[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-12781":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":82,"aliases":83,"duplicate_of":9,"upstream":86,"downstream":87,"duplicates":126,"related":127,"reserved_at":9,"published_at":138,"modified_at":139,"state":140,"summary":141,"references_raw":150,"kevs":263,"epss":264,"epss_history":267,"metrics":522,"affected":537},"CVE-2019-12781","An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-319","Cleartext Transmission of Sensitive Information","The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.","weakness","Draft","Base","High",[20,24,28,61,65],{"id":21,"name":22,"techniques":23},"CAPEC-102","Session Sidejacking",[],{"id":25,"name":26,"techniques":27},"CAPEC-117","Interception",[],{"id":29,"name":30,"techniques":31},"CAPEC-383","Harvesting Information via API Event Monitoring",[32],{"id":33,"name":34,"tactics":35,"countermeasures":42},"T1056.004","Credential API Hooking",[36,39],{"id":37,"name":38},"TA0100","Collection",{"id":40,"name":41},"TA0031","Credential Access",[43,48,52,57],{"id":44,"name":45,"tactic":46},"D3-MBT","Memory Boundary Tracking",{"name":47},"Detect",{"id":49,"name":50,"tactic":51},"D3-PCSV","Process Code Segment Verification",{"name":47},{"id":53,"name":54,"tactic":55},"D3-PSEP","Process Segment Execution Prevention",{"name":56},"Harden",{"id":58,"name":59,"tactic":60},"D3-SAOR","Segment Address Offset Randomization",{"name":56},{"id":62,"name":63,"techniques":64},"CAPEC-477","Signature Spoofing by Mixing Signed and Unsigned Content",[],{"id":66,"name":67,"techniques":68},"CAPEC-65","Sniff Application Code",[69],{"id":70,"name":71,"tactics":72,"countermeasures":77},"T1040","Network Sniffing",[73,74],{"id":40,"name":41},{"id":75,"name":76},"TA0102","Discovery",[78],{"id":79,"name":80,"tactic":81},"D3-DNSTA","DNS Traffic Analysis",{"name":47},[],[84,85],"GHSA-6c7v-2f49-8h26","PYSEC-2019-10",[],[88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124],{"_key":89},"ALPINE-CVE-2019-12781",{"_key":91},"RHSA-2020:1324",{"_key":93},"RHSA-2020:4390",{"_key":95},"SUSE-SU-2019:2257-1",{"_key":97},"SUSE-SU-2019:2335-1",{"_key":99},"SUSE-SU-2019:2379-1",{"_key":101},"SUSE-SU-2019:3127-1",{"_key":103},"OPENSUSE-SU-2019:1872-1",{"_key":105},"OPENSUSE-SU-2019:1839-1",{"_key":107},"OPENSUSE-SU-2024:11205-1",{"_key":109},"OPENSUSE-SU-2024:13887-1",{"_key":111},"OPENSUSE-SU-2024:14208-1",{"_key":113},"DLA-1842-1",{"_key":115},"DSA-4476-1",{"_key":117},"OPENSUSE-SU-2026:10005-1",{"_key":119},"UBUNTU-CVE-2019-12781",{"_key":121},"USN-4043-1",{"_key":123},"DEBIAN-CVE-2019-12781",{"_key":125},"RHSA-2020:4366",[],[128,129,130,131,132,133,134,135,136,137],{"_key":95},{"_key":97},{"_key":99},{"_key":101},{"_key":103},{"_key":105},{"_key":107},{"_key":109},{"_key":111},{"_key":117},"2019-07-01T13:56:37.000Z","2024-08-04T23:32:54.914Z","Modified",{"cisa_kev":142,"cisa_ransomware":142,"cisa_vendor":9,"epss_severity":143,"epss_score":144,"severity":145,"severity_score":146,"severity_version":147,"severity_source":148,"severity_vector":149,"severity_status":140},false,"low",0.04217,"medium",5.3,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",[151,161,165,171,178,183,189,194,199,204,209,214,218,222,226,230,235,239,243,247,251,255,259],{"url":152,"sources":153,"tags":156},"https://docs.djangoproject.com/en/dev/releases/security/",[154,148,155],"cve.org","osv_pypi",[157,158,159,160],"X Refsource MISC","Patch","Vendor Advisory","WEB",{"url":162,"sources":163,"tags":164},"https://groups.google.com/forum/#%21topic/django-announce/Is4kLY9ZcZQ",[154,148],[157],{"url":166,"sources":167,"tags":168},"https://www.djangoproject.com/weblog/2019/jul/01/security-releases/",[154,148,155],[169,158,159,170],"X Refsource