[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-36053":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":25,"duplicate_of":9,"upstream":29,"downstream":30,"duplicates":77,"related":78,"reserved_at":9,"published_at":90,"modified_at":91,"state":92,"summary":93,"references_raw":102,"kevs":214,"epss":215,"epss_history":218,"metrics":475,"affected":488},"CVE-2023-36053","In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-1333","Inefficient Regular Expression Complexity","The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.","weakness","Draft","Base","High",[20],{"id":21,"name":22,"techniques":23},"CAPEC-492","Regular Expression Exponential Blowup",[],[],[26,27,28],"GHSA-jh3w-4vvf-mjgr","BIT-django-2023-36053","PYSEC-2023-100",[],[31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75],{"_key":32},"SUSE-SU-2023:3167-1",{"_key":34},"SUSE-SU-2023:3202-1",{"_key":36},"SUSE-SU-2023:2839-1",{"_key":38},"OPENSUSE-SU-2023:0174-1",{"_key":40},"OPENSUSE-SU-2023:0176-1",{"_key":42},"OPENSUSE-SU-2023:0177-1",{"_key":44},"OPENSUSE-SU-2023:0178-1",{"_key":46},"OPENSUSE-SU-2024:13044-1",{"_key":48},"OPENSUSE-SU-2024:14208-1",{"_key":50},"DLA-3500-1",{"_key":52},"DSA-5465-1",{"_key":54},"OPENSUSE-SU-2026:10005-1",{"_key":56},"UBUNTU-CVE-2023-36053",{"_key":58},"MGASA-2023-0330",{"_key":60},"USN-6203-1",{"_key":62},"USN-6203-2",{"_key":64},"DEBIAN-CVE-2023-36053",{"_key":66},"RHSA-2023:4692",{"_key":68},"RHSA-2023:4693",{"_key":70},"RHSA-2024:0212",{"_key":72},"RHSA-2024:1878",{"_key":74},"RHSA-2023:5931",{"_key":76},"RHSA-2023:6818",[],[79,80,81,82,83,84,85,86,87,88,89],{"_key":32},{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":46},{"_key":48},{"_key":54},{"_key":58},"2023-07-03T00:00:00.000Z","2025-11-04T17:12:33.751Z","Modified",{"cisa_kev":94,"cisa_ransomware":94,"cisa_vendor":9,"epss_severity":95,"epss_score":96,"severity":97,"severity_score":98,"severity_version":99,"severity_source":100,"severity_vector":101,"severity_status":92},false,"low",0.08919,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[103,111,116,123,128,133,137,141,145,149,153,157,161,165,169,173,177,181,185,189,193,197,201,205,210],{"url":104,"sources":105,"tags":108},"https://groups.google.com/forum/#%21forum/django-announce",[100,106,107],"nvd","osv_pypi",[109,110],"Permissions Required","WEB",{"url":112,"sources":113,"tags":114},"https://docs.djangoproject.com/en/4.2/releases/security/",[100,106,107],[115,110],"Release Notes",{"url":117,"sources":118,"tags":119},"https://www.djangoproject.com/weblog/2023/jul/03/security-releases/",[100,106,107],[120,121,122],"Patch","Vendor Advisory","Advisory",{"url":124,"sources":125,"tags":126},"https://lists.debian.org/debian-lts-announce/2023/07/msg00022.html",[100,106,107],[127,110],"Mailing List",{"url":129,"sources":130,"tags":131},"https://www.debian.org/security/2023/dsa-5465",[100,106,107],[121,132,110],"Third Party Advisory",{"url":134,"sources":135,"tags":136},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS/",[100,106],[121,127,132],{"url":138,"sources":139,"tags":140},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A/",[100,106],[121,127,132],{"url":142,"sources":143,"tags":144},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/",[100,106],[121],{"url":146,"sources":147,"tags":148},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/",[100,106],[],{"url":150,"sources":151,"tags":152},"https://nvd.nist.gov/vuln/detail/CVE-2023-36053",[107],[122],{"url":154,"sources":155,"tags":156},"https://github.com/django/django/commit/454f2fb93437f98917283336201b4048293f7582",[107