pkg:Debian/python-django

All known vulnerabilities

• CRITICAL9.8CVE-2026-4277Django vulnerable to privilege abuse in GenericInlineModelAdmin
  from 0
• CRITICAL9.8CVE-2024-53908Django SQL injection in HasKey(lhs, rhs) on Oracle
  from 0, < 3:4.2.17-1
• CRITICAL9.8CVE-2023-31047python-django - security update
  from 0, < 1:1.11.29-1+deb10u8
• CRITICAL9.8python-django - security update
  from 0, < 2:2.2.28-1~deb11u2
• CRITICAL9.8Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection
  from 0, < 2:2.2.28-1~deb11u1
• CRITICAL9.8python-django - security update
  from 0, < 1.6.3-1
• CRITICAL9.8Django Vulnerable to MySQL Injection
  from 0, < 1.6.3-1
• CRITICAL9.8python-django - security update
  from 0, < 1.2.3-3+squeeze10
• CRITICAL9.8python-django - security update
  from 0, < 1.7.11-1+deb8u2
• CRITICAL9.8python-django - security update
  from 0, < 1:1.10.3-1
• CRITICAL9.8SQL Injection in Django
  from 0, < 2:2.2.28-1~deb11u1
• CRITICAL9.8python-django - security update
  from 0, < 2:2.2.28-1~deb11u1
• CRITICAL9.8python-django - security update
  from 0, < 1:1.10.7-2+deb9u16
• CRITICAL9.8python-django - security update
  from 0, < 2:2.2.10-1
• CRITICAL9.8python-django - security update
  from 0, < 1:1.10.7-2+deb9u8
• CRITICAL9.8python-django - security update
  from 0, < 1:1.10.7-2+deb9u7
• CRITICAL9.8python-django - security update
  from 0, < 2:2.2.9-1
• CRITICAL9.8python-django - security update
  from 0, < 1.7.11-1+deb8u8
• CRITICAL9.8SQL Injection in Django
  from 0, < 2:2.2.4-1
• CRITICAL9.1python-django - security update
  from 0, < 2:2.2.28-1~deb11u10
• CRITICAL9.1python-django - security update
  from 0, < 2:2.2.28-1~deb11u10
• CRITICAL9.1Django SQL injection vulnerability
  from 0, < 2:2.2.28-1~deb11u11
• HIGH8.8Django vulnerable to Reflected File Download attack
  from 0, < 2:2.2.28-1~deb11u1
• HIGH8.8python-django - security update
  from 0, < 2:2.2.11-1
• HIGH8.8python-django - security update
  from 0, < 1:1.10.7-2+deb9u17
• HIGH8.6python-django - directory traversal
  from 0, < 1.5.3-1
• HIGH8.6python-django - directory traversal
  from 0, < 1.2.3-3+squeeze7
• HIGH8.1python-django - security update
  from 0, < 1:1.10.3-1
• HIGH8.1python-django - security update
  from 0, < 1.4.22-1+deb7u2
• HIGH7.5Django vulnerable to ASGI header spoofing via underscore/hyphen conflation
  from 0
• HIGH7.5Django: SGI requests with a missing or understated `Content-Length` header could bypass the `DATA_UPLOAD_MAX_MEMORY_SIZE` limit
  from 0
• HIGH7.5Django has Inefficient Algorithmic Complexity
  from 0, < 2:2.2.28-1~deb11u12
• HIGH7.5Django has Inefficient Algorithmic Complexity
  from 0, < 3:3.2.25-0+deb12u2
• HIGH7.5Django is vulnerable to DoS via XML serializer text extraction
  from 0, < 2:2.2.28-1~deb11u10
• HIGH7.5Django has a denial-of-service vulnerability in HttpResponseRedirect and HttpResponsePermanentRedirect on Windows
  from 0
• HIGH7.5python-django - security update
  from 0, < 2:2.2.28-1~deb11u3
• HIGH7.5python-django - security update
  from 0, < 2:2.2.28-1~deb11u3
• HIGH7.5Django Path Traversal vulnerability
  from 0, < 2:2.2.28-1~deb11u11
• HIGH7.5Django vulnerable to Denial of Service
  from 0, < 2:2.2.28-1~deb11u11
• HIGH7.5Django vulnerable to Denial of Service
  from 0
• HIGH7.5python-django - security update
  from 0, < 1:1.11.29-1+deb10u9
• HIGH7.5python-django - security update
  from 0, < 2:2.2.28-1~deb11u2
• HIGH7.5python-django - security update
  from 0, < 2:2.2.28-1~deb11u2
• HIGH7.5python-django - security update
  from 0, < 2:2.2.28-1~deb11u2
• HIGH7.5python-django - security update
  from 0, < 1:1.11.29-1+deb10u7
• HIGH7.5python-django - security update
  from 0, < 1:1.11.29-1+deb10u6
• HIGH7.5python-django - security update
  from 0, < 2:2.2.28-1~deb11u2
• HIGH7.5Django denial-of-service vulnerability in internationalized URLs
