Can you get in touch with the guys at OWASP Dependency Check? It's one of their more mature projects, and it essentially does a lot of what you described and then some, including for Python projects.
Most CVEs have a pretty good descriptions. For example CVE-2016-6186[1]:
Cross-site scripting (XSS) vulnerability in the dismissChangeRelatedObjectPopup function in contrib/admin/static/admin/js/admin/RelatedObjectLookups.js in Django before 1.8.14, 1.9.x before 1.9.8, and 1.10.x before 1.10rc1 allows remote attackers to inject arbitrary web script or HTML via vectors involving unsafe usage of Element.innerHTML.
It doesn't seem to be loading all the data when you browse the "human" site. Stops at ftw.mail (if there's a way to go on to the next page, it isn't obvious)
This is awesome. What a great service! Just curious, what stack did you use for the human browsable site and database? I am looking for a quick data reporting stack like this that is hopefully easy to set up in Python. Any advice?
It's a bit dirty, but was the right tool for the job. If you are working on a larger project, I'd probably use some template language like mustache to render the elements.
Really cool stuff. I love it! Thank you for making this.
A side note anyone using Django should keep up to date. If you see the list of versions and the related packages which have known vulnerabilities you will realize keeping up to date is critical.
https://www.owasp.org/index.php/OWASP_Dependency_Check
I can make a connection between you and Jeremy Long (head of the project) if you'd like. He's also on twitter as @ctxt