[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-41164":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":19,"aliases":20,"duplicate_of":9,"upstream":24,"downstream":25,"duplicates":60,"related":61,"reserved_at":9,"published_at":67,"modified_at":68,"state":69,"summary":70,"references_raw":79,"kevs":174,"epss":175,"epss_history":178,"metrics":445,"affected":459},"CVE-2023-41164","In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-1284","Improper Validation of Specified Quantity in Input","The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.","weakness","Incomplete","Base",[],[],[21,22,23],"GHSA-7h4p-27mh-hmrw","BIT-django-2023-41164","PYSEC-2023-225",[],[26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58],{"_key":27},"SUSE-SU-2023:3533-1",{"_key":29},"SUSE-SU-2023:3580-1",{"_key":31},"OPENSUSE-SU-2024:13198-1",{"_key":33},"OPENSUSE-SU-2024:14208-1",{"_key":35},"DSA-6136-1",{"_key":37},"DLA-3558-1",{"_key":39},"DLA-4210-1",{"_key":41},"OPENSUSE-SU-2026:10005-1",{"_key":43},"UBUNTU-CVE-2023-41164",{"_key":45},"USN-6378-1",{"_key":47},"USN-6414-2",{"_key":49},"DEBIAN-CVE-2023-41164",{"_key":51},"RHSA-2023:5208",{"_key":53},"RHSA-2023:5701",{"_key":55},"RHSA-2023:5758",{"_key":57},"RHSA-2024:1878",{"_key":59},"RHSA-2024:2010",[],[62,63,64,65,66],{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":41},"2023-11-03T00:00:00.000Z","2025-11-04T17:12:37.868Z","Modified",{"cisa_kev":71,"cisa_ransomware":71,"cisa_vendor":9,"epss_severity":72,"epss_score":73,"severity":74,"severity_score":75,"severity_version":76,"severity_source":77,"severity_vector":78,"severity_status":69},false,"low",0.00406,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[80,88,93,98,104,108,112,116,121,125,129,133,137,142,146,150,154,158,162,166,170],{"url":81,"sources":82,"tags":85},"https://groups.google.com/forum/#%21forum/django-announce",[83,77,84],"cve.org","osv_pypi",[86,87],"Permissions Required","WEB",{"url":89,"sources":90,"tags":91},"https://docs.djangoproject.com/en/4.2/releases/security/",[83,77,84],[92,87],"Vendor Advisory",{"url":94,"sources":95,"tags":96},"https://www.djangoproject.com/weblog/2023/sep/04/security-releases/",[83,77,84],[92,97],"ARTICLE",{"url":99,"sources":100,"tags":101},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU/",[83,77],[92,102,103],"Mailing List","Third Party Advisory",{"url":105,"sources":106,"tags":107},"https://security.netapp.com/advisory/ntap-20231214-0002/",[83,77],[],{"url":109,"sources":110,"tags":111},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/",[83,77],[92],{"url":113,"sources":114,"tags":115},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D/",[83,77],[],{"url":117,"sources":118,"tags":119},"https://nvd.nist.gov/vuln/detail/CVE-2023-41164",[84],[120],"Advisory",{"url":122,"sources":123,"tags":124},"https://github.com/django/django/commit/6f030b1149bd8fa4ba90452e77cb3edc095ce54e",[84],[87],{"url":126,"sources":127,"tags":128},"https://github.com/django/django/commit/9c51b4dcfa0cefcb48231f4d71cafa80821f87b9",[84],[87],{"url":130,"sources":131,"tags":132},"https://github.com/django/django/commit/ba00bc5ec6a7eff5e08be438f7b5b0e9574e8ff0",[84],[87],{"url":134,"sources":135,"tags":136},"https://docs.djangoproject.com/en/4.2/releases/security",[84],[87],{"url":138,"sources":139,"tags":140},"https://github.com/django/django",[84],[141],"PACKAGE",{"url":143,"sources":144,"tags":145},"https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2023-225.yaml",[84],[87],{"url":147,"sources":148,"tags":149},"https://groups.google.com/forum/#!forum/django-announce",[84],[87],{"url":151,"sources":152,"tags":153},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU",[84],[87],{"url":155,"sources":156,"tags":157},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D",[84],[87],{"url":159,"sources":160,"tags":161},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU",[84],[87],{"url":163,"sources":164,"tags":165},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D",[84],[87],{"url":167,"sources":168,"tags":169},"https://security.netapp.com/advisory/ntap-20231214-0002",[84],[87],{"url":171,"sources":172,"tags":173},"https://www.djangoproject.com/weblog/2023/sep/04/security-releases",[84],[87],[],{"date":176,"score":73,"percentile":177},"2026-06-04",0.61397,[179,183,187,191,194,197,200,203,206,209,212,215,218,221,224,228,231,234,237,240,243,246,249,252,255,258,261,264,267,270,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,317,320,322,325,327,329,332,335,338,341,344,347,350,353,356,359,362,365,368,371,374,377,380,383,386,388,391,394,396,399,402,406,409,412,415,418,421,424,426,429,432,435,438,440,442],{"date":180,"score":181,"percentile":182},"2025-11-04",0.00332,0.55517,{"date":184,"score":185,"percentile":186},"2025-11-05",0.00555,0.67198,{"date":188,"score":189,"percentile":190},"2025-11-06",0.003,0.52826,{"date":192,"score":189,"percentile":193},"2025-11-07",0.52848,{"date":195,"score":189,"percentile":196},"2025-11-08",0.5285,{"date":198,"score":189,"percentile":199},"2025-11-09",0.52849,{"date":201,"score":189,"percentile":202},"2025-11-10",0.52819,{"date":204,"score":189,"percentile":205},"2025-11-11",0.52832,{"date":207,"score":189,"percentile":208},"2025-11-12",0.52858,{"date":210,"score":189,"percentile":211},"2025-11-13",0.52863,{"date":213,"score":189,"percentile":214},"2025-11-14",0.52864,{"date":216,"score":189,"percentile":217},"2025-11-15",0.5286,{"date":219,"score":189,"percentile":220},"2025-11-16",0.52841,{"date":222,"score":189,"percentile":223},"2025-11-17",0.52823,{"date":225,"score":226,"percentile":227},"2025-11-18",0.01557,0.79895,{"date":229,"score":226,"percentile":230},"2025-11-19",0.799,{"date":232,"score":226,"percentile":233},"2025-11-20",0.79906,{"date":235,"score":73,"percentile":236},"2025-11-21",0.60354,{"date":238,"score":73,"percentile":239},"2025-11-22",0.60355,{"date":241,"score":73,"percentile":242},"2025-11-23",0.60337,{"date":244,"score":73,"percentile":245},"2025-11-24",0.60334,{"date":247,"score":73,"percentile":248},"2025-11-25",0.60339,{"date":250,"score":73,"percentile":251},"2025-11-26",0.6034,{"date":253,"score":73,"percentile":254},"2025-11-27",0.60345,{"date":256,"score":73,"percentile":257},"2025-11-28",0.60322,{"date":259,"score":73,"percentile":260},"2025-11-29",0.60297,{"date":262,"score":73,"percentile":263},"2025-11-30",0.60288,{"date":265,"score":73,"percentile":266},"2025-12-01",0.60438,{"date":268,"score":73,"percentile":269},"2025-12-02",0.60446,{"date":271,"score":73,"percentile":272},"2025-12-03",0.6045,{"date":274,"score":73,"percentile":275},"2025-12-04",0.60283,{"date":277,"score":73,"percentile":278},"2025-12-05",0.6029,{"date":280,"score":73,"percentile":281},"2025-12-06",0.6028,{"date":283,"score":73,"percentile":284},"2025-12-07",0.60274,{"date":286,"score":73,"percentile":287},"2025-12-08",0.60277,{"date":289,"score":73,"percentile":290},"2025-12-09",0.60313,{"date":292,"score":73,"percentile":293},"2025-12-10",0.60359,{"date":295,"score":73,"percentile":296},"2025-12-11",0.60379,{"date":298,"score":73,"percentile":299},"2025-12-12",0.60397,{"date":301,"score":73,"percentile":302},"2025-12-13",0.60398,{"date":304,"score":73,"percentile":305},"2025-12-14",0.60395,{"date":307,"score":73,"percentile":308},"2025-12-15",0.60368,{"date":310,"score":73,"percentile":311},"2025-12-16",0.60391,{"date":313,"score":73,"percentile":314},"2025-12-17",0.60407,{"date":316,"score":73,"percentile":272},"2025-12-18",{"date":318,"score":73,"percentile":319},"2025-12-19",0.60459,{"date":321,"score":73,"percentile":319},"2025-12-20",{"date":323,"score":73,"percentile":324},"2025-12-21",0.60444,{"date":326,"score":73,"percentile":266},"2025-12-22",{"date":328,"score":73,"percentile":272},"2025-12-23",{"date":330,"score":73,"percentile":331},"2025-12-24",0.60462,{"date":333,"score":73,"percentile":334},"2025-12-25",0.60494,{"date":336,"score":73,"percentile":337},"2025-12-26",0.6049,{"date":339,"score":73,"percentile":340},"2025-12-27",0.60544,{"date":342,"score":73,"percentile":343},"2025-12-28",0.60466,{"date":345,"score":73,"percentile":346},"2025-12-29",0.6046,{"date":348,"score":73,"percentile":349},"2025-12-30",0.60473,{"date":351,"score":73,"percentile":352},"2025-12-31",0.60495,{"date":354,"score":73,"percentile":355},"2026-01-01",0.60679,{"date":357,"score":73,"percentile":358},"2