django-ca@1.4.0 vulnerabilities

A Django app providing a TLS certificate authority.

Known vulnerabilities in the django-ca package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Denial of Service (DoS) django-ca is a tool to manage TLS certificate authorities and easily issue and revoke certificates. Affected versions of this package are vulnerable to Denial of Service (DoS) via large response bodies when validating ACME challenges, which can lead to large files in memory. How to fix Denial of Service (DoS)? Upgrade `django-ca` to version 1.19.0 or higher.	[,1.19.0)
M Insecure Defaults django-ca is a tool to manage TLS certificate authorities and easily issue and revoke certificates. Affected versions of this package are vulnerable to Insecure Defaults. Insecure default settings could lead to CSRF. The fix adds `Django`'s secure cookies. How to fix Insecure Defaults? Upgrade `django-ca` to version 1.17.0 or higher.	[,1.17.0)
M Cryptographic Issue django-ca is a tool to manage TLS certificate authorities and easily issue and revoke certificates. Affected versions of this package are vulnerable to Cryptographic Issue due to storing CA private keys in an insecure format. How to fix Cryptographic Issue? Upgrade `django-ca` to version 1.10.0 or higher.	[,1.10.0)
M Arbitrary Code Injection django-ca is a tool to manage TLS certificate authorities and easily issue and revoke certificates. Affected versions of this package are vulnerable to Arbitrary Code Injection. It did not properly escape the `x509` extensions. How to fix Arbitrary Code Injection? Upgrade `django-ca` to version 1.9.0 or higher.	[,1.9.0)