Search for packages
Package details: pkg:pypi/django@4.1.11
purl pkg:pypi/django@4.1.11
Next non-vulnerable version 4.2.22
Latest non-vulnerable version 5.2.2
Risk 4.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-dapt-wsva-ubfv
Aliases:
CVE-2024-45231
GHSA-rrqc-c2jx-6jgv
An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers to enumerate user e-mail addresses by sending password reset requests and observing the outcome (only when e-mail sending is consistently failing).
4.2.16
Affected by 6 other vulnerabilities.
5.0.9
Affected by 5 other vulnerabilities.
5.1.1
Affected by 7 other vulnerabilities.
VCID-q4q6-yfng-aaag
Aliases:
BIT-django-2024-27351
CVE-2024-27351
GHSA-vm8q-m57g-pff3
PYSEC-2024-47
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665.
4.2.11
Affected by 16 other vulnerabilities.
5.0.3
Affected by 15 other vulnerabilities.
VCID-rwqv-shhz-aaag
Aliases:
BIT-django-2023-46695
CVE-2023-46695
GHSA-qmf9-6jqf-j8fq
PYSEC-2023-222
An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
4.1.13
Affected by 2 other vulnerabilities.
4.2.7
Affected by 18 other vulnerabilities.
VCID-spub-8snt-aaaq
Aliases:
BIT-django-2023-43665
CVE-2023-43665
GHSA-h8gc-pgj2-vjm3
PYSEC-2023-226
In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232.
4.1.12
Affected by 3 other vulnerabilities.
4.2.6
Affected by 19 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-d653-dvqd-aaaq In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters. BIT-django-2023-41164
CVE-2023-41164
GHSA-7h4p-27mh-hmrw
PYSEC-2023-225

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T17:09:17.448476+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 36.1.3
2025-06-20T16:55:13.866652+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 36.1.3
2025-06-20T16:47:22.563437+00:00 GitLab Importer Fixing VCID-d653-dvqd-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-41164.yml 36.1.3
2025-06-20T16:47:19.937852+00:00 GitLab Importer Affected by VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 36.1.3
2025-06-20T16:47:19.315703+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 36.1.3
2025-06-03T23:45:14.807802+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 36.1.0
2025-06-03T23:32:06.707400+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 36.1.0
2025-06-03T23:25:10.021025+00:00 GitLab Importer Fixing VCID-d653-dvqd-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-41164.yml 36.1.0
2025-06-03T23:25:07.348497+00:00 GitLab Importer Affected by VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 36.1.0
2025-06-03T23:25:06.867810+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 36.1.0
2025-06-02T23:43:40.812430+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 36.1.2
2025-06-02T23:29:58.160533+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 36.1.2
2025-06-02T23:22:40.616281+00:00 GitLab Importer Fixing VCID-d653-dvqd-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-41164.yml 36.1.2
2025-06-02T23:22:38.082062+00:00 GitLab Importer Affected by VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 36.1.2
2025-06-02T23:22:37.584688+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 36.1.2
2025-04-03T22:26:33.810026+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 36.0.0
2025-04-03T21:59:50.205207+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 36.0.0
2025-04-03T21:43:55.087304+00:00 GitLab Importer Fixing VCID-d653-dvqd-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-41164.yml 36.0.0
2025-04-03T21:43:49.981321+00:00 GitLab Importer Affected by VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 36.0.0
2025-04-03T21:43:49.133331+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 36.0.0
2025-02-18T04:07:42.291120+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 35.1.0
2025-02-18T03:50:25.545632+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 35.1.0
2025-02-18T03:40:30.716858+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 35.1.0
2025-02-18T03:37:44.719465+00:00 GitLab Importer Affected by VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 35.1.0
2025-02-18T03:36:24.401675+00:00 GitLab Importer Fixing VCID-d653-dvqd-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-41164.yml 35.1.0
2024-11-21T01:15:07.287133+00:00 GitLab Importer Affected by VCID-dapt-wsva-ubfv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-45231.yml 35.0.0
2024-11-21T01:04:11.250869+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 35.0.0
2024-11-21T00:59:12.015186+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 35.0.0
2024-11-21T00:57:59.913529+00:00 GitLab Importer Affected by VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 35.0.0
2024-11-21T00:57:21.859841+00:00 GitLab Importer Fixing VCID-d653-dvqd-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-41164.yml 35.0.0
2024-11-19T00:53:15.034048+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 34.3.2
2024-11-19T00:47:47.166546+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 34.3.2
2024-11-19T00:39:33.354937+00:00 GitLab Importer Affected by VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 34.3.2
2024-11-19T00:38:52.992950+00:00 GitLab Importer Fixing VCID-d653-dvqd-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-41164.yml 34.3.2
2024-10-17T02:05:43.460480+00:00 GHSA Importer Affected by VCID-dapt-wsva-ubfv https://github.com/advisories/GHSA-rrqc-c2jx-6jgv 34.0.2
2024-10-15T19:16:57.506406+00:00 GithubOSV Importer Fixing VCID-d653-dvqd-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-7h4p-27mh-hmrw/GHSA-7h4p-27mh-hmrw.json 34.0.2
2024-10-08T01:24:08.171672+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 34.0.2
2024-10-08T01:19:47.477444+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 34.0.2
2024-10-08T01:18:46.384171+00:00 GitLab Importer Affected by VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 34.0.2
2024-10-08T01:18:12.072773+00:00 GitLab Importer Fixing VCID-d653-dvqd-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-41164.yml 34.0.2
2024-10-07T21:46:12.624395+00:00 GHSA Importer Affected by VCID-rwqv-shhz-aaag https://github.com/advisories/GHSA-qmf9-6jqf-j8fq 34.0.2
2024-10-07T21:44:03.566426+00:00 GHSA Importer Affected by VCID-spub-8snt-aaaq https://github.com/advisories/GHSA-h8gc-pgj2-vjm3 34.0.2
2024-10-07T21:42:37.228472+00:00 GHSA Importer Fixing VCID-d653-dvqd-aaaq https://github.com/advisories/GHSA-7h4p-27mh-hmrw 34.0.2
2024-09-29T09:55:59.620406+00:00 GitLab Importer Affected by VCID-rwqv-shhz-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-46695.yml 34.0.1
2024-09-23T01:29:02.568727+00:00 GitLab Importer Affected by VCID-q4q6-yfng-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-27351.yml 34.0.1
2024-09-23T01:24:35.666767+00:00 GitLab Importer Affected by VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 34.0.1
2024-09-22T22:15:39.421673+00:00 GHSA Importer Affected by VCID-rwqv-shhz-aaag https://github.com/advisories/GHSA-qmf9-6jqf-j8fq 34.0.1
2024-09-22T22:13:34.834460+00:00 GHSA Importer Affected by VCID-spub-8snt-aaaq https://github.com/advisories/GHSA-h8gc-pgj2-vjm3 34.0.1
2024-09-18T12:06:12.894975+00:00 Pypa Importer Affected by VCID-rwqv-shhz-aaag https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2023-222.yaml 34.0.1
2024-09-18T12:06:09.052797+00:00 Pypa Importer Affected by VCID-spub-8snt-aaaq https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2023-226.yaml 34.0.1
2024-09-18T12:06:04.679426+00:00 Pypa Importer Fixing VCID-d653-dvqd-aaaq https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2023-225.yaml 34.0.1
2024-09-18T09:21:47.368905+00:00 GithubOSV Importer Fixing VCID-d653-dvqd-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-7h4p-27mh-hmrw/GHSA-7h4p-27mh-hmrw.json 34.0.1
2024-09-17T23:18:07.131633+00:00 PyPI Importer Affected by VCID-spub-8snt-aaaq https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.1
2024-09-17T23:18:06.755939+00:00 PyPI Importer Fixing VCID-d653-dvqd-aaaq https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.1
