[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-7401":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":70,"related":71,"reserved_at":9,"published_at":84,"modified_at":85,"state":86,"summary":87,"references_raw":96,"kevs":193,"epss":194,"epss_history":197,"metrics":459,"affected":474},"CVE-2016-7401","The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"CWE-254","7PK - Security Features","Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.","category","Incomplete",[],[],[20,21],"GHSA-crhm-qpjc-cm64","PYSEC-2016-3",[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68],{"_key":25},"RHSA-2016:2038",{"_key":27},"RHSA-2016:2039",{"_key":29},"RHSA-2016:2040",{"_key":31},"RHSA-2016:2041",{"_key":33},"RHSA-2016:2042",{"_key":35},"RHSA-2016:2043",{"_key":37},"SUSE-SU-2018:0973-1",{"_key":39},"SUSE-SU-2018:1102-1",{"_key":41},"UBUNTU-CVE-2016-7401",{"_key":43},"USN-3089-1",{"_key":45},"OPENSUSE-SU-2024:11205-1",{"_key":47},"OPENSUSE-SU-2024:12248-1",{"_key":49},"OPENSUSE-SU-2024:13158-1",{"_key":51},"OPENSUSE-SU-2024:13887-1",{"_key":53},"OPENSUSE-SU-2024:14073-1",{"_key":55},"OPENSUSE-SU-2024:14208-1",{"_key":57},"OPENSUSE-SU-2025:14741-1",{"_key":59},"DLA-649-1",{"_key":61},"DSA-3678-1",{"_key":63},"OPENSUSE-SU-2026:10349-1",{"_key":65},"OPENSUSE-SU-2026:10005-1",{"_key":67},"MGASA-2016-0334",{"_key":69},"DEBIAN-CVE-2016-7401",[],[72,73,74,75,76,77,78,79,80,81,82,83],{"_key":37},{"_key":39},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":63},{"_key":65},{"_key":67},"2016-10-03T18:00:00.000Z","2024-08-06T01:57:47.529Z","Modified",{"cisa_kev":88,"cisa_ransomware":88,"cisa_vendor":9,"epss_severity":89,"epss_score":90,"severity":91,"severity_score":92,"severity_version":93,"severity_source":94,"severity_vector":95,"severity_status":86},false,"low",0.06156,"high",7.5,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",[97,108,113,117,123,127,134,138,143,148,152,156,160,164,168,172,177,181,185,189],{"url":98,"sources":99,"tags":102},"http://www.debian.org/security/2016/dsa-3678",[100,94,101],"cve.org","osv_pypi",[103,104,105,106,107],"Vendor Advisory","X Refsource DEBIAN","Third Party Advisory","WEB","Advisory",{"url":109,"sources":110,"tags":111},"http://rhn.redhat.com/errata/RHSA-2016-2040.html",[100,94,101],[103,112,106,107],"X Refsource REDHAT",{"url":114,"sources":115,"tags":116},"http://rhn.redhat.com/errata/RHSA-2016-2043.html",[100,94,101],[103,112,106,107],{"url":118,"sources":119,"tags":120},"http://www.securitytracker.com/id/1036899",[100,94,101],[121,122,105,106],"VDB Entry","X Refsource SECTRACK",{"url":124,"sources":125,"tags":126},"http://rhn.redhat.com/errata/RHSA-2016-2041.html",[100,94,101],[103,112,106,107],{"url":128,"sources":129,"tags":130},"https://www.djangoproject.com/weblog/2016/sep/26/security-releases/",[100,94,101],[131,132,103,133],"X Refsource CONFIRM","Patch","ARTICLE",{"url":135,"sources":136,"tags":137},"http://rhn.redhat.com/errata/RHSA-2016-2042.html",[100,94,101],[103,112,106,107],{"url":139,"sources":140,"tags":141},"http://www.ubuntu.com/usn/USN-3089-1",[100,94,101],[103,142,105,106,107],"X Refsource UBUNTU",{"url":144,"sources":145,"tags":146},"http://www.securityfocus.com/bid/93182",[100,94,101],[121,147,105,106],"X Refsource BID",{"url":149,"sources":150,"tags":151},"http://rhn.redhat.com/errata/RHSA-2016-2038.html",[100,94,101],[103,112,106,107],{"url":153,"sources":154,"tags":155},"http://rhn.redhat.com/errata/RHSA-2016-2039.html",[100,94,101],[103,112,106,107],{"url":157,"sources":158,"tags":159},"https://nvd.nist.gov/vuln/detail/CVE-2016-7401",[101],[107],{"url":161,"sources":162,"tags":163},"https://github.com/django/django/commit/6118ab7d0676f0d622278e5be215f14fb5410b6a",[101],[106],{"url":165,"sources":166,"tags":167},"https://github.com/django/django/commit/6fe846a8f08dc959003f298b5407e321c6fe3735",[101],[106],{"url":169,"sources":170,"tags":171},"https://github.com/django/django/commit/d1bc980db1c0fffd6d60677e62f70beadb9fe64a",[101],[106],{"url":173,"sources":174,"tags":175},"https://github.com/django/django",[101],[176],"PACKAGE",{"url":178,"sources":179,"tags":180},"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-3.yaml",[101],[106],{"url":182,"sources":183,"tags":184},"https://web.archive.org/web/20200227223637/http://www.securityfocus.com/bid/93182",[101],[106],{"url":186,"sources":187,"tags":188},"https://web.archive.org/web/20210927195154/http://www.securitytracker.com/id/1036899",[101],[106],{"url":190,"sources":191,"tags":192},"https://www.djangoproject.com/weblog/2016/sep/26/security-releases",[101],[106],[],{"date":195,"score":90,"percentile":196},"2026-06-04",0.9098,[198,202,205,208,210,213,216,218,221,224,227,230,233,235,237,240,243,246,249,252,255,257,260,263,266,269,272,274,278,281,284,287,290,292,295,298,301,304,307,310,313,315,318,321,324,327,330,332,335,338,341,344,347,350,354,357,360,362,365,367,370,372,374,377,380,383,386,389,392,395,399,402,405,408,411,414,418,421,424,427,430,433,436,439,441,444,446,449,452,455],{"date":199,"score":200,"percentile":201},"2025-11-04",0.05488,0.89761,{"date":203,"score":200,"percentile":204},"2025-11-05",0.8976,{"date":206,"score":200,"percentile":207},"2025-11-06",0.89756,{"date":209,"score":200,"percentile":201},"2025-11-07",{"date":211,"score":200,"percentile":212},"2025-11-08",0.89764,{"date":214,"score":200,"percentile":215},"2025-11-09",0.89763,{"date":217,"score":200,"percentile":201},"2025-11-10",{"date":219,"score":200,"percentile":220},"2025-11-11",0.89759,{"date":222,"score":200,"percentile":223},"2025-11-12",0.89767,{"date":225,"score":200,"percentile":226},"2025-11-13",0.8977,{"date":228,"score":200,"percentile":229},"2025-11-14",0.89773,{"date":231,"score":200,"percentile":232},"2025-11-15",0.89771,{"date":234,"score":200,"percentile":229},"2025-11-16",{"date":236,"score":200,"percentile":232},"2025-11-17",{"date":238,"score":200,"percentile":239},"2025-11-18",0.8924,{"date":241,"score":200,"percentile":242},"2025-11-19",0.89244,{"date":244,"score":200,"percentile":245},"2025-11-20",0.89245,{"date":247,"score":200,"percentile":248},"2025-11-21",0.89784,{"date":250,"score":200,"percentile":251},"2025-11-22",0.89786,{"date":253,"score":200,"percentile":254},"2025-11-23",0.89783,{"date":256,"score":200,"percentile":251},"2025-11-24",{"date":258,"score":200,"percentile":259},"2025-11-25",0.89793,{"date":261,"score":200,"percentile":262},"2025-11-26",0.89794,{"date":264,"score":200,"percentile":265},"2025-11-27",0.89795,{"date":267,"score":200,"percentile":268},"2025-11-28",0.89787,{"date":270,"score":200,"percentile":271},"2025-11-29",0.89849,{"date":273,"score":200,"percentile":271},"2025-11-30",{"date":275,"score":276,"percentile":277},"2025-12-01",0.05294,0.89687,{"date":279,"score":276,"percentile":280