Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Browse Security Advisories

Security Advisories for Django for https://github.com/django/django in pypi Clear Filters

High
5 days ago

Django is subject to SQL injection through its column aliases GSA_kwCzR0hTQS02dzJyLXIybTUteHE1d84ABL0E

pypi Django
Moderate
4 months ago

Django has a denial-of-service possibility in strip_tags() GSA_kwCzR0hTQS04ajI0LWNqcnEtZ3Iybc4ABHoL

pypi Django
Moderate
5 months ago

Django Potential Denial of Service (DoS) on Windows GSA_kwCzR0hTQS13cWZnLW05NmotODV2bc4ABGVX

pypi Django
Moderate
8 months ago

Django has a potential denial-of-service vulnerability in IPv6 validation GSA_kwCzR0hTQS1xY2dnLWoyeDgtaDlnOM4ABDXN

pypi Django
Moderate
11 months ago

Django allows enumeration of user e-mail addresses GSA_kwCzR0hTQS1ycnFjLWMyangtNmpnds4ABADW

pypi Django
Moderate
11 months ago

Django vulnerable to denial-of-service attack via the urlize() and urlizetrunc() template filters GSA_kwCzR0hTQS01aGdjLTJ2ZnAtbXF2Y84ABADU

pypi Django
Moderate
about 1 year ago

Django vulnerable to a denial-of-service attack GSA_kwCzR0hTQS03OTVjLTl4cGMteHc2Z84AA-cz

pypi Django
Critical
about 1 year ago

Django SQL injection vulnerability GSA_kwCzR0hTQS1wdjRwLWN3d2ctNHJwaM4AA-c1

pypi Django
Moderate
about 1 year ago

Django vulnerable to denial-of-service attack GSA_kwCzR0hTQS1yODM2LWhoNnYtcmc1Z84AA-cw

pypi Django
Moderate
about 1 year ago

Django memory consumption vulnerability GSA_kwCzR0hTQS1qaDc1LTk5aGgtcXZ4Oc4AA-c0

pypi Django
Moderate
about 1 year ago

Django vulnerable to user enumeration attack GSA_kwCzR0hTQS14N3EyLXdyN2cteHFtZs4AA9wR

pypi Django
High
about 1 year ago

Django Path Traversal vulnerability GSA_kwCzR0hTQS05am1mLTIzN2ctcWY0Ns4AA9wT

pypi Django
High
about 1 year ago

Django vulnerable to Denial of Service GSA_kwCzR0hTQS1mNmY4LTlteDYtOW14Ms4AA9wW

pypi Django
High
about 1 year ago

Django vulnerable to Denial of Service GSA_kwCzR0hTQS1xZzJwLTlqd3ItbW1xZs4AA9wQ

pypi Django
Moderate
over 1 year ago

Regular expression denial-of-service in Django GSA_kwCzR0hTQS12bThxLW01N2ctcGZmM84AA6CU

pypi django
High
over 1 year ago

Django denial-of-service attack in the intcomma template filter GSA_kwCzR0hTQS14eGo5LWY2cnYtbTN4NM4AA5IP

pypi Django, django
High
almost 2 years ago

Django Denial-of-service in django.utils.text.Truncator GSA_kwCzR0hTQS1oOGdjLXBnajItdmptM84AA25m

pypi Django
Moderate
almost 2 years ago

Django Denial of service vulnerability in django.utils.encoding.uri_to_iri GSA_kwCzR0hTQS03aDRwLTI3bWgtaG1yd84AA25h

pypi django
High
almost 2 years ago

Django potential denial of service vulnerability in UsernameField on Windows GSA_kwCzR0hTQS1xbWY5LTZqcWYtajhmcc4AA23t

pypi Django
High
about 2 years ago

Django has regular expression denial of service vulnerability in EmailValidator/URLValidator GSA_kwCzR0hTQS1qaDN3LTR2dmYtbWpncs4AA0Lg

pypi Django
Critical
over 2 years ago

Django bypasses validation when using one form field to upload multiple files GSA_kwCzR0hTQS1yM3hjLXByZ3ItbWc5cM4AAzG9

pypi Django
High
over 2 years ago

Resource exhaustion in Django GSA_kwCzR0hTQS0yaHJ3LWh4NjctMzR4Ns4AAxpM

pypi Django
High
over 2 years ago

Django contains Uncontrolled Resource Consumption via cached header GSA_kwCzR0hTQS1xMmpmLWg5am0tbTdwNM4AAxVW

