Django Security Vulnerabilities and Issues — Django CVE List

Lucene search

DjangoprojectDjango

9 matches found

CVE•added 2021/02/15 1:15 p.m.•730 views

CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can s...

5.9CVSS7.6AI score0.00326EPSS

CVE•added 2021/02/02 7:15 a.m.•183 views

CVE-2021-3281

In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths with dot segments.

5.3CVSS5.4AI score0.33479EPSS

CVE•added 2021/06/08 6:15 p.m.•180 views

CVE-2021-33203

Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been c...

4.9CVSS6.2AI score0.00301EPSS

CVE•added 2021/06/08 6:15 p.m.•173 views

CVE-2021-33571

In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4_address and valida...

7.5CVSS7.4AI score0.00014EPSS

CVE•added 2021/05/06 4:15 p.m.•168 views

CVE-2021-32052

In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffec...

6.1CVSS6.8AI score0.00805EPSS

CVE•added 2021/07/02 10:15 a.m.•165 views

CVE-2021-35042

Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application.

9.8CVSS9.7AI score0.07232EPSS

CVE•added 2021/12/08 12:15 a.m.•161 views

CVE-2021-44420

In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths.

7.5CVSS7.1AI score0.00102EPSS

CVE•added 2021/05/05 3:15 p.m.•154 views

CVE-2021-31542

In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.

7.5CVSS7.4AI score0.04357EPSS

CVE•added 2021/04/06 3:15 p.m.•150 views

CVE-2021-28658

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.

5.3CVSS5.5AI score0.02091EPSS