":"VCID-ypwa-2rh9-gyex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.21"},{"url":"http://public2.vulnerablecode.io/api/packages/12243?format=json","purl":"pkg:pypi/django@2.1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-x2hp-rmcn-gbah"},{"vulnerability":"VCID-ypwa-2rh9-gyex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/12245?format=json","purl":"pkg:pypi/django@2.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-2f2p-wfbs-73hz"},{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-5a2y-2m62-1qfa"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-81q1-gytk-2uaq"},{"vulnerability":"VCID-9hp4-hn21-zkg8"},{"vulnerability":"VCID-b81v-3drw-xudf"},{"vulnerability":"VCID-bbxx-48nj-pqcd"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-fc6y-y2b1-v3d5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-gxju-xjh2-z7bn"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-jzbk-uswz-8ucg"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-nxbs-37dx-rbbh"},{"vulnerability":"VCID-punr-dfy5-v3g1"},{"vulnerability":"VCID-u53d-8afk-c3gq"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-vyzr-dkz3-vfg6"},{"vulnerability":"VCID-x2hp-rmcn-gbah"},{"vulnerability":"VCID-xb3c-6rew-z3ba"},{"vulnerability":"VCID-xu9t-qtjz-bud8"},{"vulnerability":"VCID-ypwa-2rh9-gyex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.2"}],"aliases":["CVE-2019-12308","GHSA-7rp2-fm2h-wchj","PYSEC-2019-79"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bxu2-wqcg-1ueh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6060?format=json","vulnerability_id":"VCID-evu1-efcj-gfc5","summary":"multiple issues","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14235","reference_id":"","reference_type":"","scores":[{"value":"0.06773","scoring_system":"epss","scoring_elements":"0.91447","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14235"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-v9qg-3j8p-r63v","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v9qg-3j8p-r63v"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-14.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-14.yaml"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/15","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Aug/15"},{"reference_url":"https://security.gentoo.org/glsa/202004-17","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-17"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190828-0002","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190828-0002"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190828-0002/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190828-0002/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4498","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4498"},{"reference_url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases/"},{"reference_url":"https://security.archlinux.org/ASA-201908-2","reference_id":"ASA-201908-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-2"},{"reference_url":"https://security.archlinux.org/AVG-1015","reference_id":"AVG-1015","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1015"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14235","reference_id":"CVE-2019-14235","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14235"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/12700?format=json","purl":"pkg:pypi/django@1.11.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-hzcv-euwq-eqeg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23"},{"url":"http://public2.vulnerablecode.io/api/packages/12701?format=json","purl":"pkg:pypi/django@2.1.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-hzcv-euwq-eqeg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11"},{"url":"http://public2.vulnerablecode.io/api/packages/12702?format=json","purl":"pkg:pypi/django@2.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-2f2p-wfbs-73hz"},{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-5a2y-2m62-1qfa"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-81q1-gytk-2uaq"},{"vulnerability":"VCID-9hp4-hn21-zkg8"},{"vulnerability":"VCID-b81v-3drw-xudf"},{"vulnerability":"VCID-bbxx-48nj-pqcd"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-fc6y-y2b1-v3d5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-gxju-xjh2-z7bn"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-jzbk-uswz-8ucg"},{"vulnerability":"VCID-nxbs-37dx-rbbh"},{"vulnerability":"VCID-punr-dfy5-v3g1"},{"vulnerability":"VCID-u53d-8afk-c3gq"},{"vulnerability":"VCID-vyzr-dkz3-vfg6"},{"vulnerability":"VCID-xb3c-6rew-z3ba"},{"vulnerability":"VCID-xu9t-qtjz-bud8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4"}],"aliases":["CVE-2019-14235","GHSA-v9qg-3j8p-r63v","PYSEC-2019-14"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-evu1-efcj-gfc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4216?format=json","vulnerability_id":"VCID-fynq-usj6-rfd3","summary":"insufficient