Search for packages
| purl | pkg:pypi/django@4.2.22 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-zdny-8vuh-9ycv | An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2.22. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are viewed in terminals or processed by external systems. |
CVE-2025-48432
GHSA-7xr5-9hcq-chf9 PYSEC-2025-47 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-06T22:24:34.436444+00:00 | GHSA Importer | Fixing | VCID-zdny-8vuh-9ycv | https://github.com/advisories/GHSA-7xr5-9hcq-chf9 | 36.1.0 |
| 2025-06-06T20:19:01.608352+00:00 | GithubOSV Importer | Fixing | VCID-zdny-8vuh-9ycv | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/06/GHSA-7xr5-9hcq-chf9/GHSA-7xr5-9hcq-chf9.json | 36.1.0 |
| 2025-06-05T14:51:44.677935+00:00 | PyPI Importer | Fixing | VCID-zdny-8vuh-9ycv | https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip | 36.1.0 |
| 2025-06-05T11:19:58.640387+00:00 | Pypa Importer | Fixing | VCID-zdny-8vuh-9ycv | https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2025-47.yaml | 36.1.0 |