Homepage

python-django vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the python-django package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2024-53908

<3:4.2.17-1
  • L
CVE-2024-53907

<3:4.2.17-1
  • H
CVE-2024-45230

<3:4.2.16-1
  • M
CVE-2024-45231

<3:4.2.16-1
  • H
CVE-2024-41990

<3:4.2.15-1
  • H
SQL Injection

<3:4.2.15-1
  • H
Improper Validation of Specified Quantity in Input

<3:4.2.15-1
  • H
CVE-2024-41989

<3:4.2.15-1
  • L
CVE-2024-39330

<3:4.2.14-1
  • L
CVE-2024-39329

<3:4.2.14-1
  • L
CVE-2024-39614

<3:4.2.14-1
  • L
CVE-2024-38875

<3:4.2.14-1
  • L
CVE-2024-27351

<3:4.2.11-1
  • H
CVE-2024-24680

<3:4.2.10-1
  • H
Improper Validation of Specified Quantity in Input

<3:4.2.6-1
  • H
Improper Validation of Specified Quantity in Input

<3:3.2.21-1
  • H
Inefficient Regular Expression Complexity

<3:3.2.20-1
  • C
Improper Input Validation

<3:3.2.19-1
  • H
Resource Exhaustion

<3:3.2.18-1
  • H
Allocation of Resources Without Limits or Throttling

<3:3.2.17-1
  • H
CVE-2022-41323

<3:3.2.16-1
  • H
Download of Code Without Integrity Check

<3:3.2.15-1
  • C
SQL Injection

<2:4.0.6-1
  • C
SQL Injection

<2:3.2.13-1
  • C
SQL Injection

<2:3.2.13-1
  • M
Cross-site Scripting (XSS)

<2:3.2.12-1
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<2:3.2.12-1
  • H
CVE-2021-45115

<2:3.2.11-1
  • M
Directory Traversal

<2:3.2.11-1
  • H
Improper Input Validation

<2:3.2.11-1
  • H
CVE-2021-44420

<2:3.2.10-1
  • H
Server-Side Request Forgery (SSRF)

<2:2.2.24-1
  • M
Directory Traversal

<2:2.2.24-1
  • L
Cross-site Scripting (XSS)

<2:2.2.22-1
  • H
Unrestricted Upload of File with Dangerous Type

<2:2.2.21-1
  • M
Directory Traversal

<2:2.2.20-1
  • M
HTTP Request Smuggling

<2:2.2.19-1
  • M
Directory Traversal

<2:2.2.18-1
  • H
Incorrect Default Permissions

<2:2.2.16-1
  • H
Incorrect Default Permissions

<2:2.2.16-1
  • M
Cross-site Scripting (XSS)

<2:2.2.13-1
  • M
Improper Certificate Validation

<2:2.2.13-1
  • L
SQL Injection

<2:2.2.11-1
  • C
SQL Injection

<2:2.2.10-1
  • C
Weak Password Recovery Mechanism for Forgotten Password

<2:2.2.9-1
  • M
Incorrect Default Permissions

<2:2.2.8-1
  • H
Resource Exhaustion

<2:2.2.4-1
  • C
SQL Injection

<2:2.2.4-1
  • H
Resource Exhaustion

<2:2.2.4-1
  • H
Uncontrolled Recursion

<2:2.2.4-1
  • M
Cleartext Transmission of Sensitive Information

<1:1.11.22-1
  • M
Cross-site Scripting (XSS)

<1:1.11.21-1
  • L
Allocation of Resources Without Limits or Throttling

<1:1.11.20-1
  • M
Improper Input Validation

<1:1.11.18-1
  • M
Open Redirect

<1:1.11.15-1
  • M
Incorrect Regular Expression

<1:1.11.11-1
  • M
Incorrect Regular Expression

<1:1.11.11-1
  • H
Information Exposure

<1:1.11.10-1
  • L
Cross-site Scripting (XSS)

<1:1.11.5-1
  • M
Open Redirect

<1:1.10.7-1
  • M
Open Redirect

<1:1.10.7-1
  • H
Access Restriction Bypass

<1:1.10.3-1
  • C
Use of Hard-coded Credentials

<1:1.10.3-1
  • L
Security Features

<1:1.10-1
  • M
Cross-site Scripting (XSS)

<1:1.9.8-1
  • L
Information Exposure

<1.9.4-1
  • H
Cross-site Scripting (XSS)

<1.9.4-1
  • M
Improper Access Control

<1.9.2-1
  • M
Information Exposure

<1.8.7-1
  • M
Resource Management Errors

<1.7.10-1
  • M
Resource Management Errors

<1.7.10-1
  • M
Improper Input Validation

<1.7.9-1
  • H
Resource Management Errors

<1.7.9-1
  • M
Cross-site Scripting (XSS)

<1.7.7-1
  • M
Resource Management Errors

<1.7.7-1
  • M
Cross-site Scripting (XSS)

<1.7.6-1
  • M
Resource Management Errors

<1.7.1-1.1
  • M
Code

<1.7.1-1.1
  • M
Cross-site Scripting (XSS)

<1.7.1-1.1
  • M
Code

<1.7.1-1.1
  • M
Improper Input Validation

<1.6.6-1
  • M
Resource Management Errors

<1.6.6-1
  • L
Access Restriction Bypass

<1.6.6-1
  • M
Improper Authentication

<1.6.6-1
  • M
Improper Input Validation

<1.6.5-1
  • M
CVE-2014-1418

<1.6.5-1
  • C
Resource Management Errors

<1.6.3-1
  • M
Arbitrary Code Injection

<1.6.3-1
  • M
Access Restriction Bypass

<1.6.3-1
  • M
Cross-site Scripting (XSS)

<1.5.2-1
  • M
Cross-site Scripting (XSS)

<1.5.2-1
  • M
Improper Authentication

<1.5.4-1
  • M
Directory Traversal

<1.5.3-1
  • M
Numeric Errors

<1.4.4-1
  • M
Information Exposure

<1.4.4-1
  • M
Information Exposure

<1.4.4-1
  • M
Improper Input Validation

<1.4.2-1
  • M
Cross-site Scripting (XSS)

<1.4.1-1
  • M
Out-of-Bounds

<1.4.1-1
  • M
Improper Input Validation

<1.4.1-1
  • M
Resource Management Errors

<1.3.1-1
  • M
Improper Input Validation

<1.3.1-1
  • M
Improper Input Validation

<1.3.1-1
  • M
Improper Input Validation

<1.3.1-1
  • M
Cross-site Request Forgery (CSRF)

<1.3.1-1
  • M
Cross-site Request Forgery (CSRF)

<1.2.5-1
  • M
Cross-site Scripting (XSS)

<1.2.5-1
  • M
Improper Input Validation

<1.2.4-1
  • M
Access Restriction Bypass

<1.2.4-1
  • L
Cross-site Scripting (XSS)

<1.2.3-1
  • M
CVE-2009-3695

<1.1.1-1
  • L
Directory Traversal

<1.1-1
  • M
Cross-site Request Forgery (CSRF)

<1.0-1
  • L
Cross-site Scripting (XSS)

<0.96.2-1
  • L
Cross-site Request Forgery (CSRF)

<1.2.1
  • L
Resource Management Errors

<0.96-1.1
  • M
CVE-2007-0405

<0.95.1-1
  • H
CVE-2007-0404

<0.95.1-1