Lucene search
K

7895 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Python-Django

A vulnerability was discovered in versions prior to 6.0.0, 6.0.2, 5.2.0 prior to 5.2.1.1, and 4.2.0 prior to 4.2.2.8. The methods django.utils.text.Truncator.chars and Truncator.words with html=True, along with the template filters truncatecharshtml and truncatewordshtml, allow a remote attacker ...

7.5CVSS7AI score0.00993EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/15 1:11 a.m.21 views

[SECURITY] Fedora 43 Update: python-django5-5.2.15-1.fc43

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

5.3CVSS5.4AI score0.00359EPSS
Exploits0
Fedora
Fedora
added 2026/06/15 12:51 a.m.24 views

[SECURITY] Fedora 44 Update: python-django5-5.2.15-1.fc44

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

5.3CVSS5.4AI score0.00359EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.8 views

Fedora 43 : python-django5 (2026-f140cb16b6)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f140cb16b6 advisory. Fixes five low-severity CVEs - CVE-2026-6873: Signed cookie salt namespace collision - CVE-2026-7666: Potential unencrypted email transmission via...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.11 views

openSUSE 16 Security Update : python-Django (openSUSE-SU-2026:20937-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20937-1 advisory. Changes in python-Django: - CVE-2026-6873: Signed cookie salt namespace collision bsc1267578 - CVE-2026-7666: Potential unencrypted email...

5.3CVSS5.4AI score0.00359EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.15 views

SUSE SLES15 Security Update : python-Django (SUSE-SU-2026:2318-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2318-1 advisory. This update for python-Django fixes the following issues - CVE-2026-6873: signed cookie salt namespace collision in...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References16
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/13 12:0 a.m.10 views

python313-Django6-6.0.6-1.1 on GA media (moderate)

python313-Django6-6.0.6-1.1 on GA media Announcement ID: openSUSE-SU-2026:11003-1 Rating: moderate Cross-References: CVE-2026-35193 CVE-2026-48587 CVE-2026-6873 CVE-2026-7666 CVE-2026-8404 CVSS scores: CVE-2026-35193 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2026-35193 SUSE : 8....

9.1CVSS5.4AI score0.00359EPSS
Exploits0
OSV
OSV
added 2026/06/12 12:26 p.m.15 views

OESA-2026-2661 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not add Authorization to the Vary response header...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References6
OSV
OSV
added 2026/06/12 12:26 p.m.26 views

OESA-2026-2660 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not add Authorization to the Vary response header...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References6
OSV
OSV
added 2026/06/12 12:26 p.m.18 views

OESA-2026-2659 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not add Authorization to the Vary response header...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/12 12:0 a.m.15 views

Security update for python-Django (important)

openSUSE security update: security update for python-django ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20937-1 Rating: important References: bsc1267576 bsc1267577 bsc1267578 bsc1267579 bsc1267580 Cross-References: CVE-2026-35193 CVE-2026-48587...

9.1CVSS5.4AI score0.00359EPSS
Exploits0References5
OSV
OSV
added 2026/06/11 12:0 a.m.5 views

OPENSUSE-SU-2026:11002-1 python311-Django-5.2.15-1.1 on GA media

These are all security issues fixed in the python311-Django-5.2.15-1.1 package on the GA media of openSUSE Tumbleweed...

5.3CVSS5.3AI score0.00359EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/11 12:0 a.m.7 views

python311-Django4-4.2.30-3.1 on GA media (moderate)

python311-Django4-4.2.30-3.1 on GA media Announcement ID: openSUSE-SU-2026:10989-1 Rating: moderate Cross-References: CVE-2026-35193 CVE-2026-48587 CVE-2026-6873 CVE-2026-7666 CVE-2026-8404 CVSS scores: CVE-2026-35193 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2026-35193 SUSE : 8...

9.1CVSS5.5AI score0.00359EPSS
Exploits0
OSV
OSV
added 2026/06/11 12:0 a.m.4 views

OPENSUSE-SU-2026:11003-1 python313-Django6-6.0.6-1.1 on GA media

These are all security issues fixed in the python313-Django6-6.0.6-1.1 package on the GA media of openSUSE Tumbleweed...

5.3CVSS5.2AI score0.00359EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/06/09 1:22 p.m.8 views

Security update for python-Django

This update for python-Django fixes the following issues CVE-2026-6873: signed cookie salt namespace collision in django.http.HttpRequest.getsignedcookie bsc1267578. CVE-2026-7666: potential unencrypted email transmission via STARTTLS in the SMTP backend bsc1267579. CVE-2026-8404: potential...

9.1CVSS5.4AI score0.00359EPSS
Exploits0References20
OSV
OSV
added 2026/06/09 1:22 p.m.6 views

SUSE-SU-2026:2318-1 Security update for python-Django

This update for python-Django fixes the following issues - CVE-2026-6873: signed cookie salt namespace collision in django.http.HttpRequest.getsignedcookie bsc1267578. - CVE-2026-7666: potential unencrypted email transmission via STARTTLS in the SMTP backend bsc1267579. - CVE-2026-8404: potential...

5.3CVSS5.4AI score0.00359EPSS
Exploits0References11
OSV
OSV
added 2026/06/09 12:0 a.m.5 views

OPENSUSE-SU-2026:10989-1 python311-Django4-4.2.30-3.1 on GA media

These are all security issues fixed in the python311-Django4-4.2.30-3.1 package on the GA media of openSUSE Tumbleweed...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.14 views

TencentOS Server 4: python-django (TSSA-2026:0341)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0341 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

9.8CVSS5.5AI score0.00458EPSS
Exploits0References2
OSV
OSV
added 2026/06/06 8:39 a.m.11 views

BIT-DJANGO-2026-8404 Potential exposure of private data via case-sensitive Cache-Control directives in UpdateCacheMiddleware

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not match Cache-Control response directives case-insensitively, which allows remote attackers to read responses that were incorrectly cached because their...

5.3CVSS5.4AI score0.00285EPSS
Exploits0References4
OSV
OSV
added 2026/06/06 8:39 a.m.10 views

BIT-DJANGO-2026-7666 Potential unencrypted email transmission via STARTTLS in the SMTP backend

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

3.1CVSS5.3AI score0.0015EPSS
Exploits0References4
Rows per page
Query Builder