Search for packages
| purl | pkg:deb/debian/python-django@1.7.7-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-gvvs-megy-9fc3 | The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string. |
CVE-2015-2316
GHSA-j3j3-jrfh-cm2w PYSEC-2015-18 |
| VCID-jumh-hkhx-7qc9 | The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL. |
CVE-2015-2317
GHSA-7fq8-4pv5-5w5c PYSEC-2015-9 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T09:59:01.328830+00:00 | Debian Importer | Fixing | VCID-jumh-hkhx-7qc9 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T08:43:21.226315+00:00 | Debian Importer | Fixing | VCID-gvvs-megy-9fc3 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-12T18:15:31.654108+00:00 | Debian Importer | Fixing | VCID-jumh-hkhx-7qc9 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T17:51:37.059780+00:00 | Debian Importer | Fixing | VCID-gvvs-megy-9fc3 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:50:41.125579+00:00 | Debian Importer | Fixing | VCID-jumh-hkhx-7qc9 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:50:41.075712+00:00 | Debian Importer | Fixing | VCID-gvvs-megy-9fc3 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |