Search for packages
| purl | pkg:rpm/redhat/python-django@3.2.18-1?arch=el8pc |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2cup-9gdn-yyhk
Aliases: CVE-2021-46877 GHSA-3x8x-79m2-3w2w |
jackson-databind possible Denial of Service if using JDK serialization to serialize JsonNode jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. | There are no reported fixed by versions. |
|
VCID-7tca-pgcs-cuhd
Aliases: BIT-django-2022-41323 CVE-2022-41323 GHSA-qrw5-5h28-6cmg PYSEC-2022-304 |
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression. | There are no reported fixed by versions. |
|
VCID-nese-5485-hkbs
Aliases: BIT-django-2023-23969 CVE-2023-23969 GHSA-q2jf-h9jm-m7p4 PYSEC-2023-12 |
In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. | There are no reported fixed by versions. |
|
VCID-ypub-ukuh-p3aw
Aliases: BIT-django-2023-24580 CVE-2023-24580 GHSA-2hrw-hx67-34x6 PYSEC-2023-13 |
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:56:53.417581+00:00 | RedHat Importer | Affected by | VCID-7tca-pgcs-cuhd | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41323.json | 38.0.0 |
| 2026-04-01T13:55:36.242730+00:00 | RedHat Importer | Affected by | VCID-nese-5485-hkbs | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23969.json | 38.0.0 |
| 2026-04-01T13:55:22.324777+00:00 | RedHat Importer | Affected by | VCID-ypub-ukuh-p3aw | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24580.json | 38.0.0 |
| 2026-04-01T13:54:43.663487+00:00 | RedHat Importer | Affected by | VCID-2cup-9gdn-yyhk | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46877.json | 38.0.0 |