026-01-02",0.60665,{"date":360,"score":73,"percentile":361},"2026-01-03",0.60664,{"date":363,"score":73,"percentile":364},"2026-01-04",0.60491,{"date":366,"score":73,"percentile":367},"2026-01-05",0.60477,{"date":369,"score":73,"percentile":370},"2026-01-06",0.60487,{"date":372,"score":73,"percentile":373},"2026-01-07",0.60512,{"date":375,"score":73,"percentile":376},"2026-01-08",0.60538,{"date":378,"score":73,"percentile":379},"2026-01-09",0.6054,{"date":381,"score":73,"percentile":382},"2026-01-10",0.60534,{"date":384,"score":73,"percentile":385},"2026-01-11",0.60518,{"date":387,"score":73,"percentile":334},"2026-01-12",{"date":389,"score":73,"percentile":390},"2026-01-13",0.60458,{"date":392,"score":73,"percentile":393},"2026-01-14",0.60497,{"date":395,"score":73,"percentile":393},"2026-01-15",{"date":397,"score":73,"percentile":398},"2026-01-16",0.60519,{"date":400,"score":73,"percentile":401},"2026-01-17",0.60513,{"date":403,"score":404,"percentile":405},"2026-01-18",0.00417,0.61241,{"date":407,"score":404,"percentile":408},"2026-01-19",0.61212,{"date":410,"score":404,"percentile":411},"2026-01-20",0.61227,{"date":413,"score":404,"percentile":414},"2026-01-21",0.61233,{"date":416,"score":404,"percentile":417},"2026-01-22",0.61236,{"date":419,"score":404,"percentile":420},"2026-01-23",0.61272,{"date":422,"score":404,"percentile":423},"2026-01-24",0.61279,{"date":425,"score":404,"percentile":405},"2026-01-25",{"date":427,"score":73,"percentile":428},"2026-01-26",0.60516,{"date":430,"score":73,"percentile":431},"2026-01-27",0.6052,{"date":433,"score":73,"percentile":434},"2026-01-28",0.60532,{"date":436,"score":73,"percentile":437},"2026-01-29",0.60536,{"date":439,"score":73,"percentile":376},"2026-01-30",{"date":441,"score":73,"percentile":340},"2026-01-31",{"date":443,"score":73,"percentile":444},"2026-02-01",0.60674,[446,451],{"source":77,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":447,"cvss_v4_0":9},{"baseScore":75,"baseSeverity":448,"vectorString":78,"impactScore":449,"exploitabilityScore":450},"HIGH",6,10,{"source":84,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":452,"cvss_v4_0":456},{"baseScore":453,"baseSeverity":9,"vectorString":454,"impactScore":455,"exploitabilityScore":450},5.3,"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",2.3,{"baseScore":457,"baseSeverity":9,"vectorString":458,"impactScore":9,"exploitabilityScore":9},6.9,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",[460,482,489],{"ecosystem":9,"name":461,"vendor":462,"product":463,"cpe_part":464,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":465},"Django","djangoproject","django","a",[466,474,478],{"version":467,"is_range":468,"range_type":469,"version_start":470,"version_start_type":471,"version_end":472,"version_end_type":473,"fixed_in":9},"gte3.2_lt3.2.21",true,"cpe","3.2","including","3.2.21","excluding",{"version":475,"is_range":468,"range_type":469,"version_start":476,"version_start_type":471,"version_end":477,"version_end_type":473,"fixed_in":9},"gte4.1_lt4.1.11","4.1","4.1.11",{"version":479,"is_range":468,"range_type":469,"version_start":480,"version_start_type":471,"version_end":481,"version_end_type":473,"fixed_in":9},"gte4.2_lt4.2.5","4.2","4.2.5",{"ecosystem":9,"name":483,"vendor":484,"product":483,"cpe_part":485,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":486},"fedora","fedoraproject","o",[487],{"version":488,"is_range":71,"range_type":469,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"39",{"ecosystem":490,"name":463,"vendor":490,"product":463,"cpe_part":9,"purl_type":491,"purl_namespace":9,"purl_name":463,"source":9,"versions":492},"PyPI","pypi",[493,496,498],{"version":494,"is_range":468,"range_type":495,"version_start":470,"version_start_type":471,"version_end":472,"version_end_type":473,"fixed_in":9},"gte3_2_lt3_2_21","ecosystem",{"version":497,"is_range":468,"range_type":495,"version_start":476,"version_start_type":471,"version_end":477,"version_end_type":473,"fixed_in":9},"gte4_1_lt4_1_11",{"version":499,"is_range":468,"range_type":495,"version_start":480,"version_start_type":471,"version_end":481,"version_end_type":473,"fixed_in":9},"gte4_2_lt4_2_5"]