Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi Django Security Advisories

Loading...
High
GSA_kwCzR0hTQS1mNmY4LTlteDYtOW14Ms4AA9wW
Django vulnerable to Denial of Service
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: 2 days ago
Moderate
GSA_kwCzR0hTQS14N3EyLXdyN2cteHFtZs4AA9wR
Django vulnerable to user enumeration attack
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: 2 days ago
High
GSA_kwCzR0hTQS1xZzJwLTlqd3ItbW1xZs4AA9wQ
Django vulnerable to Denial of Service
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: 2 days ago
High
GSA_kwCzR0hTQS05am1mLTIzN2ctcWY0Ns4AA9wT
Django Path Traversal vulnerability
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: 2 days ago
High
GSA_kwCzR0hTQS1xbWY5LTZqcWYtajhmcc4AA23t
Django potential denial of service vulnerability in UsernameField on Windows
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: 8 months ago
High
GSA_kwCzR0hTQS1qaDN3LTR2dmYtbWpncs4AA0Lg
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS1yM3hjLXByZ3ItbWc5cM4AAzG9
Django bypasses validation when using one form field to upload multiple files
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: about 1 year ago
High
GSA_kwCzR0hTQS0yaHJ3LWh4NjctMzR4Ns4AAxpM
Resource exhaustion in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS04eDk0LWhtamgtOTdocc4AAt78
Django vulnerable to Reflected File Download attack
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01aDJxLTRocnAtdjlycs4AAfPc
Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1xcmg3LXg2ZnAtYzJtcM4AAfMI
XML Entity Expansion (XEE) in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14NjRtLTY4NmYtZm1tM84AAfL2
XML External Entity (XXE) in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS02d2dwLWZ3Zm0tbXhwM84AAct0
Django allows user sessions hijacking via an empty string in the session key
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS02Zzk1LXg2Y2otbWc0ds4AAce7
Django database denial-of-service with ModelMultipleChoiceField
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14MzhtLTQ4NmMtMndyOc4AAcXd
Denial-of-service possibility in logout() view by filling session store
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ydnE2LW1ycHYtbTZybc4AAcJq
Code Injection in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS13eGczLW1mcGgtcWc5d84AAXiG
Django Might Allow CSRF Requests via URL Verification
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Low
GSA_kwCzR0hTQS1ydzc1LW03Z3AtOTJtM84AAVFB
Django data leakage via querystring manipulation in admin
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1qM2ozLWpyZmgtY20yd84AAVA_
Django Denial-of-service possibility with strip_tags
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS03ZnE4LTRwdjUtNXc1Y84AAVA8
Django cross-site scripting (XSS) attack via user-supplied redirect URLs
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1wNm01LWg3cHAtdjJ4Nc3M8Q
Django Regex Algorithmic Complexity Causes Denial of Service
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS05eGc3LWdnOW0tcm1xOc3JJQ
Django Admin Media Handler Vulnerable to Directory Traversal
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Low
GSA_kwCzR0hTQS05djhoLTU3Z3YtcWNoNs2qog
Django vulnerable to Denial of Service via i18n middleware component
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1xYzk5LWczd20taGd4cs2XHg
Django Arbitrary Code Execution
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1td3YyLTM5OGgtdjQ4Oc2XIA
Django Improper Access Control
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS0yZ3dqLTdqbXYtaDI2cs07Ng
SQL Injection in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS13MjRoLXY5cWgtOGd4as07NQ
SQL Injection in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: about 2 years ago
High
GSA_kwCzR0hTQS02Y3czLWc2d3YtYzJ4ds0okA
Infinite Loop in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS04YzVqLTlyOWYtYzZ3OM0g8Q