],[110],{"url":158,"sources":159,"tags":160},"https://github.com/django/django/commit/ad0410ec4f458aa39803e5f6b9a3736527062dcd",[107],[110],{"url":162,"sources":163,"tags":164},"https://github.com/django/django/commit/b7c5feb35a31799de6e582ad6a5a91a9de74e0f9",[107],[110],{"url":166,"sources":167,"tags":168},"https://github.com/django/django/commit/beb3f3d55940d9aa7198bf9d424ab74e873aec3d",[107],[110],{"url":170,"sources":171,"tags":172},"https://www.djangoproject.com/weblog/2023/jul/03/security-releases",[107],[110],{"url":174,"sources":175,"tags":176},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D",[107],[110],{"url":178,"sources":179,"tags":180},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS",[107],[110],{"url":182,"sources":183,"tags":184},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A",[107],[110],{"url":186,"sources":187,"tags":188},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D",[107],[110],{"url":190,"sources":191,"tags":192},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS",[107],[110],{"url":194,"sources":195,"tags":196},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A",[107],[110],{"url":198,"sources":199,"tags":200},"https://groups.google.com/forum/#!forum/django-announce",[107],[110],{"url":202,"sources":203,"tags":204},"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-100.yaml",[107],[110],{"url":206,"sources":207,"tags":208},"https://github.com/django/django",[107],[209],"PACKAGE",{"url":211,"sources":212,"tags":213},"https://docs.djangoproject.com/en/4.2/releases/security",[107],[110],[],{"date":216,"score":96,"percentile":217},"2026-06-04",0.92729,[219,223,227,229,232,235,238,240,242,245,248,251,254,256,259,263,266,269,272,275,278,281,284,286,289,292,295,298,302,305,307,310,313,316,318,321,324,327,330,333,335,338,340,343,346,349,352,355,358,361,363,366,369,371,375,378,381,383,386,390,393,395,398,401,403,405,408,411,413,416,418,421,424,426,429,432,436,438,441,444,447,450,453,456,459,462,465,467,470,472],{"date":220,"score":221,"percentile":222},"2025-11-04",0.04803,0.88985,{"date":224,"score":225,"percentile":226},"2025-11-05",0.09595,0.92516,{"date":228,"score":225,"percentile":226},"2025-11-06",{"date":230,"score":225,"percentile":231},"2025-11-07",0.9252,{"date":233,"score":225,"percentile":234},"2025-11-08",0.92517,{"date":236,"score":225,"percentile":237},"2025-11-09",0.92515,{"date":239,"score":225,"percentile":237},"2025-11-10",{"date":241,"score":225,"percentile":231},"2025-11-11",{"date":243,"score":225,"percentile":244},"2025-11-12",0.92526,{"date":246,"score":225,"percentile":247},"2025-11-13",0.9253,{"date":249,"score":225,"percentile":250},"2025-11-14",0.92533,{"date":252,"score":225,"percentile":253},"2025-11-15",0.92527,{"date":255,"score":225,"percentile":250},"2025-11-16",{"date":257,"score":225,"percentile":258},"2025-11-17",0.92529,{"date":260,"score":261,"percentile":262},"2025-11-18",0.51663,0.97776,{"date":264,"score":261,"percentile":265},"2025-11-19",0.97777,{"date":267,"score":261,"percentile":268},"2025-11-20",0.97783,{"date":270,"score":225,"percentile":271},"2025-11-21",0.92546,{"date":273,"score":225,"percentile":274},"2025-11-22",0.92544,{"date":276,"score":225,"percentile":277},"2025-11-23",0.9255,{"date":279,"score":225,"percentile":280},"2025-11-24",0.92551,{"date":282,"score":225,"percentile":283},"2025-11-25",0.92553,{"date":285,"score":225,"percentile":280},"2025-11-26",{"date":287,"score":225,"percentile":288},"2025-11-27",0.92548,{"date":290,"score":225,"percentile":291},"2025-11-28",0.92541,{"date":293,"score":225,"percentile":294},"2025-11-29",0.92557,{"date":296,"score":225,"percentile":297},"2025-11-30",0.92555,{"date":299,"score":300,"percentile":301},"2025-12-01",0.06951,0.9111,{"date":303,"score":300,"percentile":304},"2025-12-02",0.91107,{"date":306,"score":300,"percentile":304},"2025-12-03",{"date":308,"score":225,"percentile":309},"2025-12-04",0.92564,{"date":311,"score":225,"percentile":312},"2025-12-05",0.92568,{"date":314,"score":225,"percentile":315},"2025-12-06",0.92572,{"date":317,"score":225,"percentile":312},"2025-12-07",{"date":319,"score":225,"percentile":320},"2025-12-08",0.92573,{"date":322,"score":225,"percentile":323},"2025-12-09",0.92575,{"date":325,"score":225,"percentile":326},"2025-12-10",0.92584,{"date":328,"score":225,"percentile":329},"2025-12-11",0.92588,{"date":331,"score":225,"percentile":332},"2025-12-12",0.92591,{"date":334,"score":225,"percentile":326},"2025-12-13",{"date":336,"score":225,"percentile":337},"2025-12-14",0.92582,{"date":339,"score":225,"percentile":326},"2025-12-15",{"date":341,"score":225,"percentile":342},"2025-12-16",0.92592,{"date":344,"score":225,"percentile":345},"2025-12-17",0.92597,{"date":347,"score":225,"percentile":348},"2025-12-18",0.92601,{"date":350,"score":225,"percentile":351},"2025-12-19",0.92602,{"date":353,"score":225,"percentile":354},"2025-12-20",0.92599,{"date":356,"score":225,"percentile":357},"2025-12-21",0.926,{"date":359,"score":225,"percentile":360},"2025-12-22",0.92595,{"date":362,"score":225,"percentile":357},"2025-12-23",{"date":364,"score":96,"percentile":365},"2025-12-24",0.923,{"date":367,"score":96,"percentile":368},"2025-12-25",0.92305,{"date":370,"score":96,"percentile":368},"2025-12-26",{"date":372,"score":373,"percentile":374},"2025-12-27",0.07638,0.91605,{"date":376,"score":96,"percentile":377},"2025-12-28",0.92301,{"date":379,"score":96,"percentile":380},"2025-12-29",0.92298,{"date":382,"score":96,"percentile":377},"2025-12-30",{"date":384,"score":96,"percentile":385},"2025-12-31",0.92309,{"date":387,"score":388,"percentile":389},"2026-01-01",0.06444,0.90812,{"date":391,"score":388,"percentile":392},"2026-01-02",0.90805,{"date":394,"score":388,"percentile":392},"2026-01-03",{"date":396,"score":96,"percentile":397},"2026-01-04",0.92315,{"date":399,"score":96,"percentile":400},"2026-01-05",0.92313,{"date":402,"score":96,"percentile":397},"2026-01-06",{"date":404,"score":96,"percentile":397},"2026-01-07",{"date":406,"score":96,"percentile":407},"2026-01-08",0.92319,{"date":409,"score":96,"percentile":410},"2026-01-09",0.92322,{"date":412,"score":96,"percentile":410},"2026-01-10",{"date":414,"score":96,"percentile":415},"2026-01-11",0.92318,{"date":417,"score":96,"percentile":415},"2026-01-12",{"date":419,"score":96,"percentile":420},"2026-01-13",0.92317,{"date":422,"score":96,"percentile":423},"2026-01-14",0.92328,{"date":425,"score":96,"percentile":423},"2026-01-15",{"date":427,"score":96,"percentile":428},"2026-01-16",0.9233,{"date":430,"score":96,"percentile":431},"2026-01-17",0.92331,{"date":433,"score":434,"percentile":435},"2026-01-18",0.0914,0.92427,{"date":437,"score":434,"percentile":435},"2026-01-19",{"date":439,"score":434,"percentile":440},"2026-01-20",0.92429,{"date":442,"score":434,"percentile":443},"2026-01-21",0.92434,{"date":445,"score":434,"percentile":446},"2026-01-22",0.92436,{"date":448,"score":434,"percentile":449},"2026-01-23",0.92442,{"date":451,"score":434,"percentile":452},"2026-01-24",0.9245,{"date":454,"score":434,"percentile":455},"2026-01-25",0.92453,{"date":457,"score":96,"percentile":458},"2026-01-26",0.92356,{"date":