2024-09-17T23:18:05.000849+00:00 PyPI Importer Affected by VCID-rwqv-shhz-aaag https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.1
2024-09-17T22:26:44.428176+00:00 GitLab Importer Fixing VCID-d653-dvqd-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-41164.yml 34.0.1
2024-09-17T22:13:32.373793+00:00 GHSA Importer Fixing VCID-d653-dvqd-aaaq https://github.com/advisories/GHSA-7h4p-27mh-hmrw 34.0.1
2024-05-17T20:54:57.630375+00:00 GHSA Importer Affected by VCID-rwqv-shhz-aaag None 34.0.0rc4
2024-05-17T20:54:56.519127+00:00 GHSA Importer Affected by VCID-rwqv-shhz-aaag https://github.com/advisories/GHSA-qmf9-6jqf-j8fq 34.0.0rc4
2024-04-24T03:53:35.620944+00:00 GitLab Importer Affected by VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 34.0.0rc4
2024-04-24T03:51:56.886630+00:00 GitLab Importer Fixing VCID-d653-dvqd-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-41164.yml 34.0.0rc4
2024-04-24T00:50:11.314496+00:00 GHSA Importer Affected by VCID-spub-8snt-aaaq https://github.com/advisories/GHSA-h8gc-pgj2-vjm3 34.0.0rc4
2024-04-24T00:50:10.777928+00:00 GHSA Importer Affected by VCID-spub-8snt-aaaq None 34.0.0rc4
2024-04-24T00:47:15.827541+00:00 GHSA Importer Fixing VCID-d653-dvqd-aaaq https://github.com/advisories/GHSA-7h4p-27mh-hmrw 34.0.0rc4
2024-04-24T00:47:14.645250+00:00 GHSA Importer Fixing VCID-d653-dvqd-aaaq None 34.0.0rc4
2024-04-23T23:13:53.412483+00:00 GithubOSV Importer Fixing VCID-d653-dvqd-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-7h4p-27mh-hmrw/GHSA-7h4p-27mh-hmrw.json 34.0.0rc4
2024-04-23T17:47:50.077093+00:00 PyPI Importer Affected by VCID-rwqv-shhz-aaag https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc4
2024-01-10T06:34:36.064904+00:00 GitLab Importer Affected by VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 34.0.0rc2
2024-01-10T06:33:51.123513+00:00 GitLab Importer Fixing VCID-d653-dvqd-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-41164.yml 34.0.0rc2
2024-01-10T03:02:37.558641+00:00 GHSA Importer Affected by VCID-rwqv-shhz-aaag None 34.0.0rc2
2024-01-10T03:02:36.670087+00:00 GHSA Importer Affected by VCID-rwqv-shhz-aaag https://github.com/advisories/GHSA-qmf9-6jqf-j8fq 34.0.0rc2
2024-01-10T02:56:48.278159+00:00 GHSA Importer Affected by VCID-spub-8snt-aaaq https://github.com/advisories/GHSA-h8gc-pgj2-vjm3 34.0.0rc2
2024-01-10T02:56:47.741420+00:00 GHSA Importer Affected by VCID-spub-8snt-aaaq None 34.0.0rc2
2024-01-10T02:53:59.041964+00:00 GHSA Importer Fixing VCID-d653-dvqd-aaaq https://github.com/advisories/GHSA-7h4p-27mh-hmrw 34.0.0rc2
2024-01-10T02:53:57.739992+00:00 GHSA Importer Fixing VCID-d653-dvqd-aaaq None 34.0.0rc2
2024-01-03T23:20:55.261255+00:00 GitLab Importer Affected by VCID-spub-8snt-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-43665.yml 34.0.0rc1
2024-01-03T18:54:27.335886+00:00 PyPI Importer Fixing VCID-d653-dvqd-aaaq https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc1
2024-01-03T18:54:25.846016+00:00 PyPI Importer Affected by VCID-spub-8snt-aaaq https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc1
2024-01-03T18:54:24.745252+00:00 PyPI Importer Affected by VCID-rwqv-shhz-aaag https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 34.0.0rc1
2024-01-03T18:30:55.376203+00:00 Pypa Importer Affected by VCID-spub-8snt-aaaq https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2023-226.yaml 34.0.0rc1
2024-01-03T18:30:27.996256+00:00 Pypa Importer Affected by VCID-rwqv-shhz-aaag https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2023-222.yaml 34.0.0rc1
2024-01-03T18:30:18.350813+00:00 Pypa Importer Fixing VCID-d653-dvqd-aaaq https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2023-225.yaml 34.0.0rc1
2024-01-03T17:52:42.791996+00:00 GitLab Importer Fixing VCID-d653-dvqd-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2023-41164.yml 34.0.0rc1
2024-01-03T17:43:43.608663+00:00 GHSA Importer Fixing VCID-d653-dvqd-aaaq https://github.com/advisories/GHSA-7h4p-27mh-hmrw 34.0.0rc1