Search for packages
Package details: pkg:pypi/django@0.95
purl pkg:pypi/django@0.95
Tags Ghost
Next non-vulnerable version 4.2.22
Latest non-vulnerable version 5.2.2
Risk 4.0
Vulnerabilities affecting this package (5)
Vulnerability Summary Fixed by
VCID-14ux-yqja-aaar
Aliases:
CVE-2007-5712
GHSA-9v8h-57gv-qch6
PYSEC-2007-1
The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows remote attackers to cause a denial of service (memory consumption) via many HTTP requests with large Accept-Language headers.
0.95.2
Affected by 0 other vulnerabilities.
0.96.1
Affected by 0 other vulnerabilities.
1.1
Affected by 44 other vulnerabilities.
VCID-3b2a-xekj-aaam
Aliases:
CVE-2007-0404
GHSA-qc99-g3wm-hgxr
bin/compile-messages.py in Django 0.95 does not quote argument strings before invoking the msgfmt program through the os.system function, which allows attackers to execute arbitrary commands via shell metacharacters in a (1) .po or (2) .mo file.
1.0
Affected by 2 other vulnerabilities.
VCID-gskh-8gyx-aaah
Aliases:
CVE-2008-2302
GHSA-54qj-48vx-cr9f
PYSEC-2008-1
Cross-site scripting (XSS) vulnerability in the login form in the administration application in Django 0.91 before 0.91.2, 0.95 before 0.95.3, and 0.96 before 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the URI of a certain previous request.
0.95.3
Affected by 0 other vulnerabilities.
0.96.2
Affected by 0 other vulnerabilities.
1.1
Affected by 44 other vulnerabilities.
VCID-k7je-vdc4-aaar
Aliases:
CVE-2008-3909
GHSA-r5cj-wv24-92p5
PYSEC-2008-2
The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete or modify data via unspecified requests.
0.95.4
Affected by 0 other vulnerabilities.
0.96.3
Affected by 0 other vulnerabilities.
1.1
Affected by 44 other vulnerabilities.
VCID-qstw-3rrn-aaaf
Aliases:
CVE-2007-0405
GHSA-mwv2-398h-v489
The LazyUser class in the AuthenticationMiddleware for Django 0.95 does not properly cache the user name across requests, which allows remote authenticated users to gain the privileges of a different user.
1.0
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-04-09T21:35:03.144553+00:00 GHSA Importer Affected by VCID-3b2a-xekj-aaam https://github.com/advisories/GHSA-qc99-g3wm-hgxr 36.0.0
2025-04-09T21:35:03.103884+00:00 GHSA Importer Affected by VCID-qstw-3rrn-aaaf https://github.com/advisories/GHSA-mwv2-398h-v489 36.0.0
2025-04-09T15:10:09.914346+00:00 GithubOSV Importer Affected by VCID-3b2a-xekj-aaam https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-qc99-g3wm-hgxr/GHSA-qc99-g3wm-hgxr.json 36.0.0
2025-04-09T15:10:09.851486+00:00 GithubOSV Importer Affected by VCID-qstw-3rrn-aaaf https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mwv2-398h-v489/GHSA-mwv2-398h-v489.json 36.0.0
2024-11-19T19:00:54.050345+00:00 GHSA Importer Affected by VCID-14ux-yqja-aaar https://github.com/advisories/GHSA-9v8h-57gv-qch6 34.3.2
2024-10-14T21:47:32.255665+00:00 GitLab Importer Affected by VCID-14ux-yqja-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2007-5712.yml 34.0.2
2024-10-14T21:47:32.014228+00:00 GitLab Importer Affected by VCID-qstw-3rrn-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2007-0405.yml 34.0.2
2024-10-14T21:47:31.972602+00:00 GitLab Importer Affected by VCID-3b2a-xekj-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2007-0404.yml 34.0.2
2024-09-18T09:14:24.218118+00:00 GithubOSV Importer Affected by VCID-3b2a-xekj-aaam https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-qc99-g3wm-hgxr/GHSA-qc99-g3wm-hgxr.json 34.0.1
2024-09-18T09:11:26.682481+00:00 GithubOSV Importer Affected by VCID-qstw-3rrn-aaaf https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mwv2-398h-v489/GHSA-mwv2-398h-v489.json 34.0.1
2024-09-17T22:26:49.880015+00:00 GitLab Importer Affected by VCID-gskh-8gyx-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2008-2302.yml 34.0.1
2024-09-17T22:26:49.349773+00:00 GitLab Importer Affected by VCID-k7je-vdc4-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2008-3909.yml 34.0.1
2024-09-17T22:13:38.404937+00:00 GHSA Importer Affected by VCID-gskh-8gyx-aaah https://github.com/advisories/GHSA-54qj-48vx-cr9f 34.0.1
2024-09-17T22:12:56.735668+00:00 GHSA Importer Affected by VCID-14ux-yqja-aaar https://github.com/advisories/GHSA-9v8h-57gv-qch6 34.0.1
2024-09-17T22:12:48.205651+00:00 GHSA Importer Affected by VCID-3b2a-xekj-aaam https://github.com/advisories/GHSA-qc99-g3wm-hgxr 34.0.1
2024-09-17T22:12:48.166001+00:00 GHSA Importer Affected by VCID-qstw-3rrn-aaaf https://github.com/advisories/GHSA-mwv2-398h-v489 34.0.1
2024-05-22T00:07:19.344276+00:00 GHSA Importer Affected by VCID-gskh-8gyx-aaah https://github.com/advisories/GHSA-54qj-48vx-cr9f 34.0.0rc4
2024-05-21T23:37:07.224272+00:00 GithubOSV Importer Affected by VCID-3b2a-xekj-aaam https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-qc99-g3wm-hgxr/GHSA-qc99-g3wm-hgxr.json 34.0.0rc4
2024-05-21T23:37:02.102100+00:00 GithubOSV Importer Affected by VCID-qstw-3rrn-aaaf https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mwv2-398h-v489/GHSA-mwv2-398h-v489.json 34.0.0rc4
2024-05-17T13:03:31.023546+00:00 GHSA Importer Affected by VCID-3b2a-xekj-aaam https://github.com/advisories/GHSA-qc99-g3wm-hgxr 34.0.0rc4
2024-05-17T13:03:30.982971+00:00 GHSA Importer Affected by VCID-qstw-3rrn-aaaf https://github.com/advisories/GHSA-mwv2-398h-v489 34.0.0rc4
2024-04-29T16:07:06.471276+00:00 GHSA Importer Affected by VCID-14ux-yqja-aaar https://github.com/advisories/GHSA-9v8h-57gv-qch6 34.0.0rc4
2024-04-23T23:08:20.174038+00:00 GithubOSV Importer Affected by VCID-k7je-vdc4-aaar https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-r5cj-wv24-92p5/GHSA-r5cj-wv24-92p5.json 34.0.0rc4
2024-01-03T17:52:47.316381+00:00 GitLab Importer Affected by VCID-gskh-8gyx-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2008-2302.yml 34.0.0rc1
2024-01-03T17:52:46.756881+00:00 GitLab Importer Affected by VCID-k7je-vdc4-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2008-3909.yml 34.0.0rc1
2024-01-03T17:43:49.148151+00:00 GHSA Importer Affected by VCID-k7je-vdc4-aaar https://github.com/advisories/GHSA-r5cj-wv24-92p5 34.0.0rc1
2024-01-03T17:43:49.020039+00:00 GHSA Importer Affected by VCID-gskh-8gyx-aaah https://github.com/advisories/GHSA-54qj-48vx-cr9f 34.0.0rc1