Search for packages
Package details: pkg:pypi/django@3.1.14
purl pkg:pypi/django@3.1.14
Next non-vulnerable version 4.2.22
Latest non-vulnerable version 5.2.2
Risk 4.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-1ay6-j864-aaaq
Aliases:
BIT-django-2022-36359
CVE-2022-36359
GHSA-8x94-hmjh-97hq
PYSEC-2022-245
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.
3.2.15
Affected by 11 other vulnerabilities.
4.0a1
Affected by 7 other vulnerabilities.
4.0.7
Affected by 7 other vulnerabilities.
4.1a1
Affected by 8 other vulnerabilities.
VCID-3gge-bre2-aaac
Aliases:
BIT-django-2024-24680
CVE-2024-24680
GHSA-xxj9-f6rv-m3x4
PYSEC-2024-28
An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.
3.2.24
Affected by 2 other vulnerabilities.
4.2.10
Affected by 17 other vulnerabilities.
5.0.2
Affected by 16 other vulnerabilities.
VCID-dapt-wsva-ubfv
Aliases:
CVE-2024-45231
GHSA-rrqc-c2jx-6jgv
An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers to enumerate user e-mail addresses by sending password reset requests and observing the outcome (only when e-mail sending is consistently failing).
4.2.16
Affected by 6 other vulnerabilities.
5.0.9
Affected by 5 other vulnerabilities.
5.1.1
Affected by 7 other vulnerabilities.
VCID-q4q6-yfng-aaag
Aliases:
BIT-django-2024-27351
CVE-2024-27351
GHSA-vm8q-m57g-pff3
PYSEC-2024-47
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665.
3.2.25
Affected by 1 other vulnerability.
4.2.11
Affected by 16 other vulnerabilities.
5.0.3
Affected by 15 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-93tt-u75s-aaab In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. BIT-2021-44420
BIT-django-2021-44420
CVE-2021-44420
GHSA-v6rh-hp5x-86rv
PYSEC-2021-439

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T17:09:17.334620+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 36.1.3
2025-06-20T16:55:13.759400+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 36.1.3
2025-06-20T16:52:37.906024+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 36.1.3
2025-06-20T16:01:39.821179+00:00 GitLab Importer Affected by VCID-1ay6-j864-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2022-36359.yml 36.1.3
2025-06-20T15:22:54.270429+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2021-44420.yml 36.1.3
2025-06-20T15:22:52.264832+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab None 36.1.3
2025-06-03T23:45:14.715903+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 36.1.0
2025-06-03T23:32:06.612916+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 36.1.0
2025-06-03T23:29:54.884651+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 36.1.0
2025-06-03T22:42:01.914144+00:00 GitLab Importer Affected by VCID-1ay6-j864-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2022-36359.yml 36.1.0
2025-06-03T22:04:33.845247+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2021-44420.yml 36.1.0
2025-06-03T22:04:32.159102+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab None 36.1.0
2025-06-02T23:43:40.697464+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 36.1.2
2025-06-02T23:29:58.037558+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 36.1.2
2025-06-02T23:27:36.436695+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 36.1.2
2025-06-02T22:30:52.662575+00:00 GitLab Importer Affected by VCID-1ay6-j864-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2022-36359.yml 36.1.2
2025-06-02T21:51:09.720509+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2021-44420.yml 36.1.2
2025-06-02T21:51:07.813253+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab None 36.1.2
2025-04-03T22:26:33.505372+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 36.0.0
2025-04-03T21:59:49.870367+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 36.0.0
2025-04-03T21:54:48.788907+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 36.0.0
2025-04-03T20:12:30.742773+00:00 GitLab Importer Affected by VCID-1ay6-j864-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2022-36359.yml 36.0.0
2025-04-03T19:03:36.983931+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2021-44420.yml 36.0.0
2025-04-03T19:03:32.275298+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab None 36.0.0
2025-02-18T07:56:09.396024+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 35.1.0
2025-02-18T04:07:41.992679+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 35.1.0
2025-02-18T03:50:25.243000+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 35.1.0
2025-02-18T02:55:50.616099+00:00 GitLab Importer Affected by VCID-1ay6-j864-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2022-36359.yml 35.1.0
2025-02-18T00:30:36.732617+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab None 35.1.0
2025-02-18T00:30:36.267120+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2021-44420.yml 35.1.0
2025-01-17T02:39:59.324827+00:00 GHSA Importer Fixing VCID-93tt-u75s-aaab None 35.1.0
2024-11-21T18:28:40.955497+00:00 GHSA Importer Fixing VCID-93tt-u75s-aaab https://github.com/advisories/GHSA-v6rh-hp5x-86rv 35.0.0
