py3-django | Snyk

Direct Vulnerabilities

Known vulnerabilities in the py3-django package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M CVE-2026-8404	<5.2.15-r0
L CVE-2026-7666	<5.2.15-r0
L CVE-2026-35193	<5.2.15-r0
M CVE-2026-6873	<5.2.15-r0
M CVE-2026-48587	<5.2.15-r0
L CVE-2026-33034	<5.2.13-r0
L CVE-2026-4277	<5.2.13-r0
L CVE-2026-33033	<5.2.13-r0
M CVE-2026-35192	<5.2.14-r0
L CVE-2026-3902	<5.2.13-r0
L CVE-2026-5766	<5.2.14-r0
M CVE-2026-6907	<5.2.14-r0
L CVE-2026-1285	<4.2.28-r0
L CVE-2025-14550	<4.2.28-r0
H SQL Injection	<4.2.24-r0
H CVE-2024-41989	<4.2.16-r0
H CVE-2024-41990	<4.2.16-r0
M CVE-2024-45231	<4.2.16-r0
C SQL Injection	<3.2.13-r0
M Improper Output Neutralization for Logs	<4.2.22-r0
L CVE-2024-38875	<4.2.16-r0
H Resource Exhaustion	<1.11.23-r0
M Cross-site Scripting (XSS)	<3.0.7-r0
M Cross-site Scripting (XSS)	<1.11.21-r0
H CVE-2021-44420	<3.2.12-r0
L CVE-2025-13372	<4.2.27-r0
H Allocation of Resources Without Limits or Throttling	<1.11.19-r0
L CVE-2025-64460	<4.2.27-r0
M CVE-2025-32873	<4.2.21-r0
H Allocation of Resources Without Limits or Throttling	<3.2.17-r0
H Incorrect Default Permissions	<3.1.1-r0
H Improper Input Validation	<3.2.12-r0
H Resource Exhaustion	<1.11.23-r0
L CVE-2024-53908	<4.2.20-r0
M Cross-site Scripting (XSS)	<3.2.12-r0
M Incorrect Regular Expression	<1.11.11-r0
H Resource Exhaustion	<3.2.18-r0
M Directory Traversal	<4.2.25-r0
C SQL Injection	<4.2.25-r0
L CVE-2026-1207	<4.2.28-r0
H CVE-2024-56374	<4.2.20-r0
H CVE-2021-45115	<3.2.12-r0
M Improper Certificate Validation	<3.0.7-r0
M Directory Traversal	<3.2.12-r0
H SQL Injection	<1.11.29-r0
L CVE-2024-53907	<4.2.20-r0
C SQL Injection	<1.11.28-r0
C Use of Hard-coded Credentials	<1.8.16-r0
H Improper Validation of Specified Quantity in Input	<4.2.5-r0
L CVE-2026-1287	<4.2.28-r0
H Improper Validation of Specified Quantity in Input	<4.2.6-r0
L CVE-2024-39330	<4.2.16-r0
H CVE-2025-26699	<4.2.20-r0
L CVE-2026-1312	<4.2.28-r0
C SQL Injection	<3.2.13-r0
H Incorrect Default Permissions	<3.1.1-r0
C Weak Password Recovery Mechanism for Forgotten Password	<1.11.27-r0
M Directory Traversal	<3.1.13-r0
C SQL Injection	<1.11.23-r0
C SQL Injection	<3.2.14-r0
H SQL Injection	<4.2.16-r0
L CVE-2024-39614	<4.2.16-r0
M Open Redirect	<1.11.15-r0
M Incorrect Regular Expression	<1.11.11-r0
M Improper Input Validation	<1.11.18-r0
H CVE-2024-45230	<4.2.16-r0
L CVE-2026-4292	<5.2.13-r0
H Improper Validation of Specified Quantity in Input	<4.2.16-r0
H Download of Code Without Integrity Check	<3.2.15-r0
H CVE-2022-41323	<3.2.16-r0
H Uncontrolled Recursion	<1.11.23-r0
C SQL Injection	<3.1.13-r0
M Cleartext Transmission of Sensitive Information	<1.11.22-r0
M Open Redirect	<1.10.7-r0
H Server-Side Request Forgery (SSRF)	<3.1.13-r0
H Information Exposure	<1.11.10-r0
L CVE-2025-64458	<4.2.26-r0
L CVE-2024-39329	<4.2.16-r0
L CVE-2025-13473	<4.2.28-r0
H Loop with Unreachable Exit Condition ('Infinite Loop')	<3.2.12-r0
L CVE-2025-64459	<4.2.26-r0
L CVE-2024-27351	<4.2.11-r0
M Directory Traversal	<3.1.6-r0
M HTTP Request Smuggling	<3.1.7-r0
H Access Restriction Bypass	<1.8.16-r0
M Open Redirect	<1.10.7-r0
M Cross-site Scripting (XSS)	<1.11.5-r0
M Directory Traversal	<3.1.8-r0

Vulnerability

Vulnerable Version

CVE-2026-8404

<5.2.15-r0