Security update for python-djangorestframework, python-Django (moderate)

openSUSE Security Update: Security update for python-djangorestframework, python-Django Announcement ID: openSUSE-SU-2026:0138-1 Rating: moderate References: 1227077 1259142 1261722 1261731 1261732 PED-8919 Cross-References: CVE-2024-21520 CVE-2026-25674 CVE-2026-33033 CVE-2026-4277 CVE-2026-4292...

openSUSE 16 Security Update : python-Django (openSUSE-SU-2026:20373-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20373-1 advisory. Changes in python-Django: - CVE-2026-25674: Fixed race condition which can lead to potential incorrect permissions on newly created file system objects...

OPENSUSE-SU-2026:20373-1 Security update for python-Django

This update for python-Django fixes the following issues: Changes in python-Django: - CVE-2026-25674: Fixed race condition which can lead to potential incorrect permissions on newly created file system objects bsc1259142...

PT-2026-25674

A vulnerability was identified in ThingsGateway 12. This affects an unknown part of the file /api/file/download. The manipulation of the argument fileName leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The vendor was...

openSUSE Security Advisory (SUSE-SU-2026:0821-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-25674 vulnerabilities

Vulnerabilities for packages: awx, authentik-fips, label-studio...

OESA-2026-1509 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker ...

OESA-2026-1506 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker ...

Updated python-django packages fix security vulnerability

Potential incorrect permissions on newly created file system objects. CVE-2026-25674...

MGASA-2026-0050 Updated python-django packages fix security vulnerability

Potential incorrect permissions on newly created file system objects. CVE-2026-25674...

Mageia: Security Advisory (MGASA-2026-0050)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : python-Django (SUSE-SU-2026:0821-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0821-1 advisory. This update for python-Django fixes the following issue: - CVE-2026-25674: race condition can lead to potential incorrect permissions on...

python311-Django-5.2.12-1.1 on GA media (moderate)

python311-Django-5.2.12-1.1 on GA media Announcement ID: openSUSE-SU-2026:10292-1 Rating: moderate Cross-References: CVE-2026-25674 CVSS scores: CVE-2026-25674 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-25674 SUSE : 6.3...

SUSE-SU-2026:0821-1 Security update for python-Django

This update for python-Django fixes the following issue: - CVE-2026-25674: race condition can lead to potential incorrect permissions on newly created file system objects bsc1259142...

Linux Distros Unpatched Vulnerability : CVE-2026-25674

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in...

python313-Django6-6.0.3-1.1 on GA media (moderate)

python313-Django6-6.0.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10283-1 Rating: moderate Cross-References: CVE-2026-25674 CVSS scores: CVE-2026-25674 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-25674 SUSE : 6.3...

python311-Django4-4.2.29-1.1 on GA media (moderate)

python311-Django4-4.2.29-1.1 on GA media Announcement ID: openSUSE-SU-2026:10282-1 Rating: moderate Cross-References: CVE-2026-25674 CVSS scores: CVE-2026-25674 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-25674 SUSE : 6.3...

Python Library Django 4.2.x < 4.2.29 / 5.2.x < 5.2.12 / 6.0.x < 6.0.3 Race Condition

The detected version of the Django Python package, is 4.2.x prior to 4.2.29, 5.2.x prior to 5.2.12, or 6.0.x prior to 6.0.3. It is, therefore, affected by a race condition vulnerability as referenced by security release advisory: - An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, a...

CVE-2026-25674

A flaw was found in Django. A race condition in the file-system storage and file-based cache backends allows an attacker to create file system objects with incorrect permissions. This vulnerability arises from concurrent requests in multi-threaded environments, where a temporary umask change in o...

cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.16) +27 more potentially affected by CVE-2026-25674 via django (>=5.2.0 <=5.2.11)

django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =5.2.0, =5.2.1 - djbackup =2.1.0 and more Source cves: CVE-2026-25674 Source advisory: SNYK:PYTHON-DJANGO-15371388...