validation","references":[{"reference_url":"http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19844","reference_id":"","reference_type":"","scores":[{"value":"0.13973","scoring_system":"epss","scoring_elements":"0.94448","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19844"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-vfq6-hq5r-27r6","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vfq6-hq5r-27r6"},{"reference_url":"https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26"},{"reference_url":"https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e"},{"reference_url":"https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70"},{"reference_url":"https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-16.yaml"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/3oaB2rVH3a0"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCM2DPUI7TOZWN4A6JFQFUVQ2XGE7GUD/"},{"reference_url":"https://seclists.org/bugtraq/2020/Jan/9","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2020/Jan/9"},{"reference_url":"https://security.gentoo.org/glsa/202004-17","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-17"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200110-0003","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200110-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200110-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200110-0003/"},{"reference_url":"https://usn.ubuntu.com/4224-1","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4224-1"},{"reference_url":"https://usn.ubuntu.com/4224-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4224-1/"},{"reference_url":"https://www.debian.org/security/2020/dsa-4598","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2020/dsa-4598"},{"reference_url":"https://www.djangoproject.com/weblog/2019/dec/18/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/dec/18/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2019/dec/18/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/dec/18/security-releases/"},{"reference_url":"https://security.archlinux.org/AVG-1080","reference_id":"AVG-1080","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1080"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19844","reference_id":"CVE-2019-19844","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19844"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13511?format=json","purl":"pkg:pypi/django@1.11.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-hzcv-euwq-eqeg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.27"},{"url":"http://public2.vulnerablecode.io/api/packages/13512?format=json","purl":"pkg:pypi/django@2.2.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-2f2p-wfbs-73hz"},{"vulnerability":"VCID-5a2y-2m62-1qfa"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-81q1-gytk-2uaq"},{"vulnerability":"VCID-9hp4-hn21-zkg8"},{"vulnerability":"VCID-b81v-3drw-xudf"},{"vulnerability":"VCID-bbxx-48nj-pqcd"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-fc6y-y2b1-v3d5"},{"vulnerability":"VCID-gxju-xjh2-z7bn"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-jzbk-uswz-8ucg"},{"vulnerability":"VCID-nxbs-37dx-rbbh"},{"vulnerability":"VCID-punr-dfy5-v3g1"},{"vulnerability":"VCID-u53d-8afk-c3gq"},{"vulnerability":"VCID-vyzr-dkz3-vfg6"},{"vulnerability":"VCID-xb3c-6rew-z3ba"},{"vulnerability":"VCID-xu9t-qtjz-bud8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.9"},{"url":"http://public2.vulnerablecode.io/api/packages/13753?format=json","purl":"pkg:pypi/django@3.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-5a2y-2m62-1qfa"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-9hp4-hn21-zkg8"},{"vulnerability":"VCID-b81v-3drw-xudf"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-nxbs-37dx-rbbh"},{"vulnerability":"VCID-punr-dfy5-v3g1"},{"vulnerability":"VCID-xb3c-6rew-z3ba"},{"vulnerability":"VCID-xu9t-qtjz-bud8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.0.1"}],"aliases":["CVE-2019-19844","GHSA-vfq6-hq5r-27r6","PYSEC-2019-16"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fynq-usj6-rfd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5556?format=json","vulnerability_id":"VCID-hzcv-euwq-eqeg","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33203","reference_id":"","reference_type":"","scores":[{"value":"0.00327","scoring_system":"epss","scoring_elements":"0.5585","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33203"},{"reference_url":"https://docs.djangoproject.com/en/3.2/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/3.2/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-68w8-qjq3-2gfm","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-68w8-qjq3-2gfm"},{"reference_url":"https://groups.google.com/forum/#!forum/django-announce","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!forum/django-announce"},{"reference_url":"https://www.djangoproject.com/weblog/2021/jun/02/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2021/jun/02/security-releases/"},{"reference_url":"https://security.archlinux.org/ASA-202106-41","reference_id":"ASA-202106-41","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-41"},{"reference_url":"https://security.archlinux.org/AVG-2026","reference_id":"AVG-2026","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2026"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/21276?format=json","purl":"pkg:pypi/django@2.2.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f2p-wfbs-73hz"},{"vulnerability":"VCID-81q1-gytk-2uaq"},{"vulnerability":"VCID-bbxx-48nj-pqcd"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-fc6y-y2b1-v3d5"},{"vulnerability":"VCID-jzbk-uswz-8ucg"},{"vulnerability":"VCID-vyzr-dkz3-vfg6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.24"},{"url":"http://public2.vulnerablecode.io/api/packages/21277?format=json","purl":"pkg:pypi/django@3.1.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fc6y-y2b1-v3d5"},{"vulnerability":"VCID-zvet-h29t-tub8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.1.12"},{"url":"http://public2.vulnerablecode.io/api/packages/21278?format=json","purl":"pkg:pypi/django@3.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2f2p-wfbs-73hz"},{"vulnerability":"VCID-5k3f-9smv-8bev"},{"vulnerability":"VCID-6bct-bfhb-xugt"},{"vulnerability":"VCID-7u6e-a3ng-fude"},{"vulnerability":"VCID-81q1-gytk-2uaq"},{"vulnerability":"VCID-bbxx-48nj-pqcd"},{"vulnerability":"VCID-bjn5-qpmt-qffx"},{"vulnerability":"VCID-ctk2-ykg7-h7ag"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-e2p6-m8gu-jbfu"},{"vulnerability":"VCID-fc6y-y2b1-v3d5"},{"vulnerability":"VCID-fwkd-bq8u-9kg8"},{"vulnerability":"VCID-jzbk-uswz-8ucg"},{"vulnerability":"VCID-kmv2-339j-8ugc"},{"vulnerability":"VCID-nyy8-t17r-syex"},{"vulnerability":"VCID-qg2s-fuw3-nbda"},{"vulnerability":"VCID-rn9d-fd73-3kb9"},{"vulnerability":"VCID-vyzr-dkz3-vfg6"},{"vulnerability":"VCID-x4s4-qav9-xbet"},{"vulnerability":"VCID-zvet-h29t-tub8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@3.2.4"}],"aliases":["CVE-2021-33203","GHSA-68w8-qjq3-2gfm","PYSEC-2021-98"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hzcv-euwq-eqeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6177?format=json","vulnerability_id":"VCID-j1jc-m7e2-5yck","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2927","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0051","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0082","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0265","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0265"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7536","reference_id":"","reference_type":"","scores":[{"value":"0.01372","scoring_system":"epss","scoring_elements":"0.80535","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7536"},{"reference_url":"https://github.com/advisories/GHSA-r28v-mw67-m5p9","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r28v-mw67-m5p9"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/1ca63a66ef3163149ad822701273e8a1844192c2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/1ca63a66ef3163149ad822701273e8a1844192c2"},{"reference_url":"https://github.com/django/django/commit/abf89d729f210c692a50e0ad3f75fb6bec6fae16","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/abf89d729f210c692a50e0ad3f75fb6bec6fae16"},{"reference_url":"https://github.com/django/django/commit/e157315da3ae7005fa0683ffc9751dbeca7306c8","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/e157315da3ae7005fa0683ffc9751dbeca7306c8"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2018-5.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2018-5.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html"},{"reference_url":"https://usn.ubuntu.com/3591-1","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3591-1"},{"reference_url":"https://usn.ubuntu.com/3591-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3591-1/"},{"reference_url":"https://web.archive.org/web/20200227131019/http://www.securityfocus.com/bid/103361","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20200227131019/http://www.securityfocus.com/bid/103361"},{"reference_url":"https://www.debian.org/security/2018/dsa-4161","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4161"},{"reference_url":"https://www.djangoproject.com/weblog/2018/mar/06/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2018/mar/06/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2018/mar/06/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2018/mar/06/security-releases/"},{"reference_url":"http://www.securityfocus.com/bid/103361","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/103361"},{"reference_url":"https://security.archlinux.org/ASA-201803-5","reference_id":"ASA-201803-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-5"},{"reference_url":"https://security.archlinux.org/AVG-649","reference_id":"AVG-649","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-649"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7536","reference_id":"CVE-2018-7536","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7536"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9511?format=json","purl":"pkg:pypi/django@1.11.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-2jvg-udsm-nkax"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-bxu2-wqcg-1ueh"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-wj2g-v6dz-2yeq"},{"vulnerability":"VCID-wsx7-6bfa-pugr"},{"vulnerability":"VCID-x2hp-rmcn-gbah"},{"vulnerability":"VCID-ypwa-2rh9-gyex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.11"},{"url":"http://public2.vulnerablecode.io/api/packages/9512?format=json","purl":"pkg:pypi/django@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jvg-udsm-nkax"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-wj2g-v6dz-2yeq"},{"vulnerability":"VCID-wsx7-6bfa-pugr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.3"}],"aliases":["CVE-2018-7536","GHSA-r28v-mw67-m5p9","PYSEC-2018-5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1jc-m7e2-5yck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6062?format=json","vulnerability_id":"VCID-n9cz-g44c-4fht","summary":"multiple issues","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14233","reference_id":"","reference_type":"","scores":[{"value":"0.06773","scoring_system":"epss","scoring_elements":"0.91447","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14233"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-h5jv-4p7w-64jg","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h5jv-4p7w-64jg"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-12.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-12.yaml"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/15","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Aug/15"},{"reference_url":"https://security.gentoo.org/glsa/202004-17","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-17"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190828-0002","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190828-0002"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190828-0002/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190828-0002/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4498","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4498"},{"reference_url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases/"},{"reference_url":"https://security.archlinux.org/ASA-201908-2","reference_id":"ASA-201908-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-2"},{"reference_url":"https://security.archlinux.org/AVG-1015","reference_id":"AVG-1015","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1015"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14233","reference_id":"CVE-2019-14233","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14233"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/12700?format=json","purl":"pkg:pypi/django@1.11.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-hzcv-euwq-eqeg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23"},{"url":"http://public2.vulnerablecode.io/api/packages/12701?format=json","purl":"pkg:pypi/django@2.1.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-hzcv-euwq-eqeg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11"},{"url":"http://public2.vulnerablecode.io/api/packages/12702?format=json","purl":"pkg:pypi/django@2.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-2f2p-wfbs-73hz"},{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-5a2y-2m62-1qfa"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-81q1-gytk-2uaq"},{"vulnerability":"VCID-9hp4-hn21-zkg8"},{"vulnerability":"VCID-b81v-3drw-xudf"},{"vulnerability":"VCID-bbxx-48nj-pqcd"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-fc6y-y2b1-v3d5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-gxju-xjh2-z7bn"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-jzbk-uswz-8ucg"},{"vulnerability":"VCID-nxbs-37dx-rbbh"},{"vulnerability":"VCID-punr-dfy5-v3g1"},{"vulnerability":"VCID-u53d-8afk-c3gq"},{"vulnerability":"VCID-vyzr-dkz3-vfg6"},{"vulnerability":"VCID-xb3c-6rew-z3ba"},{"vulnerability":"VCID-xu9t-qtjz-bud8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4"}],"aliases":["CVE-2019-14233","GHSA-h5jv-4p7w-64jg","PYSEC-2019-12"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n9cz-g44c-4fht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6061?format=json","vulnerability_id":"VCID-v8hg-78p1-87bh","summary":"multiple issues","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14234","reference_id":"","reference_type":"","scores":[{"value":"0.29723","scoring_system":"epss","scoring_elements":"0.96712","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14234"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-6r97-cj55-9hrq","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6r97-cj55-9hrq"},{"reference_url":"https://github.com/django/django/commit/4f5b58f5cd3c57fee9972ab074f8dc6895d8f387","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/4f5b58f5cd3c57fee9972ab074f8dc6895d8f387"},{"reference_url":"https://github.com/django/django/commit/ed682a24fca774818542757651bfba576c3fc3ef","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/ed682a24fca774818542757651bfba576c3fc3ef"},{"reference_url":"https://github.com/django/django/commit/f74b3ae3628c26e1b4f8db3d13a91d52a833a975","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/f74b3ae3628c26e1b4f8db3d13a91d52a833a975"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-13.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-13.yaml"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/15","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Aug/15"},{"reference_url":"https://security.gentoo.org/glsa/202004-17","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-17"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190828-0002","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190828-0002"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190828-0002/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190828-0002/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4498","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4498"},{"reference_url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases/"},{"reference_url":"https://security.archlinux.org/ASA-201908-2","reference_id":"ASA-201908-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-2"},{"reference_url":"https://security.archlinux.org/AVG-1015","reference_id":"AVG-1015","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1015"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14234","reference_id":"CVE-2019-14234","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14234"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/12700?format=json","purl":"pkg:pypi/django@1.11.