pypi django
High
almost 3 years ago

Django denial-of-service vulnerability in internationalized URLs GSA_kwCzR0hTQS1xcnc1LTVoMjgtNmNtZ84AAvXa

pypi django
High
about 3 years ago

Django vulnerable to Reflected File Download attack GSA_kwCzR0hTQS04eDk0LWhtamgtOTdocc4AAt78

pypi Django
Critical
about 3 years ago

Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection GSA_kwCzR0hTQS1wNjR4LThyeHgtd2Y2cc4AAtF-

pypi Django
High
over 3 years ago

Django Image Field Vulnerable to Image Decompression Bombs GSA_kwCzR0hTQS01OXc4LTR3bTItNHh3OM4AAfPe

pypi Django, django
High
over 3 years ago

Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer GSA_kwCzR0hTQS01aDJxLTRocnAtdjlycs4AAfPc

pypi Django
Critical
over 3 years ago

Django Allows Redirect via Data URL GSA_kwCzR0hTQS03OHZ4LWdnY2gtd2dobc4AAfPg

pypi django
High
over 3 years ago

Django Allows Arbitrary URL Generation GSA_kwCzR0hTQS0yNjU1LXE0NTMtMjJmOc4AAfNa

pypi django
Moderate
over 3 years ago

XML Entity Expansion (XEE) in Django GSA_kwCzR0hTQS1xcmg3LXg2ZnAtYzJtcM4AAfMI

pypi Django
Moderate
over 3 years ago

XML External Entity (XXE) in Django GSA_kwCzR0hTQS14NjRtLTY4NmYtZm1tM84AAfL2

pypi Django
High
over 3 years ago

Django Directory Traversal via ssi template tag GSA_kwCzR0hTQS12ampwLTlyODMtMjJyY84AAe3i

pypi django
High
over 3 years ago

Django Denial of Service Vulnerability in the authentication framework GSA_kwCzR0hTQS00YzQyLTRyeG0teDZxZs4AAeye

pypi Django
High
over 3 years ago

Django Access Restrictions Bypass GSA_kwCzR0hTQS00Nng0LTlqbXYtamM4cM4AAdCD

pypi django
Moderate
over 3 years ago

Django Cross-site Scripting Vulnerability GSA_kwCzR0hTQS02NTY1LWZnODYtNmpjeM4AAc0O

pypi django
Moderate
over 3 years ago

Django allows user sessions hijacking via an empty string in the session key GSA_kwCzR0hTQS02d2dwLWZ3Zm0tbXhwM84AAct0

pypi Django
Moderate
over 3 years ago

Django settings leak in date template filter GSA_kwCzR0hTQS02d2NyLXdjcW0tM21maM4AAcl8

pypi Django, django
Moderate
over 3 years ago

Django WSGI Header Spoofing Vulnerability GSA_kwCzR0hTQS03cWZ3LWo3aHAtdjQ1Z84AAcfU

pypi Django, django
High
over 3 years ago

Django database denial-of-service with ModelMultipleChoiceField GSA_kwCzR0hTQS02Zzk1LXg2Y2otbWc0ds4AAce7

pypi Django
High
over 3 years ago

Django DoS in django.views.static.serve GSA_kwCzR0hTQS1qaGpnLXcyY3AtNWo0NM4AAce9

pypi Django, django
Moderate
over 3 years ago

Django Cross-site Scripting Vulnerability GSA_kwCzR0hTQS1ndjk4LWc2MjgtbTl4Nc4AAce6

pypi Django, django
Moderate
over 3 years ago

Denial-of-service possibility in logout() view by filling session store GSA_kwCzR0hTQS14MzhtLTQ4NmMtMndyOc4AAcXd

pypi Django
High
over 3 years ago

Django Reuses Cached CSRF Token GSA_kwCzR0hTQS04OWhqLXhmeDUtN3E2Ns4AAcJo

pypi Django, django
High
over 3 years ago

Django Vulnerable to MySQL Injection GSA_kwCzR0hTQS13cWpqLWh4ODQtdjQ0Oc4AAcJQ

pypi Django, django
Critical
over 3 years ago

Code Injection in Django GSA_kwCzR0hTQS1ydnE2LW1ycHYtbTZybc4AAcJq

pypi Django
Critical
over 3 years ago

Django Vulnerable to Cache Poisoning GSA_kwCzR0hTQS1xN3EyLXFmMnEtcnczd84AAcJT

pypi Django
Moderate
over 3 years ago

Django cross-site scripting (XSS) vulnerability in the AdminURLFieldWidget widget GSA_kwCzR0hTQS00ODk0LTV2cWMtNnIycs4AAZ0v

