Search for packages
| purl | pkg:deb/debian/python-django@0.95.1-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-72fp-zabh-6qbv | Django Improper Access Control The LazyUser class in the AuthenticationMiddleware for Django 0.95 does not properly cache the user name across requests, which allows remote authenticated users to gain the privileges of a different user. |
CVE-2007-0405
GHSA-mwv2-398h-v489 |
| VCID-yx42-v5s7-h7ac | Django Arbitrary Code Execution `bin/compile-messages.py` in Django 0.95 does not quote argument strings before invoking the msgfmt program through the os.system function, which allows attackers to execute arbitrary commands via shell metacharacters in a (1) .po or (2) .mo file. |
CVE-2007-0404
GHSA-qc99-g3wm-hgxr |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T11:33:51.086452+00:00 | Debian Importer | Fixing | VCID-72fp-zabh-6qbv | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T11:15:25.644082+00:00 | Debian Importer | Fixing | VCID-yx42-v5s7-h7ac | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-12T18:15:29.454835+00:00 | Debian Importer | Fixing | VCID-72fp-zabh-6qbv | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-12T18:15:29.402817+00:00 | Debian Importer | Fixing | VCID-yx42-v5s7-h7ac | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:50:39.112943+00:00 | Debian Importer | Fixing | VCID-72fp-zabh-6qbv | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:50:39.062558+00:00 | Debian Importer | Fixing | VCID-yx42-v5s7-h7ac | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |