coop (>=0.3.1 <=2.10.2), django-oscar-wagtail (=0.0.5) +36 more potentially affected by CVE-2021-32681 via wagtail (>=1.0.0 <=2.10.2)

wagtail PYPI version =1.0.0, =0.3.1, =0.1.1, =5.22.3, =6.3.0, =0.0.1, =0.1.0, =2.0.7, =0.3.1, =0.5.4, =0.4.1, =1.1.1 and more Source cves: CVE-2021-32681 Source advisory: OSV:GHSA-XFRW-HXR5-GHQF...

coop (>=0.3.1 <=2.10.2), django-oscar-wagtail (=0.0.5) +36 more potentially affected by CVE-2021-29434 via wagtail (>=1.0.0 <=2.10.2)

wagtail PYPI version =1.0.0, =0.3.1, =0.1.1, =5.22.3, =6.3.0, =0.0.1, =0.1.0, =2.0.7, =0.3.1, =0.5.4, =0.4.1, =1.1.1 and more Source cves: CVE-2021-29434 Source advisory: OSV:GHSA-WQ5H-F9P5-Q7FX...

aimmo (>=0.57.1 <=1.3.1b671), cfl-common (>=4.3.0 <=5.26.7) +100 more potentially affected by CVE-2020-11037 via wagtail (>=1.0.0 <=2.6.3)

wagtail PYPI version =1.0.0, =0.57.1, =4.3.0, =2.28.0, =0.5.0, =0.3.1, =0.1.29, =0.2.0, =2.0.3, =0.1.1, =0.2.9, =5.22.3, =0.0.1, =10.1.21 and more Source cves: CVE-2020-11037 Source advisory: OSV:GHSA-JJJR-3JCW-F8V6...

Insecure Randomness

django-oscar is contains a insecure randomness vulnerability. The vulnerability exists as the verificationhash method in the AbstractOrder model uses the MD5 hashing algorithm in an insecure way which allows attackers to perform a brute force attack to recover the site-wide secret key...