Search for packages
Package details: pkg:pypi/django@3.2.22
purl pkg:pypi/django@3.2.22
Next non-vulnerable version 4.2.22
Latest non-vulnerable version 5.2.2
Risk 4.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-3gge-bre2-aaac
Aliases:
BIT-django-2024-24680
CVE-2024-24680
GHSA-xxj9-f6rv-m3x4
PYSEC-2024-28
An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.
3.2.24
Affected by 2 other vulnerabilities.
4.2.10
Affected by 17 other vulnerabilities.
5.0.2
Affected by 16 other vulnerabilities.
VCID-dapt-wsva-ubfv
Aliases:
CVE-2024-45231
GHSA-rrqc-c2jx-6jgv
An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers to enumerate user e-mail addresses by sending password reset requests and observing the outcome (only when e-mail sending is consistently failing).
4.2.16
Affected by 6 other vulnerabilities.
5.0.9
Affected by 5 other vulnerabilities.
5.1.1
Affected by 7 other vulnerabilities.
VCID-q4q6-yfng-aaag
Aliases:
BIT-django-2024-27351
CVE-2024-27351
GHSA-vm8q-m57g-pff3
PYSEC-2024-47
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665.
3.2.25
Affected by 1 other vulnerability.
4.2.11
Affected by 16 other vulnerabilities.
5.0.3
Affected by 15 other vulnerabilities.
VCID-rwqv-shhz-aaag
Aliases:
BIT-django-2023-46695
CVE-2023-46695
GHSA-qmf9-6jqf-j8fq
PYSEC-2023-222
An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
3.2.23
Affected by 3 other vulnerabilities.
4.1.13
Affected by 2 other vulnerabilities.
4.2.7
Affected by 18 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-spub-8snt-aaaq In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232. BIT-django-2023-43665
CVE-2023-43665
GHSA-h8gc-pgj2-vjm3
PYSEC-2023-226

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T17:09:17.387901+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 36.1.3
2025-06-20T16:55:13.805825+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 36.1.3
2025-06-20T16:52:35.116075+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 36.1.3
2025-06-20T16:47:19.902726+00:00 GitLab Importer Fixing VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 36.1.3
2025-06-20T16:47:19.269832+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 36.1.3
2025-06-03T23:45:14.758118+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 36.1.0
2025-06-03T23:32:06.654989+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 36.1.0
2025-06-03T23:29:52.879187+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 36.1.0
2025-06-03T23:25:07.316006+00:00 GitLab Importer Fixing VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 36.1.0
2025-06-03T23:25:06.825162+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 36.1.0
2025-06-02T23:43:40.750193+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 36.1.2
2025-06-02T23:29:58.092176+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 36.1.2
2025-06-02T23:27:34.169626+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 36.1.2
2025-06-02T23:22:38.052867+00:00 GitLab Importer Fixing VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 36.1.2
2025-06-02T23:22:37.540630+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 36.1.2
2025-04-03T22:26:33.643581+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 36.0.0
2025-04-03T21:59:50.020855+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 36.0.0
2025-04-03T21:54:42.967401+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 36.0.0
2025-04-03T21:43:49.894884+00:00 GitLab Importer Fixing VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 36.0.0
2025-04-03T21:43:49.019187+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 36.0.0
2025-02-18T04:07:42.131183+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 35.1.0
2025-02-18T03:50:25.378590+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 35.1.0
2025-02-18T03:48:16.516060+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 35.1.0
2025-02-18T03:40:30.605634+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 35.1.0
2025-02-18T03:37:44.606588+00:00 GitLab Importer Fixing VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 35.1.0
2024-11-21T01:15:07.127069+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 35.0.0
