Search for packages
| purl | pkg:rpm/redhat/python-django@4.2.14-1?arch=el8pc |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-8xgs-8xjr-cber
Aliases: BIT-django-2024-24680 CVE-2024-24680 GHSA-xxj9-f6rv-m3x4 PYSEC-2024-28 |
An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings. | There are no reported fixed by versions. |
|
VCID-jh1e-72hp-fuf4
Aliases: BIT-django-2024-27351 CVE-2024-27351 GHSA-vm8q-m57g-pff3 PYSEC-2024-47 |
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:49:59.282553+00:00 | RedHat Importer | Affected by | VCID-8xgs-8xjr-cber | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24680.json | 38.0.0 |
| 2026-04-01T13:49:23.937016+00:00 | RedHat Importer | Affected by | VCID-jh1e-72hp-fuf4 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27351.json | 38.0.0 |