Django@4.0.4 vulnerabilities
A high-level Python web framework that encourages rapid development and clean, pragmatic design.
-
latest version
5.0.6
-
latest non vulnerable version
-
first published
14 years ago
-
latest version published
14 days ago
-
licenses detected
- [3.1a1,)
Direct Vulnerabilities
Known vulnerabilities in the Django package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) in Note: The function is only vulnerable when How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[,3.2.25)
[4.0a1,4.2.11)
[5.0a1,5.0.3)
|
Affected versions of this package are vulnerable to Denial of Service (DoS) via the Note: This vulnerability is only exploitable on Windows systems. How to fix Denial of Service (DoS)? Upgrade |
[,3.2.23)
[4.0a1,4.1.13)
[4.2a1,4.2.7)
|
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[,3.2.22)
[4.0,4.1.12)
[4.2,4.2.6)
|
Affected versions of this package are vulnerable to Denial of Service (DoS) in the How to fix Denial of Service (DoS)? Upgrade |
[,3.2.21)
[4.0a1,4.1.11)
[4.2a1,4.2.5)
|
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) in the How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[,3.2.20)
[4.0a1,4.1.10)
[4.2a1,4.2.3)
|
Affected versions of this package are vulnerable to Denial of Service (DoS) when parsing multipart form data in How to fix Denial of Service (DoS)? Upgrade |
[,3.2.18)
[4.0a1,4.0.10)
[4.1a1,4.1.7)
|
Affected versions of this package are vulnerable to Denial of Service (DoS) due to the parsed values of How to fix Denial of Service (DoS)? Upgrade |
[3.2,3.2.17)
[4.0,4.0.9)
[4.1,4.1.6)
|
Affected versions of this package are vulnerable to Denial of Service (DoS) when using internationalized URLs, due to How to fix Denial of Service (DoS)? Upgrade |
[4.1a1,4.1.2)
[4.0a1,4.0.8)
[3.2a1,3.2.16)
|
Affected versions of this package are vulnerable to Reflected File Download (RFD) as it is possible to set the How to fix Reflected File Download (RFD)? Upgrade |
[,3.2.15)
[4.0a1,4.0.7)
[4.1rc1,4.1)
|
Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to SQL Injection via the Note: Applications that constrain the lookup name and kind choice to a known safe list are unaffected. Django 4.1 pre-released versions (4.1a1, 4.1a2) are affected by this issue, please avoid using the 4.1 branch until 4.1.0 is released. How to fix SQL Injection? Upgrade |
[,3.2.14)
[4.0a1,4.0.6)
|