460,"score":96,"percentile":461},"2026-01-27",0.92358,{"date":463,"score":96,"percentile":464},"2026-01-28",0.92361,{"date":466,"score":96,"percentile":464},"2026-01-29",{"date":468,"score":96,"percentile":469},"2026-01-30",0.9236,{"date":471,"score":96,"percentile":469},"2026-01-31",{"date":473,"score":388,"percentile":474},"2026-02-01",0.90866,[476,481,483],{"source":100,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":477,"cvss_v4_0":9},{"baseScore":98,"baseSeverity":478,"vectorString":101,"impactScore":479,"exploitabilityScore":480},"HIGH",6,10,{"source":106,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":482,"cvss_v4_0":9},{"baseScore":98,"baseSeverity":478,"vectorString":101,"impactScore":479,"exploitabilityScore":480},{"source":107,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":484,"cvss_v4_0":485},{"baseScore":98,"baseSeverity":9,"vectorString":101,"impactScore":479,"exploitabilityScore":480},{"baseScore":486,"baseSeverity":9,"vectorString":487,"impactScore":9,"exploitabilityScore":9},8.7,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",[489,502,523,531],{"ecosystem":9,"name":490,"vendor":491,"product":492,"cpe_part":493,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":494},"debian linux","debian","debian_linux","o",[495,498,500],{"version":496,"is_range":94,"range_type":497,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"version":499,"is_range":94,"range_type":497,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"version":501,"is_range":94,"range_type":497,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.0",{"ecosystem":9,"name":503,"vendor":504,"product":505,"cpe_part":506,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":507},"Django","djangoproject","django","a",[508,515,519],{"version":509,"is_range":510,"range_type":497,"version_start":511,"version_start_type":512,"version_end":513,"version_end_type":514,"fixed_in":9},"gte3.2_lt3.2.20",true,"3.2","including","3.2.20","excluding",{"version":516,"is_range":510,"range_type":497,"version_start":517,"version_start_type":512,"version_end":518,"version_end_type":514,"fixed_in":9},"gte4.0_lt4.1.10","4.0","4.1.10",{"version":520,"is_range":510,"range_type":497,"version_start":521,"version_start_type":512,"version_end":522,"version_end_type":514,"fixed_in":9},"gte4.2_lt4.2.3","4.2","4.2.3",{"ecosystem":9,"name":524,"vendor":525,"product":524,"cpe_part":493,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":526},"fedora","fedoraproject",[527,529],{"version":528,"is_range":94,"range_type":497,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"37",{"version":530,"is_range":94,"range_type":497,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38",{"ecosystem":532,"name":505,"vendor":532,"product":505,"cpe_part":9,"purl_type":533,"purl_namespace":9,"purl_name":505,"source":9,"versions":534},"PyPI","pypi",[535,539,542,545],{"version":536,"is_range":510,"range_type":537,"version_start":538,"version_start_type":512,"version_end":513,"version_end_type":514,"fixed_in":9},"gte3_2a1_lt3_2_20","ecosystem","3.2a1",{"version":540,"is_range":510,"range_type":537,"version_start":541,"version_start_type":512,"version_end":518,"version_end_type":514,"fixed_in":9},"gte4_0a1_lt4_1_10","4.0a1",{"version":543,"is_range":510,"range_type":537,"version_start":544,"version_start_type":512,"version_end":522,"version_end_type":514,"fixed_in":9},"gte4_2a1_lt4_2_3","4.2a1",{"version":546,"is_range":510,"range_type":537,"version_start":511,"version_start_type":512,"version_end":513,"version_end_type":514,"fixed_in":9},"gte3_2_lt3_2_20"]