GHSA-5HRC-GVXJ-W55P vulnerabilities

Vulnerabilities for packages: py3-django...

CVE-2026-5766 vulnerabilities

Vulnerabilities for packages: py3-django...

[SECURITY] Fedora 43 Update: python-django5-5.2.14-1.fc43

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 44 Update: python-django5-5.2.14-1.fc44

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

Fedora 43 : python-django5 (2026-4d1404fc5d)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4d1404fc5d advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...

Fedora 44 : python-django6 (2026-de6e24ae07)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-de6e24ae07 advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...

ROS-20260513-73-0012

Vulnerability in python-django related to spoofing authentication bypass. Exploitation of the vulnerability could allow an attacker acting remotely to conduct spoofing attacks...

ROS-20260513-73-0010

Vulnerability in python-django related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260513-73-0013

Vulnerability in python-django related to a flaw in the authorization procedure. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

ROS-20260513-73-0014

Vulnerability in python-django related to a flaw in the authorization procedure. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

OESA-2026-2220 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. MultiPartParser allows remote attackers to degrade performance by submitting multipart uploads wi...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-017335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017335 advisory. An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. The django.contrib.auth.handlers.modwsgi.checkpassword function for...

PT-2026-38900

These are all security issues fixed in the python311-Django-5.2.14-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10709-1 python313-Django6-6.0.5-1.1 on GA media

These are all security issues fixed in the python313-Django6-6.0.5-1.1 package on the GA media of openSUSE Tumbleweed...

cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.16) +39 more potentially affected by CVE-2026-35192 via django (>=5.2.0 <=5.2.13)

django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =5.2.0, =5.2.1 - djbackup =2.1.0 and more Source cves: CVE-2026-35192 Source advisory: SNYK:PYTHON-DJANGO-16425761...

cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.16) +39 more potentially affected by CVE-2026-6907 via django (>=5.2.0 <=5.2.13)

django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =5.2.0, =5.2.1 - djbackup =2.1.0 and more Source cves: CVE-2026-6907 Source advisory: SNYK:PYTHON-DJANGO-16425745...

Astra Linux - уязвимость в python-django

A issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter consumes significant memory when dealing with a string representation of a number in scientific notation with a large exponent...

Astra Linux - уязвимость в python-django

A issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. The methods django.utils.text.Truncator.chars and Truncator.words with html=True, along with the truncatecharshtml and truncatewordshtml template filters, allow a remote attacker to cause a potential...

OPENSUSE-SU-2026:20578-1 Security update for python-Django

This update for python-Django fixes the following issues: Changes in python-Django: - CVE-2026-3902: ASGI header spoofing via underscore/hyphen conflation bsc1261729 - CVE-2026-4277: Privilege abuse in GenericInlineModelAdmin bsc1261731 - CVE-2026-4292: Privilege abuse in ModelAdmin.listeditable...

Mageia: Security Advisory (MGASA-2026-0093)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...