SUSE CVE-2013-0306

The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service memory consumption or trigger server errors via a modified maxnum parameter...

ae-django-utils (=0.3.1), apollo-sdk (>=0.2.0 <=0.2.11) +32 more potentially affected by CVE-2021-45452 via django (>=4.0.0 <=4.0.0rc1)

django PYPI version =4.0.0, =0.2.0, =0.6.1, =2.16.1, =0.1.5, =1.0.7, =0.9.0, =0.4.0, =0.1.0, =0.1.1 and more Source cves: CVE-2021-45452 Source advisory: OSV:PYSEC-2022-3...

USN-1757-1: Django vulnerabilities

James Kettle discovered that Django did not properly filter the Host HTTP header when processing certain requests. An attacker could exploit this to generate and display arbitrary URLs to users. Although this issue had been previously addressed in USN-1632-1, this update adds additional hardening...