VulnerableCode Package Details - pkg:alpm/archlinux/python-django@3.1.7-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/python-django@3.1.7-1

Essentials
History (2)

purl	pkg:alpm/archlinux/python-django@3.1.7-1

Next non-vulnerable version	3.2.2-1
Latest non-vulnerable version	5.1.11-1
Risk	3.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-u7m5-tzv2-c7hn Aliases: BIT-django-2021-28658 CVE-2021-28658 GHSA-xgxc-v2qg-chmh PYSEC-2021-6	In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.	3.2-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-w6k8-js68-87g4	Multiple vulnerabilities have been found in Python, the worst of which might allow attackers to access sensitive information.	CVE-2021-23336

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:27:18.668435+00:00	Arch Linux Importer	Affected by	VCID-u7m5-tzv2-c7hn	https://security.archlinux.org/AVG-1776	38.0.0
2026-04-01T18:26:54.290135+00:00	Arch Linux Importer	Fixing	VCID-w6k8-js68-87g4	https://security.archlinux.org/AVG-1593	38.0.0