python3-django vulnerabilities

Known vulnerabilities in the python3-django package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Information Exposure	<0:2.2.18-1.el7pc
M Missing Authorization	<0:2.2.18-1.el7pc
M Information Exposure Through Log Files	<0:2.2.18-1.el7pc
M Cleartext Transmission of Sensitive Information	<0:2.2.24-1.el7pc
M Cleartext Transmission of Sensitive Information	<0:2.2.24-1.el7pc
M Information Exposure	<0:2.2.24-1.el7pc
M Information Exposure	<0:2.2.24-1.el7pc
M Open Redirect	<0:2.2.24-1.el7pc
M Open Redirect	<0:2.2.24-1.el7pc
M Information Exposure	<0:2.2.24-1.el7pc
M Information Exposure	<0:2.2.24-1.el7pc
M Information Exposure	<0:2.2.18-1.el7pc
M Information Exposure	<0:2.2.18-1.el7pc
M SQL Injection	<0:2.2.18-1.el7pc
M Unchecked Error Condition	<0:2.2.24-1.el7pc
M Unchecked Error Condition	<0:2.2.24-1.el7pc
M Improper Verification of Cryptographic Signature	<0:2.2.24-1.el7pc
M Improper Verification of Cryptographic Signature	<0:2.2.24-1.el7pc
L Authentication Bypass	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Cross-site Scripting (XSS)	*
M Directory Traversal	<0:2.2.24-1.el7pc
M Directory Traversal	<0:2.2.24-1.el7pc
M Directory Traversal	<0:2.2.24-1.el7pc
M Directory Traversal	<0:2.2.24-1.el7pc
M Server-Side Request Forgery (SSRF)	<0:2.2.24-1.el7pc
M Server-Side Request Forgery (SSRF)	<0:2.2.24-1.el7pc
M Directory Traversal	<0:2.2.24-1.el7pc
M Directory Traversal	<0:2.2.24-1.el7pc
M Improper Cross-boundary Removal of Sensitive Data	*
M Directory Traversal	*
M Resource Exhaustion	*
H SQL Injection	*
M SQL Injection	*
M Execution with Unnecessary Privileges	<0:2.2.18-1.el7pc
M Resource Exhaustion	<0:2.2.24-1.el7pc
M Resource Exhaustion	<0:2.2.24-1.el7pc
M Out-of-Bounds	<0:2.2.18-1.el7pc
M Information Exposure	<0:2.2.24-1.el7pc
M Information Exposure	<0:2.2.24-1.el7pc
M Information Exposure	<0:2.2.18-1.el7pc
M Resource Exhaustion	<0:2.2.24-1.el7pc
M Resource Exhaustion	<0:2.2.24-1.el7pc
M Cross-site Request Forgery (CSRF)	<0:2.2.18-1.el7pc
M Resource Exhaustion	<0:2.2.24-1.el7pc
M Resource Exhaustion	<0:2.2.24-1.el7pc
M Resource Exhaustion	<0:2.2.24-1.el7pc
M Resource Exhaustion	<0:2.2.24-1.el7pc
M Cross-site Request Forgery (CSRF)	<0:2.2.18-1.el7pc
M Cross-site Scripting (XSS)	<0:2.2.18-1.el7pc
M Improper Input Validation	<0:2.2.18-1.el7pc
M Improper Input Validation	<0:2.2.18-1.el7pc
M Information Exposure	<0:2.2.24-1.el7pc
M Information Exposure	<0:2.2.24-1.el7pc
M OS Command Injection	<0:2.2.24-1.el7pc
M OS Command Injection	<0:2.2.24-1.el7pc
M XML External Entity (XXE) Injection	<0:2.2.24-1.el7pc
M XML External Entity (XXE) Injection	<0:2.2.24-1.el7pc
M Improper Input Validation	<0:2.2.24-1.el7pc
M Improper Input Validation	<0:2.2.24-1.el7pc
M Covert Timing Channel	<0:2.2.18-1.el7pc
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:2.2.24-1.el7pc
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:2.2.24-1.el7pc
M Incorrect Default Permissions	<0:2.2.24-1.el7pc
M Incorrect Default Permissions	<0:2.2.24-1.el7pc
M Information Exposure	<0:2.2.18-1.el7pc
M Use After Free	<0:2.2.18-1.el7pc

Vulnerability

Vulnerable Version

Information Exposure

<0:2.2.18-1.el7pc

Missing Authorization

<0:2.2.18-1.el7pc

Information Exposure Through Log Files

<0:2.2.18-1.el7pc

Cleartext Transmission of Sensitive Information

<0:2.2.24-1.el7pc

Cleartext Transmission of Sensitive Information

<0:2.2.24-1.el7pc