VulnerableCode Package Details - pkg:deb/debian/python-django@3:4.2.30-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1adz-zw3h-pqek		CVE-2026-3902 GHSA-mvfq-ggxm-9mc5
VCID-46pv-pzsu-jucd		CVE-2026-4292 GHSA-mmwr-2jhp-mc7j
VCID-ac4c-321h-tqfk	Django has a Race Condition vulnerability An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created with incorrect permissions via concurrent requests, where one thread's temporary `umask` change affects other threads in multi-threaded environments. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Tarek Nakkouch for reporting this issue.	CVE-2026-25674 GHSA-mjgh-79qc-68w3
VCID-ff2a-at5f-2qa8		CVE-2026-33033 GHSA-5mf9-h53q-7mhq
VCID-gfym-spzk-w7gk		CVE-2026-4277 GHSA-pwjp-ccjc-ghwg
VCID-ssut-reka-r3f8		CVE-2026-33034 GHSA-933h-hp56-hf7m

Vulnerability

Summary

Aliases

VCID-1adz-zw3h-pqek

CVE-2026-3902
GHSA-mvfq-ggxm-9mc5

VCID-46pv-pzsu-jucd

CVE-2026-4292
GHSA-mmwr-2jhp-mc7j

VCID-ac4c-321h-tqfk

Django has a Race Condition vulnerability An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created with incorrect permissions via concurrent requests, where one thread's temporary `umask` change affects other threads in multi-threaded environments. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Tarek Nakkouch for reporting this issue.

CVE-2026-25674
GHSA-mjgh-79qc-68w3

VCID-ff2a-at5f-2qa8

CVE-2026-33033
GHSA-5mf9-h53q-7mhq

VCID-gfym-spzk-w7gk

CVE-2026-4277
GHSA-pwjp-ccjc-ghwg

VCID-ssut-reka-r3f8

CVE-2026-33034
GHSA-933h-hp56-hf7m

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-13T08:40:27.465250+00:00	Debian Importer	Fixing	VCID-ac4c-321h-tqfk	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:42:42.258213+00:00	Debian Importer	Fixing	VCID-gfym-spzk-w7gk	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:39:56.654748+00:00	Debian Importer	Fixing	VCID-46pv-pzsu-jucd	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:36:08.509832+00:00	Debian Importer	Fixing	VCID-1adz-zw3h-pqek	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:15:34.370226+00:00	Debian Importer	Fixing	VCID-ff2a-at5f-2qa8	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:55:19.984757+00:00	Debian Importer	Fixing	VCID-ssut-reka-r3f8	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-10T09:17:40.529007+00:00	Debian Importer	Fixing	VCID-1adz-zw3h-pqek	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-10T08:56:01.857445+00:00	Debian Importer	Fixing	VCID-ac4c-321h-tqfk	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-10T08:14:41.311239+00:00	Debian Importer	Fixing	VCID-gfym-spzk-w7gk	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-10T08:06:51.331980+00:00	Debian Importer	Fixing	VCID-46pv-pzsu-jucd	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-10T07:11:51.301747+00:00	Debian Importer	Fixing	VCID-ff2a-at5f-2qa8	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-10T06:53:22.718273+00:00	Debian Importer	Fixing	VCID-ssut-reka-r3f8	https://security-tracker.debian.org/tracker/data/json	38.1.0