pypi django
Moderate
over 3 years ago

Django XSS Vulnerability GSA_kwCzR0hTQS1wdzI3LXc3dzQtOXFjN84AAZQd

pypi Django, django
Low
over 3 years ago

Django User Enumeration Vulnerability GSA_kwCzR0hTQS1mcDZwLTV4dnctbTc0Zs4AAZQc

pypi django
High
over 3 years ago

Django ReDoS in validators.URLValidator GSA_kwCzR0hTQS1jcWY3LWZmOWgtNzk2N84AAYwU

pypi Django
High
over 3 years ago

Django Vulnerable to HTTP Response Splitting Attack GSA_kwCzR0hTQS1xNXF3LTQzNjQtNWhobc4AAYwZ

pypi Django, django
Moderate
over 3 years ago

Django denial of service via empty session record creation GSA_kwCzR0hTQS1wZ3hoLXdmdzQtangyds4AAYdf

pypi Django
Critical
over 3 years ago

Django DNS Rebinding Vulnerability GSA_kwCzR0hTQS0zZjJjLWptNnYtY3IzNc4AAYRU

pypi Django
Critical
over 3 years ago

Django user with hardcoded password created when running tests on Oracle GSA_kwCzR0hTQS1tdjhnLWZoaDYtNjI2N84AAYRT

pypi Django
Moderate
over 3 years ago

Django cross-site scripting (XSS) vulnerability via is_safe_url function GSA_kwCzR0hTQS05Y3dnLW1oeGYtaGg1Oc4AAYL4

pypi Django
High
over 3 years ago

Django CSRF Protection Bypass GSA_kwCzR0hTQS1jcmhtLXFwamMtY202NM4AAXr9

pypi django
High
over 3 years ago

Django Vulnerable to Cache Poisoning GSA_kwCzR0hTQS1ybTJqLXg1OTUtcTljas4AAXiH

pypi Django, django
High
over 3 years ago

Django Might Allow CSRF Requests via URL Verification GSA_kwCzR0hTQS13eGczLW1mcGgtcWc5d84AAXiG

pypi Django
Moderate
over 3 years ago

Django Cross-site scripting Vulnerability GSA_kwCzR0hTQS1jOGM4LTk0NzItdzUyaM4AAV-L

pypi django
High
over 3 years ago

Django Allows Open Redirects GSA_kwCzR0hTQS12cTNoLTNxN3YtOXByd84AAVFj

pypi Django
High
over 3 years ago

Django Incorrectly Validates URLs GSA_kwCzR0hTQS1mN2NtLWNjZnAtM3E0cs4AAVFA

pypi Django, django
Moderate
over 3 years ago

Django Middleware Enables Session Hijacking GSA_kwCzR0hTQS02MjVnLWd4OGMteGNtZ84AAVE-

pypi Django, django
Moderate
over 3 years ago

Django data leakage via querystring manipulation in admin GSA_kwCzR0hTQS1ydzc1LW03Z3AtOTJtM84AAVFB

pypi Django
High
over 3 years ago

Django Denial-of-service possibility with strip_tags GSA_kwCzR0hTQS1qM2ozLWpyZmgtY20yd84AAVA_

pypi Django
Moderate
over 3 years ago

Django cross-site scripting (XSS) attack via user-supplied redirect URLs GSA_kwCzR0hTQS03ZnE4LTRwdjUtNXc1Y84AAVA8

pypi Django
High
over 3 years ago

Django denial of service via file upload naming GSA_kwCzR0hTQS0yOTZ3LTZxaHEtZ2Y5Ms4AAU-L

pypi Django, django
Moderate
over 3 years ago

Django Data leakage via admin history log GSA_kwCzR0hTQS1yN3c2LXA0N2ctdmo1M83igQ

pypi Django
Moderate
over 3 years ago

Django is vulnerable to Denial of Service attack in formset GSA_kwCzR0hTQS1nOHhnLWpnajYtNDlyM83ifg

pypi Django
High
over 3 years ago

Django Regex Algorithmic Complexity Causes Denial of Service GSA_kwCzR0hTQS1wNm01LWg3cHAtdjJ4Nc3M8Q