Information disclosure in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1qcmgyLWhjNHItN2p3eM0g8w
Directory-traversal in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 2 years ago
High
GSA_kwCzR0hTQS01M3F3LXE3NjUtNGZ3d80g9Q
Denial-of-service in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS12NnJoLWhwNXgtODZyds0afw
Potential bypass of an upstream access control based on URL paths in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 36.9
Published: over 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhwZnAtZjU2OS1xM3Ay
SQL Injection in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 49.6
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFtNTctdmhxMy0zZndm
Header injection possible in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 30.9
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ4anAtbWZtOS13NHdy
Path Traversal in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 38.0
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhneGMtdjJxZy1jaG1o
Directory Traversal in Django
Ecosystems: pypi
Packages: Django
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 3 years ago
Statistics
Advisories: 19,479
Packages: 8,596
Repositories: 3
Ecosystems: 12
Filter by Package
tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 apache-airflow 80 django 80 ansible 63 salt 55 Plone 52 apache-superset 50 nova 47 mlflow 46 plone 43 rdiffweb 42 Pillow 41 vyper 38 Django 36 moin 35 matrix-synapse 35 keystone 31 opencv-contrib-python 30 opencv-python 30 glance 20 langchain 19 gradio 18 cobbler 17 mercurial 17 PaddlePaddle 17 pillow 16 neutron 16 cryptography 15 paddlepaddle 15 notebook 15 modoboa 14 pyftpdlib 14 pyload-ng 14 OctoPrint 13 vantage6 13 ethyca-fides 13 urllib3 12 swift 12 wagtail 12 calibreweb 11 twisted 11 horizon 11 zenml 11 onionshare-cli 11 aiohttp 11 trytond 10 Flask-AppBuilder 10 nautobot 10 ryu 9 waitress 9 cinder 9 opencv-python-headless 9 opencv-contrib-python-headless 9 Zope 9 kiwitcms 9 zope 9 roundup 9 numpy 8 trac 8 python-keystoneclient 8 aubio 8 label-studio 8 pysaml2 7 scrapy 7 jupyter-server 7 lief 7 pgadmin4 7 sentry 7 matrix-sydent 7 ipython 7 pip 7 litellm 7 lollms 7 web2py 6 tornado 6 mindsdb 6 inventree 6 Moin 6 tuf 6 yt-dlp 6 requests 6 lxml 6 graphite-web 6 apache-airflow-providers-apache-hive 6 Zope2 6 mailman 6 python-gnupg 5 nltk 5 omero-web 5 Jinja2 5 pyspark 5 ckan 5 Products.CMFPlone 5 lmdb 5 saleor 5 feedparser 5 oauthenticator 5 whoogle-search 5 bleach 5 paramiko 5 markdown2 4 Scrapy 4 jupyterhub 4 Radicale 4 qutebrowser 4 PyPDF2 4 transformers 4 FreeTAKServer-UI 4 GitPython 4 reportlab 4 keylime 4 Pygments 4 buildbot 4 httpie 4 esphome 4 Weblate 4 tripleo-heat-templates 4 pretix 4 awsiotsdk 4 aws-iot-device-sdk-v2 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 jwcrypto 4 bottle 4 grpcio 4 grpc 4 starlette 4 werkzeug 4 Flask-Security-Too 4 ansible-core 4 datasette 4 Keystone 4 Werkzeug 4 barbican 4 nvflare 4 apache-iotdb 3 rsa 3 copyparty 3 fava 3 flask 3 apache-airflow-providers-apache-spark 3 pyyaml 3 Nova 3 SQLAlchemy 3 apache-libcloud 3 vanna 3 Kallithea 3 langchain-experimental 3 mitmproxy 3 mayan-edms 3 pandasai 3 certifi 3 protobuf 3 indico 3 ray 3 streamlit 3 dtale 3 asyncssh 3 keyring 3 pyarrow 3 changedetection.io 3 wger 3 asyncua 3 ajenti 3 dbt-core 3 sanic 3 scikit-learn 3 llama-index 3 ansible-runner 3 dulwich 3 octavia 3 slixmpp 3 clearml 3 docassemble.webapp 3 quokka 3 pycrypto 3 plone.app.event 3 plone.app.theming 3 plone.app.dexterity 3 plone.supermodel 3 Red-DiscordBot 3 django-helpdesk 3 sqlparse 3 ujson 3 jupyter-server-proxy 3 io.grpc:grpc-protobuf 3 Mezzanine 3 sickrage 3 sosreport 3 httplib2 3 torchserve 3 homeassistant 3 onnx 3 python-jose 3 jupyterlab 3 poetry 3 localstack 3 mistune 3 openvpn-monitor 3