CONFIRM","ARTICLE",{"url":172,"sources":173,"tags":174},"http://www.openwall.com/lists/oss-security/2019/07/01/3",[154,148,155],[175,176,158,177,160],"Mailing List","X Refsource MLIST","Third Party Advisory",{"url":179,"sources":180,"tags":181},"https://usn.ubuntu.com/4043-1/",[154,148,155],[159,182,177,160],"X Refsource UBUNTU",{"url":184,"sources":185,"tags":186},"http://www.securityfocus.com/bid/109018",[154,148,155],[187,188,177,160],"VDB Entry","X Refsource BID",{"url":190,"sources":191,"tags":192},"https://security.netapp.com/advisory/ntap-20190705-0002/",[154,148,155],[169,177,193],"Advisory",{"url":195,"sources":196,"tags":197},"https://www.debian.org/security/2019/dsa-4476",[154,148,155],[159,198,177,160,193],"X Refsource DEBIAN",{"url":200,"sources":201,"tags":202},"https://seclists.org/bugtraq/2019/Jul/10",[154,148,155],[175,203,177,160],"X Refsource BUGTRAQ",{"url":205,"sources":206,"tags":207},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL/",[154,148],[159,208],"X Refsource FEDORA",{"url":210,"sources":211,"tags":212},"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html",[154,148,155],[159,213,160],"X Refsource SUSE",{"url":215,"sources":216,"tags":217},"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html",[154,148,155],[159,213,160],{"url":219,"sources":220,"tags":221},"https://nvd.nist.gov/vuln/detail/CVE-2019-12781",[155],[193],{"url":223,"sources":224,"tags":225},"https://docs.djangoproject.com/en/dev/releases/security",[155],[160],{"url":227,"sources":228,"tags":229},"https://github.com/advisories/GHSA-6c7v-2f49-8h26",[155],[193],{"url":231,"sources":232,"tags":233},"https://github.com/django/django",[155],[234],"PACKAGE",{"url":236,"sources":237,"tags":238},"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-10.yaml",[155],[160],{"url":240,"sources":241,"tags":242},"https://groups.google.com/forum/#!topic/django-announce/Is4kLY9ZcZQ",[155],[160],{"url":244,"sources":245,"tags":246},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL",[155],[160],{"url":248,"sources":249,"tags":250},"https://security.netapp.com/advisory/ntap-20190705-0002",[155],[160],{"url":252,"sources":253,"tags":254},"https://usn.ubuntu.com/4043-1",[155],[160],{"url":256,"sources":257,"tags":258},"https://www.djangoproject.com/weblog/2019/jul/01/security-releases",[155],[160],{"url":260,"sources":261,"tags":262},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5VXXWIOQGXOB7JCGJ3CVUW673LDHKEYL/",[155],[160],[],{"date":265,"score":144,"percentile":266},"2026-06-04",0.88944,[268,272,275,278,281,284,287,290,293,295,298,301,304,306,309,313,316,319,322,325,328,330,333,335,337,340,343,346,349,352,355,358,360,363,365,367,370,373,376,379,381,384,387,389,392,395,398,401,404,407,409,412,415,418,422,425,427,430,433,436,439,442,444,447,450,453,455,458,460,462,465,467,469,472,475,477,479,482,485,488,491,494,498,501,504,507,510,513,516,519],{"date":269,"score":270,"percentile":271},"2025-11-04",0.03851,0.87693,{"date":273,"score":270,"percentile":274},"2025-11-05",0.87695,{"date":276,"score":270,"percentile":277},"2025-11-06",0.87684,{"date":279,"score":270,"percentile":280},"2025-11-07",0.87689,{"date":282,"score":270,"percentile":283},"2025-11-08",0.87692,{"date":285,"score":270,"percentile":286},"2025-11-09",0.87686,{"date":288,"score":270,"percentile":289},"2025-11-10",0.87685,{"date":291,"score":270,"percentile":292},"2025-11-11",0.8769,{"date":294,"score":270,"percentile":274},"2025-11-12",{"date":296,"score":270,"percentile":297},"2025-11-13",0.87701,{"date":299,"score":270,"percentile":300},"2025-11-14",0.87704,{"date":302,"score":270,"percentile":303},"2025-11-15",0.87699,{"date":305,"score":270,"percentile":300},"2025-11-16",{"date":307,"score":270,"percentile":308},"2025-11-17",0.877,{"date":310,"score":311,"percentile":312},"2025-11-18",0.0543,0.89182