4 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-000172)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000172 advisory. An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential...
OESA-2023-1097 python-django security update
A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a...
PYSEC-2022-190
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate, aggregate, and extra methods are subject to SQL injection in column aliases via a crafted dictionary with dictionary expansion as the passed kwargs...
admin-tool-button (>=1.0.1a0 <=1.0.5a0), apis-ampel (=0.1.0) +57 more potentially affected by CVE-2022-22818 via django (>=3.2.0 <=3.2.11)
django PYPI version =3.2.0, =1.0.1a0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =0.0.1, =0.0.14 - django-blocklist =1.0.0 - django-brazilian-zipcode =0.1.0 - django-cachalot =2.4.0 and more Source cves: CVE-2022-22818 Source advisory: OSV:PYSEC-2022-19...