Lucene search
K

7862 matches found

OSV
OSV
added 2026/06/23 2:43 p.m.36 views

ROOT-APP-PYPI-CVE-2025-57833 CVE-2025-57833 in rootio-django - Patched by Root

Root has patched CVE-2025-57833 in the rootio-django package for Root:PyPI. Multiple fixed versions available...

8.1CVSS7.3AI score0.15602EPSS
Exploits4
OSV
OSV
added 2026/06/23 2:43 p.m.23 views

ROOT-APP-PYPI-CVE-2025-64458 CVE-2025-64458 in rootio-django - Patched by Root

Root has patched CVE-2025-64458 in the rootio-django package for Root:PyPI. Multiple fixed versions available...

7.5CVSS7.3AI score0.0193EPSS
Exploits1
OSV
OSV
added 2026/06/19 9:5 p.m.8 views

MAL-2026-6230 Malicious code in django-auth-middleware-plus (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6cf58978ba5eec5220b4b4d85966efff31d31d164ff103f98dfd627381e061ec On import, djangoauthmiddlewareplus/init.py spawns a daemon thread that POSTs a JSON payload containing the host's hostname, username, cwd, environme...

5.9AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Python-Django

In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True, as well as the truncatewordshtml template filter, are vulnerable to a denial-of-service attack via a crafted regular expression. NOTE: This issue persists due to an...

5.3CVSS6.8AI score0.01854EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. Methods like QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are vulnerable to SQL injection when column aliases are used, especially when a properly crafted dictionary is passed...

9.8CVSS7.3AI score0.00583EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Python-Django

In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validateipv4address, and validateipv46address did not prohibit leading zero characters in octal literals. This may allow bypassing access control based on IP addresses. validateipv4address and validateipv46address...

7.5CVSS7.2AI score0.03058EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django versions 5.1.1, 5.0.9, and 4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view that implements password reset processes, allows remote attackers to enumerate user email addresses by sending password reset requests and observing the...

5.3CVSS6.8AI score0.00805EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, as well as the AdminURLFieldWidget widget, are susceptible to a potential denial-of-service attack due to certain inputs containing a very large number of Unicode characters...

7.5CVSS6.8AI score0.00954EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Python-Django

A vulnerability was discovered in versions prior to 6.0.0, 6.0.2, 5.2.0 prior to 5.2.1.1, and 4.2.0 prior to 4.2.2.8. The methods django.utils.text.Truncator.chars and Truncator.words with html=True, along with the template filters truncatecharshtml and truncatewordshtml, allow a remote attacker ...

7.5CVSS7AI score0.00993EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/15 1:11 a.m.20 views

[SECURITY] Fedora 43 Update: python-django5-5.2.15-1.fc43

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

5.3CVSS5.4AI score0.00359EPSS
Exploits0
Fedora
Fedora
added 2026/06/15 12:51 a.m.23 views

[SECURITY] Fedora 44 Update: python-django5-5.2.15-1.fc44

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

5.3CVSS5.4AI score0.00359EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.10 views

openSUSE 16 Security Update : python-Django (openSUSE-SU-2026:20937-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20937-1 advisory. Changes in python-Django: - CVE-2026-6873: Signed cookie salt namespace collision bsc1267578 - CVE-2026-7666: Potential unencrypted email...

5.3CVSS5.4AI score0.00359EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.7 views

Fedora 43 : python-django5 (2026-f140cb16b6)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f140cb16b6 advisory. Fixes five low-severity CVEs - CVE-2026-6873: Signed cookie salt namespace collision - CVE-2026-7666: Potential unencrypted email transmission via...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.15 views

SUSE SLES15 Security Update : python-Django (SUSE-SU-2026:2318-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2318-1 advisory. This update for python-Django fixes the following issues - CVE-2026-6873: signed cookie salt namespace collision in...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References16
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/13 12:0 a.m.10 views

python313-Django6-6.0.6-1.1 on GA media (moderate)

python313-Django6-6.0.6-1.1 on GA media Announcement ID: openSUSE-SU-2026:11003-1 Rating: moderate Cross-References: CVE-2026-35193 CVE-2026-48587 CVE-2026-6873 CVE-2026-7666 CVE-2026-8404 CVSS scores: CVE-2026-35193 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2026-35193 SUSE : 8....

9.1CVSS5.4AI score0.00359EPSS
Exploits0
OSV
OSV
added 2026/06/12 12:26 p.m.15 views

OESA-2026-2661 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not add Authorization to the Vary response header...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References6
OSV
OSV
added 2026/06/12 12:26 p.m.24 views

OESA-2026-2660 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not add Authorization to the Vary response header...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References6
OSV
OSV
added 2026/06/12 12:26 p.m.18 views

OESA-2026-2659 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not add Authorization to the Vary response header...

5.3CVSS5.5AI score0.00359EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/12 12:0 a.m.14 views

Security update for python-Django (important)

openSUSE security update: security update for python-django ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20937-1 Rating: important References: bsc1267576 bsc1267577 bsc1267578 bsc1267579 bsc1267580 Cross-References: CVE-2026-35193 CVE-2026-48587...

9.1CVSS5.4AI score0.00359EPSS
Exploits0References5
OSV
OSV
added 2026/06/11 12:0 a.m.4 views

OPENSUSE-SU-2026:11003-1 python313-Django6-6.0.6-1.1 on GA media

These are all security issues fixed in the python313-Django6-6.0.6-1.1 package on the GA media of openSUSE Tumbleweed...

5.3CVSS5.2AI score0.00359EPSS
Exploits0References5
Rows per page
Query Builder