Search for packages
| purl | pkg:pypi/django@5.0a1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-zdny-8vuh-9ycv
Aliases: CVE-2025-48432 GHSA-7xr5-9hcq-chf9 PYSEC-2025-47 |
An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2.22. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are viewed in terminals or processed by external systems. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-4c4n-p117-sqcv | django: Potential denial-of-service vulnerability in django.utils.text.wrap() |
BIT-django-2025-26699
CVE-2025-26699 GHSA-p3fp-8748-vqfq PYSEC-2025-13 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-20T17:17:29.191850+00:00 | GitLab Importer | Fixing | VCID-4c4n-p117-sqcv | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2025-26699.yml | 36.1.3 |
| 2025-06-06T22:24:34.417198+00:00 | GHSA Importer | Affected by | VCID-zdny-8vuh-9ycv | https://github.com/advisories/GHSA-7xr5-9hcq-chf9 | 36.1.0 |
| 2025-06-03T23:52:36.908009+00:00 | GitLab Importer | Fixing | VCID-4c4n-p117-sqcv | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2025-26699.yml | 36.1.0 |
| 2025-06-02T23:51:26.711032+00:00 | GitLab Importer | Fixing | VCID-4c4n-p117-sqcv | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2025-26699.yml | 36.1.2 |
| 2025-04-09T00:22:46.832565+00:00 | GitLab Importer | Fixing | VCID-4c4n-p117-sqcv | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Django/CVE-2025-26699.yml | 36.0.0 |