Search for packages
| purl | pkg:deb/debian/python-django@1.2.5-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-47er-pm3z-qfh3 | Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload. |
CVE-2011-0697
GHSA-8m3r-rv5g-fcpq PYSEC-2011-11 |
| VCID-a6d1-p4q6-fyav | Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged AJAX requests that leverage a "combination of browser plugins and redirects," a related issue to CVE-2011-0447. |
CVE-2011-0696
GHSA-5j2h-h5hg-3wf8 PYSEC-2011-10 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T10:25:35.995615+00:00 | Debian Importer | Fixing | VCID-47er-pm3z-qfh3 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T09:16:44.994987+00:00 | Debian Importer | Fixing | VCID-a6d1-p4q6-fyav | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-12T18:15:29.998426+00:00 | Debian Importer | Fixing | VCID-47er-pm3z-qfh3 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T18:12:04.246150+00:00 | Debian Importer | Fixing | VCID-a6d1-p4q6-fyav | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:50:39.614953+00:00 | Debian Importer | Fixing | VCID-47er-pm3z-qfh3 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:50:39.573670+00:00 | Debian Importer | Fixing | VCID-a6d1-p4q6-fyav | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |