Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-000162)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000162 advisory. The % debug % template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS...

6.1CVSS7AI score0.03328EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2025/12/02 3:41 p.m.7 views

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +510 more potentially affected by CVE-2025-64460 via django (>=4.0.0 <=4.2.26)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =65.10.0, =65.10.3 and more Source cves: CVE-2025-64460 Source advisory: SNYK:PYTHON-DJANGO-14157807...

7.5CVSS7.3AI score0.02143EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/06/05 2:40 a.m.5 views

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +508 more potentially affected by CVE-2025-48432 via django (>=4.0.0 <=4.2.21)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =65.10.0, =65.10.3 and more Source cves: CVE-2025-48432 Source advisory: SNYK:PYTHON-DJANGO-10302884...

5.3CVSS6.6AI score0.006EPSS
Exploits0
OSV
OSV
added 2023/02/17 11:4 a.m.5 views

OESA-2023-1097 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a...

7.5CVSS6.9AI score0.47102EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2022/04/13 12:0 a.m.4 views

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +219 more potentially affected by CVE-2022-28347 via django (>=4.0.0 <=4.0.3)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =3.1.1, =3.6.4, =0.10.0, =1.1.2, =0.2.0, =0.6.1, =0.6.10 and more Source cves: CVE-2022-28347 Source advisory: OSV:GHSA-W24H-V9QH-8GXJ...

9.8CVSS7.1AI score0.02919EPSS
Exploits0
PyPA
PyPA
added 2022/04/12 5:15 a.m.10 views

PYSEC-2022-190

An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate, aggregate, and extra methods are subject to SQL injection in column aliases via a crafted dictionary with dictionary expansion as the passed kwargs...

9.8CVSS8AI score0.18516EPSS
Exploits3References6Affected Software1
Rows per page
Query Builder