  from 0, < 2:2.2.28-1~deb11u1
• HIGH7.5Django Image Field Vulnerable to Image Decompression Bombs
  from 0, < 1.4.1-1
• HIGH7.5Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
  from 0, < 1.4.1-1
• HIGH7.5python-django - several vulnerabilities
  from 0, < 1.4.2-1
• HIGH7.5python-django - several vulnerabilities
  from 0, < 1.2.3-3+squeeze5
• HIGH7.5python-django - denial of service
  from 0, < 1.5.4-1
• HIGH7.5python-django - denial of service
  from 0, < 1.2.3-3+squeeze8
• HIGH7.5Django DoS in django.views.static.serve
  from 0, < 1.7.1-1.1
• HIGH7.5Django database denial-of-service with ModelMultipleChoiceField
  from 0, < 1.7.1-1.1
• HIGH7.5Denial-of-service possibility in logout() view by filling session store
  from 0, < 1.7.10-1
• HIGH7.5Django Reuses Cached CSRF Token
  from 0, < 1.6.3-1
• HIGH7.5Django Vulnerable to HTTP Response Splitting Attack
  from 0, < 1.7.9-1
• HIGH7.5python-django - security update
  from 0, < 1.7.10-1
• HIGH7.5python-django - security update
  from 0, < 1.4.5-1+deb7u13
• HIGH7.5python-django - security update
  from 0, < 1.2.3-3+squeeze14
• HIGH7.5python-django - security update
  from 0, < 1:1.10-1
• HIGH7.5python-django - security update
  from 0, < 1.4.22-1+deb7u1
• HIGH7.5python-django - security update
  from 0, < 1.7.11-1+deb8u1
• HIGH7.5Django Vulnerable to Cache Poisoning
  from 0, < 1.3.1-1
• HIGH7.5Django Might Allow CSRF Requests via URL Verification
  from 0, < 1.3.1-1
• HIGH7.5Django Allows Open Redirects
  from 0, < 1.6.5-1
• HIGH7.5python-django - security update
  from 0, < 1.4.5-1+deb7u8
• HIGH7.5python-django - security update
  from 0, < 1.2.3-3+squeeze11
• HIGH7.5python-django - security update
  from 0, < 1.6.6-1
• HIGH7.5Django Denial-of-service possibility with strip_tags
  from 0, < 1.7.7-1
• HIGH7.5Django denial of service via file upload naming
  from 0, < 1.6.6-1
• HIGH7.5python-django - denial of service
  from 0, < 1.0.2-1+lenny2
• HIGH7.5python-django - denial of service
  from 0, < 1.1.1-1
• HIGH7.5Django Admin Media Handler Vulnerable to Directory Traversal
  from 0, < 1.1-1
• HIGH7.5Django cross-site request forgery (CSRF) vulnerability
  from 0, < 1.0-1
• HIGH7.5Infinite Loop in Django
  from 0, < 2:2.2.28-1~deb11u1
• HIGH7.5Information disclosure in Django
  from 0, < 2:2.2.26-1~deb11u1
• HIGH7.5python-django - security update
  from 0, < 2:2.2.26-1~deb11u1
• HIGH7.5python-django - security update
  from 0, < 1:1.11.29-1+deb10u3
• HIGH7.5Django Access Control Bypass possibly leading to SSRF, RFI, and LFI attacks
  from 0, < 2:2.2.24-1
• HIGH7.5python-django - security update
  from 0, < 1:1.10.7-2+deb9u13
• HIGH7.5python-django - security update
  from 0, < 2:2.2.21-1
• HIGH7.5python-django - security update
  from 0, < 1:1.11.29-1+deb10u2
• HIGH7.5python-django - security update
  from 0, < 2:2.2.16-1
• HIGH7.5Django Incorrect Default Permissions
  from 0, < 2:2.2.16-1
• HIGH7.5Django Denial-of-service in strip_tags()
  from 0, < 2:2.2.4-1
• HIGH7.5Uncontrolled Recursion in Django
  from 0, < 2:2.2.4-1
• HIGH7.5python-django - security update
  from 0, < 1.7.11-1+deb8u7
• HIGH7.5python-django - security update
  from 0, < 3:3.2.25-0+deb12u1
• HIGH7.5python-django - security update
  from 0, < 1:1.10.7-2+deb9u6
• HIGH7.5python-django - security update
  from 0, < 2:2.2.4-1
• HIGH7.5python-django - security update
  from 0, < 1.7.9-1
• HIGH7.5python-django - security update
  from 0, < 1.4.5-1+deb7u12
• HIGH7.5Uncontrolled Memory Consumption in Django
  from 0, < 1:1.11.20-1
• HIGH7.5Django vulnerable to information leakage in AuthenticationForm
  from 0, < 1:1.11.10-1
• HIGH7.5Improper date handling in Django
  from 0, < 1.2.4-1
• HIGH7.5Denial of service in django
  from 0, < 1.3.1-1
• HIGH7.5Django Cross-Site Request Forgery vulnerability
  from 0, < 1.3.1-1