6 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-000162)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000162 advisory. The % debug % template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS...
aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +510 more potentially affected by CVE-2025-64460 via django (>=4.0.0 <=4.2.26)
django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =65.10.0, =65.10.3 and more Source cves: CVE-2025-64460 Source advisory: SNYK:PYTHON-DJANGO-14157807...
aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +508 more potentially affected by CVE-2025-48432 via django (>=4.0.0 <=4.2.21)
django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =65.10.0, =65.10.3 and more Source cves: CVE-2025-48432 Source advisory: SNYK:PYTHON-DJANGO-10302884...
OESA-2023-1097 python-django security update
A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a...
aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +219 more potentially affected by CVE-2022-28347 via django (>=4.0.0 <=4.0.3)
django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =3.1.1, =3.6.4, =0.10.0, =1.1.2, =0.2.0, =0.6.1, =0.6.10 and more Source cves: CVE-2022-28347 Source advisory: OSV:GHSA-W24H-V9QH-8GXJ...
PYSEC-2022-190
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate, aggregate, and extra methods are subject to SQL injection in column aliases via a crafted dictionary with dictionary expansion as the passed kwargs...