,{"date":314,"score":311,"percentile":315},"2025-11-19",0.89185,{"date":317,"score":311,"percentile":318},"2025-11-20",0.89188,{"date":320,"score":270,"percentile":321},"2025-11-21",0.87718,{"date":323,"score":270,"percentile":324},"2025-11-22",0.87714,{"date":326,"score":270,"percentile":327},"2025-11-23",0.8771,{"date":329,"score":270,"percentile":327},"2025-11-24",{"date":331,"score":270,"percentile":332},"2025-11-25",0.87711,{"date":334,"score":270,"percentile":327},"2025-11-26",{"date":336,"score":270,"percentile":332},"2025-11-27",{"date":338,"score":270,"percentile":339},"2025-11-28",0.87698,{"date":341,"score":270,"percentile":342},"2025-11-29",0.87774,{"date":344,"score":270,"percentile":345},"2025-11-30",0.87773,{"date":347,"score":270,"percentile":348},"2025-12-01",0.87834,{"date":350,"score":270,"percentile":351},"2025-12-02",0.87836,{"date":353,"score":270,"percentile":354},"2025-12-03",0.87835,{"date":356,"score":270,"percentile":357},"2025-12-04",0.87771,{"date":359,"score":270,"percentile":345},"2025-12-05",{"date":361,"score":270,"percentile":362},"2025-12-06",0.87772,{"date":364,"score":270,"percentile":357},"2025-12-07",{"date":366,"score":270,"percentile":362},"2025-12-08",{"date":368,"score":270,"percentile":369},"2025-12-09",0.87786,{"date":371,"score":270,"percentile":372},"2025-12-10",0.87801,{"date":374,"score":270,"percentile":375},"2025-12-11",0.87806,{"date":377,"score":270,"percentile":378},"2025-12-12",0.87812,{"date":380,"score":270,"percentile":378},"2025-12-13",{"date":382,"score":270,"percentile":383},"2025-12-14",0.87809,{"date":385,"score":270,"percentile":386},"2025-12-15",0.87807,{"date":388,"score":270,"percentile":378},"2025-12-16",{"date":390,"score":270,"percentile":391},"2025-12-17",0.87815,{"date":393,"score":270,"percentile":394},"2025-12-18",0.87824,{"date":396,"score":270,"percentile":397},"2025-12-19",0.87826,{"date":399,"score":270,"percentile":400},"2025-12-20",0.87825,{"date":402,"score":270,"percentile":403},"2025-12-21",0.8783,{"date":405,"score":270,"percentile":406},"2025-12-22",0.87831,{"date":408,"score":270,"percentile":351},"2025-12-23",{"date":410,"score":270,"percentile":411},"2025-12-24",0.87839,{"date":413,"score":270,"percentile":414},"2025-12-25",0.87852,{"date":416,"score":270,"percentile":417},"2025-12-26",0.87849,{"date":419,"score":420,"percentile":421},"2025-12-27",0.02044,0.83427,{"date":423,"score":270,"percentile":424},"2025-12-28",0.87837,{"date":426,"score":270,"percentile":406},"2025-12-29",{"date":428,"score":270,"percentile":429},"2025-12-30",0.87841,{"date":431,"score":270,"percentile":432},"2025-12-31",0.87853,{"date":434,"score":270,"percentile":435},"2026-01-01",0.87911,{"date":437,"score":270,"percentile":438},"2026-01-02",0.87905,{"date":440,"score":270,"percentile":441},"2026-01-03",0.87904,{"date":443,"score":270,"percentile":429},"2026-01-04",{"date":445,"score":270,"percentile":446},"2026-01-05",0.87838,{"date":448,"score":270,"percentile":449},"2026-01-06",0.87842,{"date":451,"score":270,"percentile":452},"2026-01-07",0.87844,{"date":454,"score":270,"percentile":417},"2026-01-08",{"date":456,"score":270,"percentile":457},"2026-01-09",0.87848,{"date":459,"score":270,"percentile":417},"2026-01-10",{"date":461,"score":270,"percentile":449},"2026-01-11",{"date":463,"score":270,"percentile":464},"2026-01-12",0.8784,{"date":466,"score":270,"percentile":411},"2026-01-13",{"date":468,"score":270,"percentile":414},"2026-01-14",{"date":470,"score":270,"percentile":471},"2026-01-15",0.87854,{"date":473,"score":270,"percentile":474},"2026-01-16",0.87859,{"date":476,"score":270,"percentile":474},"2026-01-17",{"date":478,"score":270,"percentile":474},"2026-01-18",{"date":480,"score":270,"percentile":481},"2026-01-19",0.87857,{"date":483,"score