},"2025-12-02",0.89691,{"date":282,"score":276,"percentile":283},"2025-12-03",0.8969,{"date":285,"score":200,"percentile":286},"2025-12-04",0.89854,{"date":288,"score":200,"percentile":289},"2025-12-05",0.89856,{"date":291,"score":200,"percentile":286},"2025-12-06",{"date":293,"score":200,"percentile":294},"2025-12-07",0.8985,{"date":296,"score":200,"percentile":297},"2025-12-08",0.89851,{"date":299,"score":200,"percentile":300},"2025-12-09",0.89853,{"date":302,"score":200,"percentile":303},"2025-12-10",0.89866,{"date":305,"score":200,"percentile":306},"2025-12-11",0.89869,{"date":308,"score":200,"percentile":309},"2025-12-12",0.89874,{"date":311,"score":200,"percentile":312},"2025-12-13",0.89878,{"date":314,"score":200,"percentile":312},"2025-12-14",{"date":316,"score":200,"percentile":317},"2025-12-15",0.89879,{"date":319,"score":200,"percentile":320},"2025-12-16",0.89873,{"date":322,"score":200,"percentile":323},"2025-12-17",0.8988,{"date":325,"score":200,"percentile":326},"2025-12-18",0.89887,{"date":328,"score":200,"percentile":329},"2025-12-19",0.89888,{"date":331,"score":200,"percentile":326},"2025-12-20",{"date":333,"score":200,"percentile":334},"2025-12-21",0.89895,{"date":336,"score":200,"percentile":337},"2025-12-22",0.89896,{"date":339,"score":200,"percentile":340},"2025-12-23",0.89899,{"date":342,"score":200,"percentile":343},"2025-12-24",0.89903,{"date":345,"score":200,"percentile":346},"2025-12-25",0.89917,{"date":348,"score":200,"percentile":349},"2025-12-26",0.89914,{"date":351,"score":352,"percentile":353},"2025-12-27",0.03718,0.87656,{"date":355,"score":200,"percentile":356},"2025-12-28",0.8991,{"date":358,"score":200,"percentile":359},"2025-12-29",0.89908,{"date":361,"score":200,"percentile":349},"2025-12-30",{"date":363,"score":200,"percentile":364},"2025-12-31",0.89922,{"date":366,"score":276,"percentile":204},"2026-01-01",{"date":368,"score":276,"percentile":369},"2026-01-02",0.89753,{"date":371,"score":276,"percentile":369},"2026-01-03",{"date":373,"score":200,"percentile":364},"2026-01-04",{"date":375,"score":200,"percentile":376},"2026-01-05",0.89919,{"date":378,"score":200,"percentile":379},"2026-01-06",0.89921,{"date":381,"score":200,"percentile":382},"2026-01-07",0.89924,{"date":384,"score":200,"percentile":385},"2026-01-08",0.89927,{"date":387,"score":200,"percentile":388},"2026-01-09",0.89928,{"date":390,"score":200,"percentile":391},"2026-01-10",0.89929,{"date":393,"score":200,"percentile":394},"2026-01-11",0.8992,{"date":396,"score":397,"percentile":398},"2026-01-12",0.07708,0.91635,{"date":400,"score":397,"percentile":401},"2026-01-13",0.91634,{"date":403,"score":397,"percentile":404},"2026-01-14",0.91647,{"date":406,"score":397,"percentile":407},"2026-01-15",0.9165,{"date":409,"score":397,"percentile":410},"2026-01-16",0.91654,{"date":412,"score":397,"percentile":413},"2026-01-17",0.91657,{"date":415,"score":416,"percentile":417},"2026-01-18",0.04378,0.88634,{"date":419,"score":416,"percentile":420},"2026-01-19",0.88633,{"date":422,"score":416,"percentile":423},"2026-01-20",0.88636,{"date":425,"score":416,"percentile":426},"2026-01-21",0.88642,{"date":428,"score":416,"percentile":429},"2026-01-22",0.88646,{"date":431,"score":416,"percentile":432},"2026-01-23",0.88658,{"date":434,"score":416,"percentile":435},"2026-01-24",0.88666,{"date":437,"score":416,"percentile":438},"2026-01-25",0.88