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-hzcv-euwq-eqeg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23"},{"url":"http://public2.vulnerablecode.io/api/packages/12701?format=json","purl":"pkg:pypi/django@2.1.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-hzcv-euwq-eqeg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11"},{"url":"http://public2.vulnerablecode.io/api/packages/12702?format=json","purl":"pkg:pypi/django@2.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-2f2p-wfbs-73hz"},{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-5a2y-2m62-1qfa"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-81q1-gytk-2uaq"},{"vulnerability":"VCID-9hp4-hn21-zkg8"},{"vulnerability":"VCID-b81v-3drw-xudf"},{"vulnerability":"VCID-bbxx-48nj-pqcd"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-fc6y-y2b1-v3d5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-gxju-xjh2-z7bn"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-jzbk-uswz-8ucg"},{"vulnerability":"VCID-nxbs-37dx-rbbh"},{"vulnerability":"VCID-punr-dfy5-v3g1"},{"vulnerability":"VCID-u53d-8afk-c3gq"},{"vulnerability":"VCID-vyzr-dkz3-vfg6"},{"vulnerability":"VCID-xb3c-6rew-z3ba"},{"vulnerability":"VCID-xu9t-qtjz-bud8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4"}],"aliases":["CVE-2019-14234","GHSA-6r97-cj55-9hrq","PYSEC-2019-13"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v8hg-78p1-87bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6092?format=json","vulnerability_id":"VCID-wj2g-v6dz-2yeq","summary":"denial of service","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6975","reference_id":"","reference_type":"","scores":[{"value":"0.07682","scoring_system":"epss","scoring_elements":"0.9203","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6975"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-wh4h-v3f2-r2pp","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wh4h-v3f2-r2pp"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227"},{"reference_url":"https://github.com/django/django/commit/1f42f82566c9d2d73aff1c42790d6b1b243f7676","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/1f42f82566c9d2d73aff1c42790d6b1b243f7676"},{"reference_url":"https://github.com/django/django/commit/40cd19055773705301c3428ed5e08a036d2091f3","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/40cd19055773705301c3428ed5e08a036d2091f3"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-18.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-18.yaml"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/WTwEAprR0IQ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/WTwEAprR0IQ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/"},{"reference_url":"https://seclists.org/bugtraq/2019/Jul/10","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Jul/10"},{"reference_url":"https://usn.ubuntu.com/3890-1","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3890-1"},{"reference_url":"https://usn.ubuntu.com/3890-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3890-1/"},{"reference_url":"https://web.archive.org/web/20200227084713/http://www.securityfocus.com/bid/106964","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20200227084713/http://www.securityfocus.com/bid/106964"},{"reference_url":"https://www.debian.org/security/2019/dsa-4476","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4476"},{"reference_url":"https://www.djangoproject.com/weblog/2019/feb/11/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/feb/11/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2019/feb/11/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/feb/11/security-releases/"},{"reference_url":"https://www.openwall.com/lists/oss-security/2019/02/11/1","reference_id":"","reference_type":"","scores":[],"url":"https://www.openwall.com/lists/oss-security/2019/02/11/1"},{"reference_url":"http://www.securityfocus.com/bid/106964","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106964"},{"reference_url":"https://security.archlinux.org/ASA-201902-14","reference_id":"ASA-201902-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-14"},{"reference_url":"https://security.archlinux.org/AVG-881","reference_id":"AVG-881","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-881"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6975","reference_id":"CVE-2019-6975","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6975"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/11776?format=json","purl":"pkg:pypi/django@1.11.19","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.19"},{"url":"http://public2.vulnerablecode.io/api/packages/56434?format=json","purl":"pkg:pypi/django@2.0.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/11777?format=json","purl":"pkg:pypi/django@2.0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hzcv-euwq-eqeg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/56435?format=json","purl":"pkg:pypi/django@2.1.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.6"},{"url":"http://public2.vulnerablecode.io/api/packages/11778?format=json","purl":"pkg:pypi/django@2.1.