3 matches found
Security update for python-Django
This update for python-Django fixes the following issues CVE-2026-6873: signed cookie salt namespace collision in django.http.HttpRequest.getsignedcookie bsc1267578. CVE-2026-7666: potential unencrypted email transmission via STARTTLS in the SMTP backend bsc1267579. CVE-2026-8404: potential...
Python Library Django 5.2.x < 5.2.15 / 6.0.x < 6.0.6 Multiple Vulnerabilities
The detected version of the Django Python package is 5.2.x prior to 5.2.15 or 6.0.x prior to 6.0.6. It is, therefore, affected by multiple vulnerabilities, including: - django.middleware.cache.UpdateCacheMiddleware does not add Authorization to the Vary response header for requests bearing that...
CVE-2026-49267 Apache Airflow: No certificate validation on SMTP STARTTLS connections
Apache Airflow's EmailOperator and the underlying airflow.utils.email helpers established SMTP STARTTLS connections without verifying the remote certificate when the deployment used email smtpstarttls=True without email smtpssl. An attacker positioned between the worker and the configured SMTP...