pypi Django
High
over 3 years ago

Django Admin Media Handler Vulnerable to Directory Traversal GSA_kwCzR0hTQS05eGc3LWdnOW0tcm1xOc3JJQ

pypi Django
High
over 3 years ago

Django cross-site request forgery (CSRF) vulnerability GSA_kwCzR0hTQS1yNWNqLXd2MjQtOTJwNc285A

pypi django
Moderate
over 3 years ago

Django Cross-site scripting (XSS) vulnerability GSA_kwCzR0hTQS01NHFqLTQ4dngtY3I5Zs22-A

pypi django
High
over 3 years ago

Django Arbitrary Code Execution GSA_kwCzR0hTQS1xYzk5LWczd20taGd4cs2XHg

pypi Django
Moderate
over 3 years ago

Django Improper Access Control GSA_kwCzR0hTQS1td3YyLTM5OGgtdjQ4Oc2XIA

pypi Django
Critical
over 3 years ago

SQL Injection in Django GSA_kwCzR0hTQS0yZ3dqLTdqbXYtaDI2cs07Ng

pypi Django
Critical
over 3 years ago

SQL Injection in Django GSA_kwCzR0hTQS13MjRoLXY5cWgtOGd4as07NQ

pypi Django
Moderate
over 3 years ago

Cross-site Scripting in Django GSA_kwCzR0hTQS05NXJ3LWZ4OHItMzZ2Ns0opg

pypi django
High
over 3 years ago

Infinite Loop in Django GSA_kwCzR0hTQS02Y3czLWc2d3YtYzJ4ds0okA

pypi Django
High
over 3 years ago

Information disclosure in Django GSA_kwCzR0hTQS04YzVqLTlyOWYtYzZ3OM0g8Q

pypi Django
Moderate
over 3 years ago

Directory-traversal in Django GSA_kwCzR0hTQS1qcmgyLWhjNHItN2p3eM0g8w

pypi Django
High
over 3 years ago

Denial-of-service in Django GSA_kwCzR0hTQS01M3F3LXE3NjUtNGZ3d80g9Q

pypi Django
Moderate
almost 4 years ago

Potential bypass of an upstream access control based on URL paths in Django GSA_kwCzR0hTQS12NnJoLWhwNXgtODZyds0afw

pypi Django
Critical
almost 4 years ago

SQL Injection in Django MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhwZnAtZjU2OS1xM3Ay

pypi Django
High
over 4 years ago

Django Access Control Bypass possibly leading to SSRF, RFI, and LFI attacks MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5OXYtNXczYy1qcXE5

pypi Django
Moderate
over 4 years ago

Path Traversal in Django MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4dzgtcWpxMy0yZ2Zt

pypi Django, django
Moderate
over 4 years ago

Header injection possible in Django MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFtNTctdmhxMy0zZndm

pypi Django
High
over 4 years ago

Path Traversal in Django MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJ4anAtbWZtOS13NHdy

pypi Django
High
over 4 years ago

Django Incorrect Default Permissions MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02Z2otaDlnbS1ndzQ0

pypi Django
Moderate
over 4 years ago

Django Incorrect Default Permissions MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyMjgtNTY5ai01M2M0

pypi django
Moderate
over 4 years ago

Django Directory Traversal via archive.extract MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ2Z2YtNmg2aC0zMzIy

pypi django
Moderate
over 5 years ago

XSS in Django MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtMzQtamNqdi00NXhm

pypi Django
High
over 5 years ago

Data leakage via cache key collision in Django MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdwanItajU3eC13eGZ3

pypi Django
High
over 5 years ago

SQL injection in Django MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNnaDIteHc3NC1qbWN3

pypi Django
Critical
over 5 years ago

SQL injection in Django MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtcjQtbTJoNS0zM3F4

pypi Django, django
Critical
over 5 years ago

Django Potential account hijack via password reset form MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmcTYtaHE1ci0yN3I2

pypi Django, django
High
almost 6 years ago

Django allows unintended model editing MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2bWYtcjkyci0yN2hy

pypi Django
Critical
about 6 years ago

SQL Injection in Django MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZyOTctY2o1NS05aHJx

pypi Django
High
about 6 years ago

Django Denial-of-service by filling session store MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1ODItMnBjaC0zeHYz

pypi Django, django
Moderate
over 6 years ago

Django Cross-site Scripting in AdminURLFieldWidget MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdycDItZm0yaC13Y2hq

pypi Django

Filter by Severity

Moderate 10,341 High 8,173 Critical 3,354 Low 1,496

Filter by Ecosystem

maven 6,869 packagist 5,422 pypi 4,942 npm 4,297 go 2,920 nuget 1,880 cargo 1,086 rubygems 927 actions 37 hex 37 swift 36 pub 10