2024-11-21T03:17:32.034163+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 35.0.0
2024-11-21T01:15:06.990033+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 35.0.0
2024-11-21T01:04:10.981274+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 35.0.0
2024-11-20T23:13:48.286978+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2021-44420.yml 35.0.0
2024-11-20T07:23:32.763814+00:00 GithubOSV Importer Fixing VCID-93tt-u75s-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/12/GHSA-v6rh-hp5x-86rv/GHSA-v6rh-hp5x-86rv.json 34.3.2
2024-11-19T03:07:09.470575+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 34.3.2
2024-11-19T00:53:14.732394+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 34.3.2
2024-11-18T23:01:25.720468+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2021-44420.yml 34.3.2
2024-10-17T02:05:43.134260+00:00 GHSA Importer Affected by VCID-dapt-wsva-ubfv https://github.com/advisories/GHSA-rrqc-c2jx-6jgv 34.0.2
2024-10-15T18:52:51.323191+00:00 GithubOSV Importer Fixing VCID-93tt-u75s-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/12/GHSA-v6rh-hp5x-86rv/GHSA-v6rh-hp5x-86rv.json 34.0.2
2024-10-08T03:43:43.139632+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 34.0.2
2024-10-08T01:24:07.860327+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 34.0.2
2024-10-08T00:00:28.168038+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2021-44420.yml 34.0.2
2024-10-07T22:05:27.368910+00:00 GHSA Importer Affected by VCID-3gge-bre2-aaac https://github.com/advisories/GHSA-xxj9-f6rv-m3x4 34.0.2
2024-10-07T20:43:27.713042+00:00 GHSA Importer Affected by VCID-1ay6-j864-aaaq https://github.com/advisories/GHSA-8x94-hmjh-97hq 34.0.2
2024-10-07T19:53:31.063522+00:00 GHSA Importer Fixing VCID-93tt-u75s-aaab https://github.com/advisories/GHSA-v6rh-hp5x-86rv 34.0.2
2024-09-23T03:30:56.141874+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 34.0.1
2024-09-23T01:29:02.258878+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 34.0.1
2024-09-22T22:33:00.108707+00:00 GHSA Importer Affected by VCID-3gge-bre2-aaac https://github.com/advisories/GHSA-xxj9-f6rv-m3x4 34.0.1
2024-09-22T21:22:14.802924+00:00 GHSA Importer Affected by VCID-1ay6-j864-aaaq https://github.com/advisories/GHSA-8x94-hmjh-97hq 34.0.1
2024-09-18T12:25:19.386041+00:00 Pypa Importer Fixing VCID-93tt-u75s-aaab https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2021-439.yaml 34.0.1
2024-09-18T09:02:24.893758+00:00 GithubOSV Importer Fixing VCID-93tt-u75s-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/12/GHSA-v6rh-hp5x-86rv/GHSA-v6rh-hp5x-86rv.json 34.0.1
2024-09-17T23:05:13.112081+00:00 PyPI Importer Fixing VCID-93tt-u75s-aaab https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.1
2024-09-17T22:26:40.778242+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2021-44420.yml 34.0.1
2024-09-17T22:15:27.143846+00:00 GHSA Importer Fixing VCID-93tt-u75s-aaab https://github.com/advisories/GHSA-v6rh-hp5x-86rv 34.0.1
2024-05-17T21:15:01.967267+00:00 GHSA Importer Affected by VCID-3gge-bre2-aaac https://github.com/advisories/GHSA-xxj9-f6rv-m3x4 34.0.0rc4
2024-04-24T06:16:44.620056+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 34.0.0rc4
2024-04-24T02:19:16.282781+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2021-44420.yml 34.0.0rc4
2024-04-24T02:19:15.786590+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab None 34.0.0rc4
2024-04-23T22:59:03.527905+00:00 GithubOSV Importer Fixing VCID-93tt-u75s-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/12/GHSA-v6rh-hp5x-86rv/GHSA-v6rh-hp5x-86rv.json 34.0.0rc4
2024-04-23T22:05:57.389569+00:00 GHSA Importer Fixing VCID-93tt-u75s-aaab https://github.com/advisories/GHSA-v6rh-hp5x-86rv 34.0.0rc4
2024-04-23T22:05:55.718338+00:00 GHSA Importer Fixing VCID-93tt-u75s-aaab None 34.0.0rc4
2024-01-10T04:53:47.740864+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2021-44420.yml 34.0.0rc2
2024-01-10T04:53:47.261938+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab None 34.0.0rc2
2024-01-10T00:02:51.895054+00:00 GHSA Importer Fixing VCID-93tt-u75s-aaab https://github.com/advisories/GHSA-v6rh-hp5x-86rv 34.0.0rc2
2024-01-10T00:02:50.139016+00:00 GHSA Importer Fixing VCID-93tt-u75s-aaab None 34.0.0rc2
2024-01-03T21:41:18.495606+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab None 34.0.0rc1
2024-01-03T19:48:14.611457+00:00 GHSA Importer Fixing VCID-93tt-u75s-aaab None 34.0.0rc1
2024-01-03T18:45:04.513017+00:00 PyPI Importer Fixing VCID-93tt-u75s-aaab https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc1
2024-01-03T18:30:37.159002+00:00 Pypa Importer Fixing VCID-93tt-u75s-aaab https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2021-439.yaml 34.0.0rc1
2024-01-03T17:52:39.629980+00:00 GitLab Importer Fixing VCID-93tt-u75s-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2021-44420.yml 34.0.0rc1
2024-01-03T17:45:29.652478+00:00 GHSA Importer Fixing VCID-93tt-u75s-aaab https://github.com/advisories/GHSA-v6rh-hp5x-86rv 34.0.0rc1