Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

Circl
Circladded 2025/07/18 1:11 p.m.2 views

CVE-2021-32052

creationtimestamp| type| source ---|---|--- 2025-07-18 13:11:47+00:00| seen| Telegram/e1o90iHJT-k2JGh5790ahxiLQIt4T9bVzKO5ZsUBjDuYtSU...

6.1CVSS4.8AI score0.03172EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2025/03/13 11:21 p.m.12 views

Security Bulletin: IBM DataStage on Cloud Pak for Data is vulnerable to HTTP header injection due to the Django package (CVE-2021-32052)

Summary Django is used by IBM DataStage on Cloud Pak for Data as part of server processing. Vulnerability Details CVEID:CVE-2021-32052 DESCRIPTION: Django is vulnerable to HTTP header injection, caused by improper validation of input in URLValidator. By persuading a victim to visit a...

6.1CVSS6.3AI score0.03172EPSS
Exploits0Affected Software1
OpenVAS
OpenVASadded 2022/04/12 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-5373-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.18398EPSS
Exploits3References2
Ubuntu
Ubuntuadded 2022/04/11 12:29 p.m.102 views

USN-5373-2: Django vulnerabilities

USN-5373-1 fixed several vulnerabilities in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate, aggregate, and extra...

9.8CVSS7.4AI score0.18398EPSS
Exploits3
Ubuntu
Ubuntuadded 2022/04/11 11:36 a.m.104 views

USN-5373-1: Django vulnerabilities

It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate, aggregate, and extra methods. A remote attacker could possibly use this issue to perform an SQL injection attack. CVE-2022-28346 It was discovered that Django incorrectly handled certain...

9.8CVSS7.3AI score0.18398EPSS
Exploits3
Tenable Nessus
Tenable Nessusadded 2022/04/11 12:0 a.m.40 views

Ubuntu 18.04 LTS / 20.04 LTS : Django vulnerabilities (USN-5373-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5373-1 advisory. It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate, aggregate, and extra methods. A...

9.8CVSS7.4AI score0.18398EPSS
Exploits3References4
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.33 views

Mageia: Security Advisory (MGASA-2021-0356)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.44369EPSS
Exploits1References18
Mageia
Mageiaadded 2021/07/16 8:25 a.m.54 views

Updated python-django package fixes security vulnerabilities

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability CVE-2021-28658. In Django 2.2 before 2.2.21, 3.1 before 3.1.9, an...

9.8CVSS1.7AI score0.44369EPSS
Exploits1References16
ALT Linux
ALT Linuxadded 2021/07/13 12:0 a.m.30 views

Security fix for the ALT Linux 9 package python3-module-django version 2.2.24-alt1

July 13, 2021 Alexey Shabalin 2.2.24-alt1 - new version 2.2.24 - Fixes for the following security vulnerabilities: + CVE-2021-28658 Potential directory-traversal via uploaded files + CVE-2021-31542 Potential directory-traversal via uploaded files + CVE-2021-32052 Header injection possibility sinc...

5CVSS7AI score0.05291EPSS
Exploits0
ALT Linux
ALT Linuxadded 2021/07/13 12:0 a.m.31 views

Security fix for the ALT Linux 10 package python3-module-django version 2.2.24-alt1

July 13, 2021 Alexey Shabalin 2.2.24-alt1 - new version 2.2.24 - Fixes for the following security vulnerabilities: + CVE-2021-28658 Potential directory-traversal via uploaded files + CVE-2021-31542 Potential directory-traversal via uploaded files + CVE-2021-32052 Header injection possibility sinc...

5CVSS7AI score0.05291EPSS
Exploits0
vulnersOsv
vulnersOsvadded 2021/06/09 5:14 p.m.1 views

aimmo (>=0.61.9 <=0.69.8b430), ambition-edc (>=0.3.68 <=0.3.72) +65 more potentially affected by CVE-2021-32052 via django (>=2.2.0 <=2.2.21)

django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2021-32052 Source advisory: OSV:GHSA-QM57-VHQ3-3FWF...

6.1CVSS6.7AI score0.03172EPSS
Exploits0
vulnersOsv
vulnersOsvadded 2021/06/09 5:14 p.m.3 views

admin-tool-button (>=1.0.1a0 <=1.0.5a0), aedttest (=0.0.2) +121 more potentially affected by CVE-2021-32052 via django (>=3.2.0 <=3.2.19)

django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.0.1, =1.0.6, =6.2.0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =22.0.0.dev30 and more Source cves: CVE-2021-32052 Source advisory: OSV:GHSA-QM57-VHQ3-3FWF...

6.1CVSS6.7AI score0.03172EPSS
Exploits0
OpenVAS
OpenVASadded 2021/05/13 12:0 a.m.23 views

Fedora: Security Advisory for python-django (FEDORA-2021-01044b8a59)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.5AI score0.05291EPSS
Exploits0References2
OpenVAS
OpenVASadded 2021/05/07 12:0 a.m.22 views

Django 2.2 < 2.2.22, 3.1 < 3.1.10, 3.2 < 3.2.2 Header Injection Vulnerability - Windows

Django is prone to a header injection vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS8AI score0.03172EPSS
Exploits0References1
OSV
OSVadded 2021/05/06 4:15 p.m.29 views

CVE-2021-32052

In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 with Python 3.9.5+, URLValidator does not prohibit newlines and tabs unless the URLField form field is used. If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffecte...

6.1CVSS6.9AI score
Exploits0References6
vulnersOsv
vulnersOsvadded 2021/05/06 4:15 p.m.0 views

aimmo (>=0.61.9 <=0.69.8b430), ambition-edc (>=0.3.68 <=0.3.72) +65 more potentially affected by CVE-2021-32052 via django (>=2.2.0 <=2.2.21)

django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2021-32052 Source advisory: OSV:PYSEC-2021-8...

6.1CVSS6.7AI score0.03172EPSS
Exploits0
vulnersOsv
vulnersOsvadded 2021/05/06 4:15 p.m.1 views

ariadne-jwt (>=0.1.0 <=0.1.3), balder (=0.1.24) +36 more potentially affected by CVE-2021-32052 via django (>=3.1.0 <=3.1.1)

django PYPI version =3.1.0, =0.1.0, =0.0.32, =0.0.38, =20.13.1, =0.1.0, =0.10.0, =0.9.0, =0.4.0, =0.12.0, =0.15.3 and more Source cves: CVE-2021-32052 Source advisory: OSV:PYSEC-2021-8...

6.1CVSS6.7AI score0.03172EPSS
Exploits0
vulnersOsv
vulnersOsvadded 2021/05/06 4:15 p.m.0 views

admin-tool-button (>=1.0.1a0 <=1.0.5a0), aedttest (=0.0.2) +121 more potentially affected by CVE-2021-32052 via django (>=3.2.0 <=3.2.19)

django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.0.1, =1.0.6, =6.2.0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =22.0.0.dev30 and more Source cves: CVE-2021-32052 Source advisory: OSV:PYSEC-2021-8...

6.1CVSS6.7AI score0.03172EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2021/05/06 4:15 p.m.26 views

CVE-2021-32052

In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 with Python 3.9.5+, URLValidator does not prohibit newlines and tabs unless the URLField form field is used. If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffecte...

6.1CVSS6.8AI score0.03172EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2021/05/06 3:49 p.m.35 views

CVE-2021-32052

In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 with Python 3.9.5+, URLValidator does not prohibit newlines and tabs unless the URLField form field is used. If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffecte...

6.1CVSS7.2AI score0.03172EPSS
Exploits0
Rows per page
Query Builder