Filter by Package

tensorflow 433 tensorflow-gpu 427 tensorflow-cpu 423 Django 108 apache-airflow 85 Plone 72 salt 65 ansible 63 apache-superset 61 mlflow 53 nova 48 django 46 gradio 44 vyper 44 matrix-synapse 42 rdiffweb 42 plone 41 picklescan 39 moin 35 keystone 32 opencv-python 31 opencv-contrib-python 31 Pillow 29 pillow 28 open-webui 25 vllm 25 pyload-ng 23 glance 21 langchain 20 aim 20 ethyca-fides 20 neutron 19 mercurial 18 mindsdb 18 cobbler 18 notebook 17 cryptography 17 calibreweb 17 OctoPrint 17 paddlepaddle 16 transformers 16 PaddlePaddle 16 lollms 16 aiohttp 15 urllib3 14 mobsf 14 pyftpdlib 14 modoboa 14 vantage6 14 litellm 14 zenml 13 h2o 13 roundup 13 twisted 12 sentry 12 wagtail 12 pgadmin4 12 swift 12 nautobot 12 waitress 11 onionshare-cli 11 label-studio 11 horizon 11 trytond 11 opencv-contrib-python-headless 10 pyspark 10 opencv-python-headless 10 Flask-AppBuilder 10 zope 9 kiwitcms 9 ryu 9 ckan 9 agentscope 9 python-keystoneclient 9 ai.h2o:h2o-core 9 cinder 9 lief 9 changedetection.io 8 llama-index 8 Zope2 8 aubio 8 bentoml 8 indico 8 dbgpt 8 tornado 8 numpy 8 trac 8 ipython 8 Zope 8 copyparty 8 pysaml2 7 web2py 7 jupyter-server 7 pip 7 inventree 7 matrix-sydent 7 scrapy 7 llama-index-core 7 executorch 7 requests 7 Products.CMFPlone 7 snowflake-connector-python 6 langflow 6 graphite-web 6 Moin 6 tuf 6 yt-dlp 6 ansible-core 6 torch 6 OpenEXR 6 torchserve 6 omero-web 6 mailman 6 lxml 6 whoogle-search 6 dtale 6 codechecker 6 mage-ai 6 apache-iotdb 6 Jinja2 6 apache-airflow-providers-apache-hive 6 Mezzanine 6 langchain-community 6 grpc 5 bleach 5 werkzeug 5 feedparser 5 Werkzeug 5 fschat 5 lmdb 5 pretix 5 python-gnupg 5 esphome 5 jupyterhub 5 nltk 5 keylime 5 paramiko 5 ait-core 5 onnx 5 oauthenticator 5 langchain-experimental 5 composio-core 5 mayan-edms 5 Weblate 5 saleor 5 mitmproxy 5 grpcio 5 RestrictedPython 4 markdown2 4 koji 4 pandasai 4 nvflare 4 qutebrowser 4 starlette 4 bottle 4 ray 4 Scrapy 4 jupyterlab 4 pywasm3 4 reportlab 4 Nova 4 org.apache.streampipes:streampipes-parent 4 wasmtime 4 flask-cors 4 pytorch-lightning 4 jwcrypto 4 streamlit 4 GitPython 4 barbican 4 setuptools 4 frappe 4 httpie 4 jinja2 4 homeassistant 4 Flask-Security-Too 4 tripleo-heat-templates 4 dbt-core 4 MaterialX 4 django-helpdesk 4 apache-submarine 4 streampipes 4 aws-iot-device-sdk-v2 4 Pygments 4 keras 4 InvokeAI 4 awsiotsdk 4 Keystone 4 flask-appbuilder 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 PyPDF2 4 FreeTAKServer-UI 4 buildbot 4 flask 4 indy-node 4 xml2rfc 4 Radicale 4 skops 4 weblate 4 backend.ai 3 plone.app.theming 3

Filter by Repository

https://github.com/django/django 117 https://sourceforge.net/projects/sourceforge.net 1 https://github.com/pypa/advisory-db 1 https://github.com/jquery/jquery 1