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-bxu2-wqcg-1ueh"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-x2hp-rmcn-gbah"},{"vulnerability":"VCID-ypwa-2rh9-gyex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.7"}],"aliases":["CVE-2019-6975","GHSA-wh4h-v3f2-r2pp","PYSEC-2019-18"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wj2g-v6dz-2yeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6108?format=json","vulnerability_id":"VCID-wsx7-6bfa-pugr","summary":"content spoofing","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3498","reference_id":"","reference_type":"","scores":[{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.67199","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3498"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-337x-4q8g-prc5","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-337x-4q8g-prc5"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-17.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-17.yaml"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/VYU7xQQTEPQ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/VYU7xQQTEPQ"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00005.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/"},{"reference_url":"https://usn.ubuntu.com/3851-1","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3851-1"},{"reference_url":"https://usn.ubuntu.com/3851-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3851-1/"},{"reference_url":"https://web.archive.org/web/20200227094237/http://www.securityfocus.com/bid/106453","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20200227094237/http://www.securityfocus.com/bid/106453"},{"reference_url":"https://www.debian.org/security/2019/dsa-4363","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4363"},{"reference_url":"https://www.djangoproject.com/weblog/2019/jan/04/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/jan/04/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2019/jan/04/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/jan/04/security-releases/"},{"reference_url":"http://www.securityfocus.com/bid/106453","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106453"},{"reference_url":"https://security.archlinux.org/ASA-201901-6","reference_id":"ASA-201901-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201901-6"},{"reference_url":"https://security.archlinux.org/AVG-839","reference_id":"AVG-839","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-839"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3498","reference_id":"CVE-2019-3498","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3498"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/11480?format=json","purl":"pkg:pypi/django@1.11.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-bxu2-wqcg-1ueh"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-wj2g-v6dz-2yeq"},{"vulnerability":"VCID-x2hp-rmcn-gbah"},{"vulnerability":"VCID-ypwa-2rh9-gyex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.18"},{"url":"http://public2.vulnerablecode.io/api/packages/11481?format=json","purl":"pkg:pypi/django@2.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-wj2g-v6dz-2yeq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/11482?format=json","purl":"pkg:pypi/django@2.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-bxu2-wqcg-1ueh"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-wj2g-v6dz-2yeq"},{"vulnerability":"VCID-x2hp-rmcn-gbah"},{"vulnerability":"VCID-ypwa-2rh9-gyex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.5"}],"aliases":["CVE-2019-3498","GHSA-337x-4q8g-prc5","PYSEC-2019-17"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wsx7-6bfa-pugr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6063?format=json","vulnerability_id":"VCID-x2hp-rmcn-gbah","summary":"multiple issues","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14232","reference_id":"","reference_type":"","scores":[{"value":"0.0297","scoring_system":"epss","scoring_elements":"0.86745","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14232"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-c4qh-4vgv-qc6g","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c4qh-4vgv-qc6g"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-11.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-11.yaml"},{"reference_url":"https://github.com/pypa/advisory-db/tree/main/vulns/django/PYSEC-2019-11.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-db/tree/main/vulns/django/PYSEC-2019-11.yaml"},{"reference_url":"https://groups.google.com/forum/#%21topic/django-announce/jIoju2-KLDs","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21topic/django-announce/jIoju2-KLDs"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK/"},{"reference_url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ","reference_id":"","reference_type":"","scores":[],"url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ"},{"reference_url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW","reference_id":"","reference_type":"","scores":[],"url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/15","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Aug/15"},{"reference_url":"https://security.gentoo.org/glsa/202004-17","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-17"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190828-0002","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190828-0002"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190828-0002/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190828-0002/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4498","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4498"},{"reference_url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/aug/01/security-releases/"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/10/04/6","reference_id":"","reference_type":"","scores":[],"url":"https://www.openwall.com/lists/oss-security/2023/10/04/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/04/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2023/10/04/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/04/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2024/03/04/1"},{"reference_url":"https://security.archlinux.org/ASA-201908-2","reference_id":"ASA-201908-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-2"},{"reference_url":"https://security.archlinux.org/AVG-1015","reference_id":"AVG-1015","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1015"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14232","reference_id":"CVE-2019-14232","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-14232"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/12700?format=json","purl":"pkg:pypi/django@1.11.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-hzcv-euwq-eqeg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.23"},{"url":"http://public2.vulnerablecode.io/api/packages/12701?format=json","purl":"pkg:pypi/django@2.1.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-hzcv-euwq-eqeg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.11"},{"url":"http://public2.vulnerablecode.io/api/packages/12702?format=json","purl":"pkg:pypi/django@2.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-2f2p-wfbs-73hz"},{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-5a2y-2m62-1qfa"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-81q1-gytk-2uaq"},{"vulnerability":"VCID-9hp4-hn21-zkg8"},{"vulnerability":"VCID-b81v-3drw-xudf"},{"vulnerability":"VCID-bbxx-48nj-pqcd"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-fc6y-y2b1-v3d5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-gxju-xjh2-z7bn"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-jzbk-uswz-8ucg"},{"vulnerability":"VCID-nxbs-37dx-rbbh"},{"vulnerability":"VCID-punr-dfy5-v3g1"},{"vulnerability":"VCID-u53d-8afk-c3gq"},{"vulnerability":"VCID-vyzr-dkz3-vfg6"},{"vulnerability":"VCID-xb3c-6rew-z3ba"},{"vulnerability":"VCID-xu9t-qtjz-bud8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.4"}],"aliases":["CVE-2019-14232","GHSA-c4qh-4vgv-qc6g","PYSEC-2019-11"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x2hp-rmcn-gbah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4315?format=json","vulnerability_id":"VCID-ypwa-2rh9-gyex","summary":"silent downgrade","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12781","reference_id":"","reference_type":"","scores":[{"value":"0.04284","scoring_system":"epss","scoring_elements":"0.89026","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12781"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security"},{"reference_url":"https://docs.djangoproject.com/en/dev/releases/security/","reference_id":"","reference_type":"","scores":[],"url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"reference_url":"https://github.com/advisories/GHSA-6c7v-2f49-8h26","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6c7v-2f49-8h26"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-10.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-10.yaml"},{"reference_url":"https://groups.google.com/forum/#!topic/django-announce/Is4kLY9ZcZQ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#!topic/django-announce/Is4kLY9ZcZQ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL/"},{"reference_url":"https://seclists.org/bugtraq/2019/Jul/10","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Jul/10"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190705-0002","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190705-0002"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190705-0002/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190705-0002/"},{"reference_url":"https://usn.ubuntu.com/4043-1","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4043-1"},{"reference_url":"https://usn.ubuntu.com/4043-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4043-1/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4476","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4476"},{"reference_url":"https://www.djangoproject.com/weblog/2019/jul/01/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/jul/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2019/jul/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2019/jul/01/security-releases/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/07/01/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/07/01/3"},{"reference_url":"http://www.securityfocus.com/bid/109018","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/109018"},{"reference_url":"https://security.archlinux.org/ASA-201907-2","reference_id":"ASA-201907-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201907-2"},{"reference_url":"https://security.archlinux.org/AVG-1000","reference_id":"AVG-1000","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1000"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12781","reference_id":"CVE-2019-12781","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12781"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/12372?format=json","purl":"pkg:pypi/django@1.11.