Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/django@1.0
purl pkg:pypi/django@1.0
Tags Ghost
Next non-vulnerable version 4.2.29
Latest non-vulnerable version 6.0.4
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-66kq-hbhe-9ba3
Aliases:
CVE-2009-2659
GHSA-9xg7-gg9m-rmq9
PYSEC-2009-3
The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected "static media files," which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL.
1.0.3
Affected by 46 other vulnerabilities.
1.1
Affected by 45 other vulnerabilities.
VCID-hugz-zq5c-pugn
Aliases:
CVE-2009-3695
GHSA-p6m5-h7pp-v2x5
PYSEC-2009-4
Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a crafted (1) EmailField (email address) or (2) URLField (URL) that triggers a large amount of backtracking in a regular expression.
1.0.4
Affected by 45 other vulnerabilities.
1.1.1
Affected by 44 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T16:00:40.310912+00:00 GHSA Importer Affected by VCID-hugz-zq5c-pugn https://github.com/advisories/GHSA-p6m5-h7pp-v2x5 38.0.0
2026-04-01T16:00:37.831082+00:00 GHSA Importer Affected by VCID-66kq-hbhe-9ba3 https://github.com/advisories/GHSA-9xg7-gg9m-rmq9 38.0.0
2026-04-01T16:00:28.980127+00:00 GHSA Importer Fixing VCID-yx42-v5s7-h7ac https://github.com/advisories/GHSA-qc99-g3wm-hgxr 38.0.0
2026-04-01T16:00:28.953008+00:00 GHSA Importer Fixing VCID-72fp-zabh-6qbv https://github.com/advisories/GHSA-mwv2-398h-v489 38.0.0
2026-04-01T13:12:04.336835+00:00 GithubOSV Importer Fixing VCID-72fp-zabh-6qbv https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mwv2-398h-v489/GHSA-mwv2-398h-v489.json 38.0.0
2026-04-01T13:09:11.064041+00:00 GithubOSV Importer Fixing VCID-yx42-v5s7-h7ac https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-qc99-g3wm-hgxr/GHSA-qc99-g3wm-hgxr.json 38.0.0
2026-04-01T12:50:01.905211+00:00 GitLab Importer Affected by VCID-66kq-hbhe-9ba3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2009-2659.yml 38.0.0
2026-04-01T12:50:00.383097+00:00 GitLab Importer Affected by VCID-hugz-zq5c-pugn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2009-3695.yml 38.0.0
2026-04-01T12:49:58.456651+00:00 GitLab Importer Fixing VCID-72fp-zabh-6qbv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2007-0405.yml 38.0.0
2026-04-01T12:49:55.835764+00:00 GitLab Importer Fixing VCID-yx42-v5s7-h7ac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2007-0404.yml 38.0.0