VulnerableCode Package Details - pkg:deb/debian/python-django@1.7.10-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-d7fu-jyta-2ygm	contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session record.	CVE-2015-5963 GHSA-pgxh-wfw4-jx2v PYSEC-2015-22
VCID-msmd-931q-abhe	The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors.	CVE-2015-5964 GHSA-x38m-486c-2wr9 PYSEC-2015-23

Vulnerability

Summary

Aliases

VCID-d7fu-jyta-2ygm

contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session record.

CVE-2015-5963
GHSA-pgxh-wfw4-jx2v
PYSEC-2015-22

VCID-msmd-931q-abhe

The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors.

CVE-2015-5964
GHSA-x38m-486c-2wr9
PYSEC-2015-23

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:42:15.590842+00:00	Debian Importer	Fixing	VCID-d7fu-jyta-2ygm	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:52:58.523939+00:00	Debian Importer	Fixing	VCID-msmd-931q-abhe	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-12T18:15:31.904146+00:00	Debian Importer	Fixing	VCID-d7fu-jyta-2ygm	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:58:54.670675+00:00	Debian Importer	Fixing	VCID-msmd-931q-abhe	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:50:41.395672+00:00	Debian Importer	Fixing	VCID-msmd-931q-abhe	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:50:41.343015+00:00	Debian Importer	Fixing	VCID-d7fu-jyta-2ygm	https://security-tracker.debian.org/tracker/data/json	38.1.0