20 matches found
Security update for python-djangorestframework, python-Django (moderate)
openSUSE Security Update: Security update for python-djangorestframework, python-Django Announcement ID: openSUSE-SU-2026:0138-1 Rating: moderate References: 1227077 1259142 1261722 1261731 1261732 PED-8919 Cross-References: CVE-2024-21520 CVE-2026-25674 CVE-2026-33033 CVE-2026-4277 CVE-2026-4292...
openSUSE 16 Security Update : python-Django (openSUSE-SU-2026:20373-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20373-1 advisory. Changes in python-Django: - CVE-2026-25674: Fixed race condition which can lead to potential incorrect permissions on newly created file system objects...
openSUSE Security Advisory (SUSE-SU-2026:0821-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2026-1509 python-django security update
A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker ...
OESA-2026-1506 python-django security update
A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker ...
MGASA-2026-0050 Updated python-django packages fix security vulnerability
Potential incorrect permissions on newly created file system objects. CVE-2026-25674...
Updated python-django packages fix security vulnerability
Potential incorrect permissions on newly created file system objects. CVE-2026-25674...
python311-Django-5.2.12-1.1 on GA media (moderate)
python311-Django-5.2.12-1.1 on GA media Announcement ID: openSUSE-SU-2026:10292-1 Rating: moderate Cross-References: CVE-2026-25674 CVSS scores: CVE-2026-25674 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-25674 SUSE : 6.3...
Mageia: Security Advisory (MGASA-2026-0050)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : python-Django (SUSE-SU-2026:0821-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0821-1 advisory. This update for python-Django fixes the following issue: - CVE-2026-25674: race condition can lead to potential incorrect permissions on...
SUSE-SU-2026:0821-1 Security update for python-Django
This update for python-Django fixes the following issue: - CVE-2026-25674: race condition can lead to potential incorrect permissions on newly created file system objects bsc1259142...
python311-Django4-4.2.29-1.1 on GA media (moderate)
python311-Django4-4.2.29-1.1 on GA media Announcement ID: openSUSE-SU-2026:10282-1 Rating: moderate Cross-References: CVE-2026-25674 CVSS scores: CVE-2026-25674 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-25674 SUSE : 6.3...
python313-Django6-6.0.3-1.1 on GA media (moderate)
python313-Django6-6.0.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10283-1 Rating: moderate Cross-References: CVE-2026-25674 CVSS scores: CVE-2026-25674 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-25674 SUSE : 6.3...
Linux Distros Unpatched Vulnerability : CVE-2026-25674
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in...
Python Library Django 4.2.x < 4.2.29 / 5.2.x < 5.2.12 / 6.0.x < 6.0.3 Race Condition
The detected version of the Django Python package, is 4.2.x prior to 4.2.29, 5.2.x prior to 5.2.12, or 6.0.x prior to 6.0.3. It is, therefore, affected by a race condition vulnerability as referenced by security release advisory: - An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, a...
cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.20) +28 more potentially affected by CVE-2026-25674 via django (>=5.2.0 <=5.2.11)
django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =5.2.0, =5.2.1 and more Source cves: CVE-2026-25674 Source advisory: SNYK:PYTHON-DJANGO-15371388...
arches (=8.0.0a1), django-accounts-api (=1.2.5) +26 more potentially affected by CVE-2026-25674 via django (>=6.0.0 <=6.0.2)
django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.1.0, =6.0.0, =6.0.0rc1 and more Source cves: CVE-2026-25674 Source advisory: SNYK:PYTHON-DJANGO-15371388...
arches (=8.0.0a1), django-accounts-api (=1.2.5) +26 more potentially affected by CVE-2026-25674 via django (>=6.0.0 <=6.0.2)
django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.1.0, =6.0.0, =6.0.0rc1 and more Source cves: CVE-2026-25674 Source advisory: OSV:GHSA-MJGH-79QC-68W3...
cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.20) +28 more potentially affected by CVE-2026-25674 via django (>=5.2.0 <=5.2.11)
django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =5.2.0, =5.2.1 and more Source cves: CVE-2026-25674 Source advisory: OSV:GHSA-MJGH-79QC-68W3...
CVE-2026-25674
An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created with incorrect permissions via concurrent requests, where one thread's...