663,{"date":440,"score":416,"percentile":435},"2026-01-26",{"date":442,"score":416,"percentile":443},"2026-01-27",0.88665,{"date":445,"score":416,"percentile":435},"2026-01-28",{"date":447,"score":416,"percentile":448},"2026-01-29",0.88672,{"date":450,"score":416,"percentile":451},"2026-01-30",0.88676,{"date":453,"score":416,"percentile":454},"2026-01-31",0.88675,{"date":456,"score":457,"percentile":458},"2026-02-01",0.07156,0.91389,[460,469],{"source":94,"cvss_v2_0":461,"cvss_v3_0":466,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":462,"baseSeverity":9,"vectorString":463,"impactScore":464,"exploitabilityScore":465},5,"AV:N/AC:L/Au:N/C:N/I:P/A:N",2.9,10,{"baseScore":92,"baseSeverity":467,"vectorString":95,"impactScore":468,"exploitabilityScore":465},"HIGH",6,{"source":101,"cvss_v2_0":9,"cvss_v3_0":470,"cvss_v3_1":9,"cvss_v4_0":471},{"baseScore":92,"baseSeverity":9,"vectorString":95,"impactScore":468,"exploitabilityScore":465},{"baseScore":472,"baseSeverity":9,"vectorString":473,"impactScore":9,"exploitabilityScore":9},8.7,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",[475,488,495,526],{"ecosystem":9,"name":476,"vendor":477,"product":478,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":480},"ubuntu linux","canonical","ubuntu_linux","o",[481,484,486],{"version":482,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04","cpe",{"version":485,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":487,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"ecosystem":9,"name":489,"vendor":490,"product":491,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":492},"debian linux","debian","debian_linux",[493],{"version":494,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"ecosystem":9,"name":496,"vendor":497,"product":498,"cpe_part":499,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":500},"Django","djangoproject","django","a",[501,506,508,510,512,514,516,518,520,522,524],{"version":502,"is_range":503,"range_type":483,"version_start":9,"version_start_type":9,"version_end":504,"version_end_type":505,"fixed_in":9},"lte1.8.14",true,"1.8.14","including",{"version":507,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.0",{"version":509,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.1",{"version":511,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.2",{"version":513,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3",{"version":515,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.4",{"version":517,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.5",{"version":519,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.6",{"version":521,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.7",{"version":523,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.8",{"version":525,"is_range":88,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.9",{"ecosystem":527,"name":498,"vendor":527,"product":498,"cpe_part":9,"purl_type":528,"purl_namespace":9,"purl_name":498,"source":9,"versions":529},"PyPI","pypi",[530,535],{"version":531,"is_range":503,"range_type":532,"version_start":9,"version_start_type":9,"version_end":533,"version_end_type":534,"fixed_in":9},"lt1_8_15","ecosystem","1.8.15","excluding",{"version":536,"is_range":503,"range_type":532,"version_start":537,"version_start_type":505,"version_end":538,"version_end_type":534,"fixed_in":9},"gte1_9_lt1_9_10","1.9","1.9.10"]