2024-11-21T01:04:11.101330+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 35.0.0
2024-11-21T01:03:05.265294+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 35.0.0
2024-11-21T00:59:11.904173+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 35.0.0
2024-11-21T00:57:59.799437+00:00 GitLab Importer Fixing VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 35.0.0
2024-11-20T07:28:47.599025+00:00 GithubOSV Importer Fixing VCID-spub-8snt-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-h8gc-pgj2-vjm3/GHSA-h8gc-pgj2-vjm3.json 34.3.2
2024-11-19T19:44:41.860598+00:00 GHSA Importer Fixing VCID-spub-8snt-aaaq https://github.com/advisories/GHSA-h8gc-pgj2-vjm3 34.3.2
2024-11-19T00:53:14.868426+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 34.3.2
2024-11-19T00:52:08.463906+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 34.3.2
2024-11-19T00:47:47.056220+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 34.3.2
2024-11-19T00:39:33.240144+00:00 GitLab Importer Fixing VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 34.3.2
2024-10-17T02:05:43.286917+00:00 GHSA Importer Affected by VCID-dapt-wsva-ubfv https://github.com/advisories/GHSA-rrqc-c2jx-6jgv 34.0.2
2024-10-15T19:17:05.238662+00:00 GithubOSV Importer Fixing VCID-spub-8snt-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-h8gc-pgj2-vjm3/GHSA-h8gc-pgj2-vjm3.json 34.0.2
2024-10-08T01:24:07.999266+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 34.0.2
2024-10-08T01:23:07.847373+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 34.0.2
2024-10-08T01:19:47.365887+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 34.0.2
2024-10-08T01:18:46.285241+00:00 GitLab Importer Fixing VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 34.0.2
2024-10-07T22:07:48.154246+00:00 GHSA Importer Affected by VCID-q4q6-yfng-aaag https://github.com/advisories/GHSA-vm8q-m57g-pff3 34.0.2
2024-10-07T22:05:27.554297+00:00 GHSA Importer Affected by VCID-3gge-bre2-aaac https://github.com/advisories/GHSA-xxj9-f6rv-m3x4 34.0.2
2024-10-07T21:46:13.209505+00:00 GHSA Importer Affected by VCID-rwqv-shhz-aaag https://github.com/advisories/GHSA-qmf9-6jqf-j8fq 34.0.2
2024-10-07T21:44:02.659352+00:00 GHSA Importer Fixing VCID-spub-8snt-aaaq https://github.com/advisories/GHSA-h8gc-pgj2-vjm3 34.0.2
2024-09-29T09:55:59.512037+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 34.0.1
2024-09-23T03:30:56.272114+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 34.0.1
2024-09-23T01:29:02.391149+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 34.0.1
2024-09-22T22:35:01.810345+00:00 GHSA Importer Affected by VCID-q4q6-yfng-aaag https://github.com/advisories/GHSA-vm8q-m57g-pff3 34.0.1
2024-09-22T22:33:00.241740+00:00 GHSA Importer Affected by VCID-3gge-bre2-aaac https://github.com/advisories/GHSA-xxj9-f6rv-m3x4 34.0.1
2024-09-22T22:15:40.007159+00:00 GHSA Importer Affected by VCID-rwqv-shhz-aaag https://github.com/advisories/GHSA-qmf9-6jqf-j8fq 34.0.1
2024-09-18T12:06:36.199630+00:00 Pypa Importer Affected by VCID-q4q6-yfng-aaag https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2024-47.yaml 34.0.1
2024-09-18T12:06:33.603486+00:00 Pypa Importer Affected by VCID-3gge-bre2-aaac https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2024-28.yaml 34.0.1
2024-09-18T12:06:12.837080+00:00 Pypa Importer Affected by VCID-rwqv-shhz-aaag https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2023-222.yaml 34.0.1
2024-09-18T12:06:09.418486+00:00 Pypa Importer Fixing VCID-spub-8snt-aaaq https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2023-226.yaml 34.0.1
2024-09-18T09:21:45.265672+00:00 GithubOSV Importer Fixing VCID-spub-8snt-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-h8gc-pgj2-vjm3/GHSA-h8gc-pgj2-vjm3.json 34.0.1
2024-09-17T23:19:31.687060+00:00 PyPI Importer Affected by VCID-q4q6-yfng-aaag https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.1
2024-09-17T23:19:16.869104+00:00 PyPI Importer Affected by VCID-3gge-bre2-aaac https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.1
