Homepage

py3-django vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the py3-django package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
Improper Output Neutralization for Logs

<4.2.22-r0
  • L
CVE-2024-53908

<4.2.20-r0
  • L
CVE-2025-26699

<4.2.20-r0
  • L
CVE-2024-39614

<4.2.16-r0
  • H
Improper Input Validation

<3.2.12-r0
  • M
Directory Traversal

<3.2.12-r0
  • L
CVE-2024-38875

<4.2.16-r0
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<3.2.12-r0
  • M
Cross-site Scripting (XSS)

<3.0.7-r0
  • M
Directory Traversal

<3.1.6-r0
  • M
HTTP Request Smuggling

<3.1.7-r0
  • H
Allocation of Resources Without Limits or Throttling

<1.11.19-r0
  • H
CVE-2021-45115

<3.2.12-r0
  • M
Cross-site Scripting (XSS)

<1.11.21-r0
  • H
Improper Validation of Specified Quantity in Input

<4.2.5-r0
  • L
CVE-2025-32873

<4.2.21-r0
  • L
CVE-2024-39329

<4.2.16-r0
  • H
SQL Injection

<4.2.16-r0
  • C
SQL Injection

<3.1.13-r0
  • H
Resource Exhaustion

<1.11.23-r0
  • H
Uncontrolled Recursion

<1.11.23-r0
  • H
Information Exposure

<1.11.10-r0
  • M
Open Redirect

<1.10.7-r0
  • M
Directory Traversal

<3.1.13-r0
  • H
Improper Validation of Specified Quantity in Input

<4.2.16-r0
  • H
CVE-2024-45230

<4.2.16-r0
  • H
Allocation of Resources Without Limits or Throttling

<3.2.17-r0
  • H
CVE-2022-41323

<3.2.16-r0
  • M
Cross-site Scripting (XSS)

<3.2.12-r0
  • H
CVE-2021-44420

<3.2.12-r0
  • H
Download of Code Without Integrity Check

<3.2.15-r0
  • C
SQL Injection

<1.11.23-r0
  • L
CVE-2024-27351

<4.2.11-r0
  • M
Cross-site Scripting (XSS)

<1.11.5-r0
  • M
Open Redirect

<1.10.7-r0
  • H
CVE-2024-41990

<4.2.16-r0
  • C
SQL Injection

<3.2.14-r0
  • H
Improper Validation of Specified Quantity in Input

<4.2.6-r0
  • H
CVE-2024-41989

<4.2.16-r0
  • H
SQL Injection

<1.11.29-r0
  • M
Improper Input Validation

<1.11.18-r0
  • H
Server-Side Request Forgery (SSRF)

<3.1.13-r0
  • H
Incorrect Default Permissions

<3.1.1-r0
  • C
SQL Injection

<3.2.13-r0
  • C
SQL Injection

<3.2.13-r0
  • H
Resource Exhaustion

<1.11.23-r0
  • M
Open Redirect

<1.11.15-r0
  • M
Cleartext Transmission of Sensitive Information

<1.11.22-r0
  • H
Access Restriction Bypass

<1.8.16-r0
  • C
Use of Hard-coded Credentials

<1.8.16-r0
  • L
CVE-2024-56374

<4.2.20-r0
  • L
CVE-2024-53907

<4.2.20-r0
  • L
CVE-2024-39330

<4.2.16-r0
  • M
CVE-2024-45231

<4.2.16-r0
  • H
Resource Exhaustion

<3.2.18-r0
  • M
Directory Traversal

<3.1.8-r0
  • C
Weak Password Recovery Mechanism for Forgotten Password

<1.11.27-r0
  • H
Incorrect Default Permissions

<3.1.1-r0
  • M
Incorrect Regular Expression

<1.11.11-r0
  • C
SQL Injection

<1.11.28-r0
  • M
Incorrect Regular Expression

<1.11.11-r0
  • M
Improper Certificate Validation

<3.0.7-r0