17 matches found
CVE-2026-48587
CVE-2026-48587 affects Django 5.2 before 5.2.15 and 6.0 before 6.0.6. The flaw in django.utils.cache.has_vary_header() does not strip leading/trailing whitespace from the Vary header before comparison, enabling remote attackers to read cached responses by requesting URLs whose responses contain w...
CVE-2026-35193
Technical details about CVE-2026-35193 are not publicly available in the provided documents. Monitor for official updates from Django security advisories.
arthexis (>=0.2.6 <=0.8.0), cg-django-uaa (=2.1.9) +29 more potentially affected by CVE-2026-6907 via django (>=5.2.0 <=5.2.13)
django PYPI version =5.2.0, =0.2.6, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-6907 Source advisory: OSV:GHSA-5HRC-GVXJ-W55P...
arthexis (>=0.2.6 <=0.8.0), cg-django-uaa (=2.1.9) +29 more potentially affected by CVE-2026-5766 via django (>=5.2.0 <=5.2.13)
django PYPI version =5.2.0, =0.2.6, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-5766 Source advisory: SNYK:PYTHON-DJANGO-16425762...
arches (=8.0.0a1), django-accounts-api (=1.2.5) +26 more potentially affected by CVE-2026-25673 via django (>=6.0.0 <=6.0.2)
django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.1.0, =6.0.0, =6.0.0rc1 and more Source cves: CVE-2026-25673 Source advisory: OSV:GHSA-8P8V-WH79-9R56...
aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2026-1285 via django (>=4.2.0 <=4.2.27)
django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2026-1285 Source advisory: OSV:PYSEC-2026-45...
aa-altcorp (>=0.1.2b0 <=1.1.1), aa-alumni (>=0.0.1a1 <=1.0.1) +1463 more potentially affected by CVE-2025-59682 via django (>=5.2.0 <=5.2.6)
django PYPI version =5.2.0, =0.1.2b0, =0.0.1a1, =0.1.1, =3.1.0b1, =1.0.3, =0.0.1a2, =0.1.0, =0.2.0, =1.0.0, =1.1.0b3, =0.1.0b1, =0.1.0, =1.1.0 and more Source cves: CVE-2025-59682 Source advisory: SNYK:PYTHON-DJANGO-13179425...
aldryn-django (=4.2.10.0), am-report (=0.1.5) +81 more potentially affected by CVE-2024-41990 via django (>=4.2.0 <=4.2.14)
django PYPI version =4.2.0, =7.5.1, =0.0.1, =0.4.0, =5.2.0, =0.5.1, =0.12.2, =3.1.0, =7.2.2, =39.1.0, =39.1.4 and more Source cves: CVE-2024-41990 Source advisory: OSV:GHSA-795C-9XPC-XW6G...
aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +255 more potentially affected by CVE-2023-36053 via django (>=4.0.0 <=4.1.1)
django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =3.1.1, =3.6.4, =0.10.0, =1.1.2, =0.6.3, =0.9.3 and more Source cves: CVE-2023-36053 Source advisory: OSV:GHSA-JH3W-4VVF-MJGR...
adede (=4.1.0), alastria-auth (>=0.0.3 <=0.0.17) +231 more potentially affected by CVE-2023-23969 via django (>=4.1.0 <=4.1.5)
django PYPI version =4.1.0, =0.0.3, =4.1.12.0, =0.6.3, =1.0.0, =0.1.1, =1.10.0, =4.14.0, =0.0.3, =4.1.0, =38.0.0, =55.0.0 - channels-postgres =0.0.5 and more Source cves: CVE-2023-23969 Source advisory: OSV:GHSA-Q2JF-H9JM-M7P4...
aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +219 more potentially affected by CVE-2022-28346 via django (>=4.0.0 <=4.0.3)
django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =3.1.1, =3.6.4, =0.10.0, =1.1.2, =0.2.0, =0.6.1, =0.6.10 and more Source cves: CVE-2022-28346 Source advisory: OSV:PYSEC-2022-190...
aimmo (>=0.61.9 <=1.4.6b776), ambition-edc (>=0.3.68 <=0.3.72) +72 more potentially affected by CVE-2022-22818 via django (>=2.2.0 <=2.2.26)
django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2022-22818 Source advisory: OSV:GHSA-95RW-FX8R-36V6...
UBUNTU-CVE-2021-45116
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a...
ariadne-jwt (>=0.1.0 <=0.1.3), balder (=0.1.24) +36 more potentially affected by CVE-2021-32052 via django (>=3.1.0 <=3.1.1)
django PYPI version =3.1.0, =0.1.0, =0.0.32, =0.0.38, =20.13.1, =0.1.0, =0.10.0, =0.9.0, =0.4.0, =0.12.0, =0.15.3 and more Source cves: CVE-2021-32052 Source advisory: OSV:GHSA-QM57-VHQ3-3FWF...
a3m (=0.1.0), aa-fleet (>=1.0.0 <=1.1.0) +670 more potentially affected by CVE-2019-19118 via django (>=2.2.0 <=2.2.7)
django PYPI version =2.2.0, =1.0.0, =1.1.12, =0.1.0a0, =0.1.0a0, =1.2.0a1, =2.0.0, =0.1.0, =1.1.0, =1.4.1, =1.6.0 - aiida-crystal17 =0.11.0 and more Source cves: CVE-2019-19118 Source advisory: OSV:GHSA-HVMF-R92R-27HR...
cklauth (>=0.1.0 <=0.3.0), dj-saml-idp (>=1.1.0 <=1.2.1) +18 more potentially affected by CVE-2019-3498 via django (>=2.0.0 <=2.0.1)
django PYPI version =2.0.0, =0.1.0, =1.1.0, =4.3.1, =1.2.7, =0.1.0, =1.7.0, =0.0.3, =0.0.20, =0.1.0 - djangotheming =0.1.0 - fastaudiovisal =0.0.1 - fastaudiovisual =0.0.1 and more Source cves: CVE-2019-3498 Source advisory: OSV:PYSEC-2019-17...
django-admin-caching (>=0.1.0 <=0.1.2), django-automated-logging (=0.0.1a0) +12 more potentially affected by CVE-2017-12794 via django (>=1.10.0 <=1.10.6)
django PYPI version =1.10.0, =0.1.0, =2.0.0, =0.1.0, =0.3.1, =0.9.0, =0.6.0, =0.2.5, =0.8.0, =0.8.3 Source cves: CVE-2017-12794 Source advisory: OSV:PYSEC-2017-44...