3 matches found
CVE-2026-8404
An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not match Cache-Control response directives case-insensitively, which allows remote attackers to read responses that were incorrectly cached because their...
Python Library Django 4.2.x < 4.2.30 / 5.2.x < 5.2.13 / 6.0.x < 6.0.4 Multiple Vulnerabilities
The detected version of the Django Python package is 4.2.x prior to 4.2.30, 5.2.x prior to 5.2.13, or 6.0.x prior to 6.0.4. It is, therefore, affected by multiple vulnerabilities, including: - ASGIRequest allows a remote attacker to spoof headers by exploiting an ambiguous mapping of two header...
arthexis (>=0.2.6 <=0.8.0), cg-django-uaa (=2.1.9) +29 more potentially affected by CVE-2026-33033 via django (>=5.2.0 <=5.2.12)
django PYPI version =5.2.0, =0.2.6, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-33033 Source advisory: OSV:GHSA-5MF9-H53Q-7MHQ...