":270,"percentile":484},"2026-01-20",0.87856,{"date":486,"score":270,"percentile":487},"2026-01-21",0.87861,{"date":489,"score":270,"percentile":490},"2026-01-22",0.87866,{"date":492,"score":270,"percentile":493},"2026-01-23",0.87878,{"date":495,"score":496,"percentile":497},"2026-01-24",0.03901,0.87961,{"date":499,"score":496,"percentile":500},"2026-01-25",0.87958,{"date":502,"score":496,"percentile":503},"2026-01-26",0.87955,{"date":505,"score":496,"percentile":506},"2026-01-27",0.87957,{"date":508,"score":496,"percentile":509},"2026-01-28",0.8796,{"date":511,"score":496,"percentile":512},"2026-01-29",0.87964,{"date":514,"score":496,"percentile":515},"2026-01-30",0.87968,{"date":517,"score":496,"percentile":518},"2026-01-31",0.87966,{"date":520,"score":496,"percentile":521},"2026-02-01",0.88032,[523,532],{"source":148,"cvss_v2_0":524,"cvss_v3_0":529,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":525,"baseSeverity":9,"vectorString":526,"impactScore":527,"exploitabilityScore":528},5,"AV:N/AC:L/Au:N/C:P/I:N/A:N",2.9,10,{"baseScore":146,"baseSeverity":530,"vectorString":149,"impactScore":531,"exploitabilityScore":528},"MEDIUM",2.3,{"source":155,"cvss_v2_0":9,"cvss_v3_0":533,"cvss_v3_1":9,"cvss_v4_0":534},{"baseScore":146,"baseSeverity":9,"vectorString":149,"impactScore":531,"exploitabilityScore":528},{"baseScore":535,"baseSeverity":9,"vectorString":536,"impactScore":9,"exploitabilityScore":9},6.9,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",[538,553,560,581],{"ecosystem":9,"name":539,"vendor":540,"product":541,"cpe_part":542,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":543},"ubuntu linux","canonical","ubuntu_linux","o",[544,547,549,551],{"version":545,"is_range":142,"range_type":546,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04","cpe",{"version":548,"is_range":142,"range_type":546,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":550,"is_range":142,"range_type":546,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"version":552,"is_range":142,"range_type":546,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"19.04",{"ecosystem":9,"name":554,"vendor":555,"product":556,"cpe_part":542,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":557},"debian linux","debian","debian_linux",[558],{"version":559,"is_range":142,"range_type":546,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":561,"vendor":562,"product":563,"cpe_part":564,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":565},"Django","djangoproject","django","a",[566,573,577],{"version":567,"is_range":568,"range_type":546,"version_start":569,"version_start_type":570,"version_end":571,"version_end_type":572,"fixed_in":9},"gte1.11_lt1.11.22",true,"1.11","including","1.11.22","excluding",{"version":574,"is_range":568,"range_type":546,"version_start":575,"version_start_type":570,"version_end":576,"version_end_type":572,"fixed_in":9},"gte2.1_lt2.1.10","2.1","2.1.10",{"version":578,"is_range":568,"range_type":546,"version_start":579,"version_start_type":570,"version_end":580,"version_end_type":572,"fixed_in":9},"gte2.2_lt2.2.3","2.2","2.2.3",{"ecosystem":582,"name":563,"vendor":582,"product":563,"cpe_part":9,"purl_type":583,"purl_namespace":9,"purl_name":563,"source":9,"versions":584},"PyPI","pypi",[585,588,590],{"version":586,"is_range":568,"range_type":587,"version_start":575,"version_start_type":570,"version_end":576,"version_end_type":572,"fixed_in":9},"gte2_1_lt2_1_10","ecosystem",{"version":589,"is_range":568,"range_type":587,"version_start":579,"version_start_type":570,"version_end":580,"version_end_type":572,"fixed_in":9},"gte2_2_lt2_2_3",{"version":591,"is_range":568,"range_type":587,"version_start":569,"version_start_type":570,"version_end":571,"version_end_type":572,"fixed_in":9},"gte1_11_lt1_11_22"]