2024-09-17T23:18:07.166200+00:00 PyPI Importer Fixing VCID-spub-8snt-aaaq https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.1
2024-09-17T23:18:04.940994+00:00 PyPI Importer Affected by VCID-rwqv-shhz-aaag https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.1
2024-09-17T22:26:51.390533+00:00 GitLab Importer Fixing VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 34.0.1
2024-09-17T22:13:32.278836+00:00 GHSA Importer Fixing VCID-spub-8snt-aaaq https://github.com/advisories/GHSA-h8gc-pgj2-vjm3 34.0.1
2024-05-18T00:34:26.284702+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 34.0.0rc4
2024-05-17T21:17:36.118369+00:00 GHSA Importer Affected by VCID-q4q6-yfng-aaag https://github.com/advisories/GHSA-vm8q-m57g-pff3 34.0.0rc4
2024-05-17T21:15:02.096306+00:00 GHSA Importer Affected by VCID-3gge-bre2-aaac https://github.com/advisories/GHSA-xxj9-f6rv-m3x4 34.0.0rc4
2024-05-17T20:54:58.338422+00:00 GHSA Importer Affected by VCID-rwqv-shhz-aaag https://github.com/advisories/GHSA-qmf9-6jqf-j8fq 34.0.0rc4
2024-05-17T20:54:57.991997+00:00 GHSA Importer Affected by VCID-rwqv-shhz-aaag None 34.0.0rc4
2024-04-24T06:16:44.772297+00:00 GitLab Importer Affected by VCID-3gge-bre2-aaac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-24680.yml 34.0.0rc4
2024-04-24T03:53:35.528396+00:00 GitLab Importer Fixing VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 34.0.0rc4
2024-04-24T00:50:12.524429+00:00 GHSA Importer Fixing VCID-spub-8snt-aaaq None 34.0.0rc4
2024-04-24T00:50:11.923895+00:00 GHSA Importer Fixing VCID-spub-8snt-aaaq https://github.com/advisories/GHSA-h8gc-pgj2-vjm3 34.0.0rc4
2024-04-23T23:13:51.338006+00:00 GithubOSV Importer Fixing VCID-spub-8snt-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-h8gc-pgj2-vjm3/GHSA-h8gc-pgj2-vjm3.json 34.0.0rc4
2024-04-23T17:48:00.990889+00:00 PyPI Importer Affected by VCID-q4q6-yfng-aaag https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc4
2024-04-23T17:47:54.721525+00:00 PyPI Importer Affected by VCID-3gge-bre2-aaac https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc4
2024-04-23T17:47:50.020013+00:00 PyPI Importer Affected by VCID-rwqv-shhz-aaag https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc4
2024-04-23T17:44:25.093761+00:00 Pypa Importer Affected by VCID-q4q6-yfng-aaag https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2024-47.yaml 34.0.0rc4
2024-02-07T01:56:03.507788+00:00 PyPI Importer Affected by VCID-3gge-bre2-aaac https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc2
2024-02-07T01:55:37.572066+00:00 Pypa Importer Affected by VCID-3gge-bre2-aaac https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2024-28.yaml 34.0.0rc2
2024-01-10T06:34:35.980298+00:00 GitLab Importer Fixing VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 34.0.0rc2
2024-01-10T03:02:38.218857+00:00 GHSA Importer Affected by VCID-rwqv-shhz-aaag https://github.com/advisories/GHSA-qmf9-6jqf-j8fq 34.0.0rc2
2024-01-10T03:02:37.889525+00:00 GHSA Importer Affected by VCID-rwqv-shhz-aaag None 34.0.0rc2
2024-01-10T02:56:49.457578+00:00 GHSA Importer Fixing VCID-spub-8snt-aaaq None 34.0.0rc2
2024-01-10T02:56:48.882152+00:00 GHSA Importer Fixing VCID-spub-8snt-aaaq https://github.com/advisories/GHSA-h8gc-pgj2-vjm3 34.0.0rc2
2024-01-03T18:54:25.879501+00:00 PyPI Importer Fixing VCID-spub-8snt-aaaq https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc1
2024-01-03T18:54:24.687464+00:00 PyPI Importer Affected by VCID-rwqv-shhz-aaag https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc1
2024-01-03T18:30:55.409394+00:00 Pypa Importer Fixing VCID-spub-8snt-aaaq https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2023-226.yaml 34.0.0rc1
2024-01-03T18:30:27.939411+00:00 Pypa Importer Affected by VCID-rwqv-shhz-aaag https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2023-222.yaml 34.0.0rc1
2024-01-03T17:52:48.712670+00:00 GitLab Importer Fixing VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 34.0.0rc1
2024-01-03T17:43:43.508226+00:00 GHSA Importer Fixing VCID-spub-8snt-aaaq https://github.com/advisories/GHSA-h8gc-pgj2-vjm3 34.0.0rc1