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-x2hp-rmcn-gbah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.22"},{"url":"http://public2.vulnerablecode.io/api/packages/12370?format=json","purl":"pkg:pypi/django@2.1.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-x2hp-rmcn-gbah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.1.10"},{"url":"http://public2.vulnerablecode.io/api/packages/12371?format=json","purl":"pkg:pypi/django@2.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-2f2p-wfbs-73hz"},{"vulnerability":"VCID-3gvv-5jbs-cfc1"},{"vulnerability":"VCID-5a2y-2m62-1qfa"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-81q1-gytk-2uaq"},{"vulnerability":"VCID-9hp4-hn21-zkg8"},{"vulnerability":"VCID-b81v-3drw-xudf"},{"vulnerability":"VCID-bbxx-48nj-pqcd"},{"vulnerability":"VCID-dcv2-gx5a-pfe2"},{"vulnerability":"VCID-dqkn-1888-y3er"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-fc6y-y2b1-v3d5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-gxju-xjh2-z7bn"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-jzbk-uswz-8ucg"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-nxbs-37dx-rbbh"},{"vulnerability":"VCID-punr-dfy5-v3g1"},{"vulnerability":"VCID-u53d-8afk-c3gq"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-vyzr-dkz3-vfg6"},{"vulnerability":"VCID-x2hp-rmcn-gbah"},{"vulnerability":"VCID-xb3c-6rew-z3ba"},{"vulnerability":"VCID-xu9t-qtjz-bud8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.2.3"}],"aliases":["CVE-2019-12781","GHSA-6c7v-2f49-8h26","PYSEC-2019-10"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ypwa-2rh9-gyex"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6189?format=json","vulnerability_id":"VCID-9hf4-234m-uqdt","summary":"information disclosure","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-6188","reference_id":"","reference_type":"","scores":[{"value":"0.0077","scoring_system":"epss","scoring_elements":"0.7383","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-6188"},{"reference_url":"https://github.com/advisories/GHSA-rf4j-j272-fj86","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rf4j-j272-fj86"},{"reference_url":"https://github.com/django/django","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django"},{"reference_url":"https://github.com/django/django/commit/57b95fedad5e0b83fc9c81466b7d1751c6427aae","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/57b95fedad5e0b83fc9c81466b7d1751c6427aae"},{"reference_url":"https://github.com/django/django/commit/c37bb28677295f6edda61d8ac461014ef0d3aeb2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/django/django/commit/c37bb28677295f6edda61d8ac461014ef0d3aeb2"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2018-4.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2018-4.yaml"},{"reference_url":"https://usn.ubuntu.com/3559-1","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3559-1"},{"reference_url":"https://usn.ubuntu.com/3559-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3559-1/"},{"reference_url":"https://web.archive.org/web/20200517143909/http://www.securitytracker.com/id/1040422","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20200517143909/http://www.securitytracker.com/id/1040422"},{"reference_url":"https://www.djangoproject.com/weblog/2018/feb/01/security-releases","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2018/feb/01/security-releases"},{"reference_url":"https://www.djangoproject.com/weblog/2018/feb/01/security-releases/","reference_id":"","reference_type":"","scores":[],"url":"https://www.djangoproject.com/weblog/2018/feb/01/security-releases/"},{"reference_url":"http://www.securitytracker.com/id/1040422","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1040422"},{"reference_url":"https://security.archlinux.org/AVG-624","reference_id":"AVG-624","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-624"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-6188","reference_id":"CVE-2018-6188","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-6188"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9509?format=json","purl":"pkg:pypi/django@1.11.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2bh9-k4at-r7hz"},{"vulnerability":"VCID-2jvg-udsm-nkax"},{"vulnerability":"VCID-5sxw-p38k-q7cp"},{"vulnerability":"VCID-7b47-vsfh-y3gh"},{"vulnerability":"VCID-bxu2-wqcg-1ueh"},{"vulnerability":"VCID-evu1-efcj-gfc5"},{"vulnerability":"VCID-fynq-usj6-rfd3"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-j1jc-m7e2-5yck"},{"vulnerability":"VCID-n9cz-g44c-4fht"},{"vulnerability":"VCID-v8hg-78p1-87bh"},{"vulnerability":"VCID-wj2g-v6dz-2yeq"},{"vulnerability":"VCID-wsx7-6bfa-pugr"},{"vulnerability":"VCID-x2hp-rmcn-gbah"},{"vulnerability":"VCID-ypwa-2rh9-gyex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.10"},{"url":"http://public2.vulnerablecode.io/api/packages/9428?format=json","purl":"pkg:pypi/django@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jvg-udsm-nkax"},{"vulnerability":"VCID-5sxw-p38k-q7cp"},{"vulnerability":"VCID-hzcv-euwq-eqeg"},{"vulnerability":"VCID-j1jc-m7e2-5yck"},{"vulnerability":"VCID-wj2g-v6dz-2yeq"},{"vulnerability":"VCID-wsx7-6bfa-pugr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@2.0.2"}],"aliases":["CVE-2018-6188","GHSA-rf4j-j272-fj86","PYSEC-2018-4"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9hf4-234m-uqdt"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/django@1.11.10"}