Search for packages
| purl | pkg:pypi/django@4.2.0 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-589h-ndhj-aaab
Aliases: BIT-2023-31047 BIT-django-2023-31047 CVE-2023-31047 GHSA-r3xc-prgr-mg9p PYSEC-0000-CVE-2023-31047 PYSEC-2023-61 |
Django bypasses validation when using one form field to upload multiple files |
Affected by 22 other vulnerabilities. |
|
VCID-fuhn-4eep-23b5
Aliases: BIT-django-2024-53908 CVE-2024-53908 GHSA-m9g8-fxxm-xg86 PYSEC-2024-157 |
Django SQL injection in HasKey(lhs, rhs) on Oracle |
Affected by 4 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-rwqv-shhz-aaag
Aliases: BIT-django-2023-46695 CVE-2023-46695 GHSA-qmf9-6jqf-j8fq PYSEC-2023-222 |
An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters. |
Affected by 18 other vulnerabilities. |
|
VCID-ucbd-zk38-aaae
Aliases: BIT-2023-36053 BIT-django-2023-36053 CVE-2023-36053 GHSA-jh3w-4vvf-mjgr PYSEC-0000-CVE-2023-36053 PYSEC-2023-100 |
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs. |
Affected by 21 other vulnerabilities. |
|
VCID-uzhs-cg7d-jycp
Aliases: BIT-django-2024-53907 CVE-2024-53907 GHSA-8498-2h75-472j PYSEC-2024-156 |
Django denial-of-service in django.utils.html.strip_tags() |
Affected by 4 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 5 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-01-17T02:47:55.194925+00:00 | GHSA Importer | Affected by | VCID-fuhn-4eep-23b5 | https://github.com/advisories/GHSA-m9g8-fxxm-xg86 | 35.1.0 |
| 2025-01-17T02:47:54.912503+00:00 | GHSA Importer | Affected by | VCID-uzhs-cg7d-jycp | https://github.com/advisories/GHSA-8498-2h75-472j | 35.1.0 |
| 2025-01-17T02:47:40.163221+00:00 | GHSA Importer | Affected by | VCID-ucbd-zk38-aaae | None | 35.1.0 |
| 2025-01-17T02:47:29.899549+00:00 | GHSA Importer | Affected by | VCID-589h-ndhj-aaab | None | 35.1.0 |
| 2025-01-16T23:28:59.694957+00:00 | GitLab Importer | Affected by | VCID-fuhn-4eep-23b5 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-53908.yml | 35.1.0 |
| 2025-01-16T23:28:59.600888+00:00 | GitLab Importer | Affected by | VCID-uzhs-cg7d-jycp | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2024-53907.yml | 35.1.0 |
| 2024-12-07T13:04:40.127364+00:00 | GHSA Importer | Affected by | VCID-fuhn-4eep-23b5 | https://github.com/advisories/GHSA-m9g8-fxxm-xg86 | 35.0.0 |
| 2024-12-07T13:04:37.112241+00:00 | GHSA Importer | Affected by | VCID-uzhs-cg7d-jycp | https://github.com/advisories/GHSA-8498-2h75-472j | 35.0.0 |
| 2024-09-17T22:13:42.754864+00:00 | GHSA Importer | Affected by | VCID-ucbd-zk38-aaae | https://github.com/advisories/GHSA-jh3w-4vvf-mjgr | 34.0.1 |
| 2024-01-03T17:43:52.980455+00:00 | GHSA Importer | Affected by | VCID-ucbd-zk38-aaae | https://github.com/advisories/GHSA-jh3w-4vvf-mjgr | 34.0.0rc1 |
| 2024-01-03T17:43:52.799586+00:00 | GHSA Importer | Affected by | VCID-589h-ndhj-aaab | https://github.com/advisories/GHSA-r3xc-prgr-mg9p | 34.0.0rc1 |
| 2024-01-03T17:43:43.697945+00:00 | GHSA Importer | Affected by | VCID-rwqv-shhz-aaag | https://github.com/advisories/GHSA-qmf9-6jqf-j8fq | 34.0.0rc1 |