53 matches found
Security update for python-djangorestframework, python-Django (moderate)
openSUSE Security Update: Security update for python-djangorestframework, python-Django Announcement ID: openSUSE-SU-2026:0138-1 Rating: moderate References: 1227077 1259142 1261722 1261731 1261732 PED-8919 Cross-References: CVE-2024-21520 CVE-2026-25674 CVE-2026-33033 CVE-2026-4277 CVE-2026-4292...
Security update for python-djangorestframework (moderate)
openSUSE Security Update: Security update for python-djangorestframework Announcement ID: openSUSE-SU-2026:0038-1 Rating: moderate References: 1227077 PED-8919 Cross-References: CVE-2024-21520 CVSS scores: CVE-2024-21520 SUSE: 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products:...
python311-djangorestframework-3.16.1-2.1 on GA media (moderate)
python311-djangorestframework-3.16.1-2.1 on GA media Announcement ID: openSUSE-SU-2026:10115-1 Rating: moderate Cross-References: CVE-2024-21520 CVSS scores: CVE-2024-21520 SUSE : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: openSUSE Tumbleweed An update that solves one...
Security update for python-djangorestframework-simplejwt (moderate)
openSUSE Security Update: Security update for python-djangorestframework-simplejwt Announcement ID: openSUSE-SU-2025:0425-1 Rating: moderate References: 1221568 Cross-References: CVE-2024-22513 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now availabl...
OPENSUSE-SU-2025:15699-1 python311-djangorestframework-simplejwt-5.5.1-1.1 on GA media
These are all security issues fixed in the python311-djangorestframework-simplejwt-5.5.1-1.1 package on the GA media of openSUSE Tumbleweed...
EUVD-2024-2061
Malicious code in bioql PyPI...
airavata-custos-portal (>=0.0.1 <=0.0.6), airavata-custos-portal-sdk (=0.0.1) +3 more potentially affected by CVE-2025-45768 via pyjwt (>=0.2.1 <=0.4.3)
pyjwt PYPI version =0.2.1, =0.0.1, =2.1.0, =1.0.2, =1.3.2 Source cves: CVE-2025-45768 Source advisory: OSV:PYSEC-2025-183...
Linux Distros Unpatched Vulnerability : CVE-2024-21520
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper...
Security Bulletin: IBM Maximo Application Suite: djangorestframework-3.15.1-py3-none-any.whl is vulnerable to CVE-2024-21520 used in IBM Maximo Application Suite - Edge Data Collector
Summary IBM Maximo Application Suite - Edge Data Collector uses djangorestframework-3.15.1-py3-none-any.whl which is vulnerable to CVE-2024-21520 Vulnerability Details CVEID:CVE-2024-21520 DESCRIPTION: Encode Django REST framework is vulnerable to cross-site scripting, caused by improper validati...
Cross-site Scripting (XSS)
djangorestframework is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input sanitization via the breaklongheaders template filter. This allows an attacker to inject malicious scripts by exploiting the improper santization in the header processing...
CVE-2024-21520
A vulnerability was found in the djangorestframework package. Cross-site scripting occurs via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...
acdh-django-vocabs (>=0.1.0 <=0.1.6), adede (=4.1.0) +904 more potentially affected by CVE-2024-21520 via djangorestframework (>=2.3.13 <=3.15.1)
djangorestframework PYPI version =2.3.13, =0.1.0, =1.1.12, =0.1.0, =0.61.9, =0.0.1, =0.0.3, =2018.3.1, =2022.6.0.post0, =2.0.0, =1.0.0, =2.0.0, =2.1.0, =2.3.1 and more Source cves: CVE-2024-21520 Source advisory: OSV:GHSA-GW84-84PC-XP82...
Cross-site Scripting in djangorestframework
Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...
GHSA-GW84-84PC-XP82 Cross-site Scripting in djangorestframework
Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...
CVE-2024-21520
Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...
CVE-2024-21520
Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...
DEBIAN-CVE-2024-21520
Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...
CVE-2024-21520
Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...
UBUNTU-CVE-2024-21520
Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...
CVE-2024-21520
Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting XSS via the breaklongheaders template filter due to improper input sanitization before splitting and joining with tags...