Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/django@0.96.0
purl pkg:pypi/django@0.96.0
Tags Ghost
Next non-vulnerable version 4.2.29
Latest non-vulnerable version 6.0.4
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-66kq-hbhe-9ba3
Aliases:
CVE-2009-2659
GHSA-9xg7-gg9m-rmq9
PYSEC-2009-3
The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected "static media files," which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL.
0.96.4
Affected by 0 other vulnerabilities.
1.0.3
Affected by 46 other vulnerabilities.
1.1
Affected by 45 other vulnerabilities.
VCID-8b12-22bg-jkch
Aliases:
CVE-2007-5712
GHSA-9v8h-57gv-qch6
PYSEC-2007-1
The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows remote attackers to cause a denial of service (memory consumption) via many HTTP requests with large Accept-Language headers.
0.96.1
Affected by 0 other vulnerabilities.
1.1
Affected by 45 other vulnerabilities.
VCID-rkt5-kwum-43c8
Aliases:
CVE-2008-3909
GHSA-r5cj-wv24-92p5
PYSEC-2008-2
The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete or modify data via unspecified requests.
0.96.3
Affected by 0 other vulnerabilities.
1.1
Affected by 45 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T16:00:37.796678+00:00 GHSA Importer Affected by VCID-66kq-hbhe-9ba3 https://github.com/advisories/GHSA-9xg7-gg9m-rmq9 38.0.0
2026-04-01T16:00:35.669789+00:00 GHSA Importer Affected by VCID-rkt5-kwum-43c8 https://github.com/advisories/GHSA-r5cj-wv24-92p5 38.0.0
2026-04-01T16:00:32.264969+00:00 GHSA Importer Affected by VCID-8b12-22bg-jkch https://github.com/advisories/GHSA-9v8h-57gv-qch6 38.0.0
2026-04-01T13:07:39.755393+00:00 GithubOSV Importer Affected by VCID-8b12-22bg-jkch https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-9v8h-57gv-qch6/GHSA-9v8h-57gv-qch6.json 38.0.0
2026-04-01T12:50:01.903329+00:00 GitLab Importer Affected by VCID-66kq-hbhe-9ba3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2009-2659.yml 38.0.0
2026-04-01T12:50:00.869901+00:00 GitLab Importer Affected by VCID-rkt5-kwum-43c8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2008-3909.yml 38.0.0
2026-04-01T12:49:59.002160+00:00 GitLab Importer Affected by VCID-8b12-22bg-jkch https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2007-5712.yml 38.0.0