Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Advisories

Loading...
High
GSA_kwCzR0hTQS1xcnc1LTVoMjgtNmNtZ84AAvXa
Denial-of-service vulnerability in internationalized URLs
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: 3 months ago
Critical
GSA_kwCzR0hTQS1wNjR4LThyeHgtd2Y2cc4AAtF-
Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS05NXJ3LWZ4OHItMzZ2Ns0opg
Cross-site Scripting in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: 12 months ago
High
GSA_kwCzR0hTQS02Y3czLWc2d3YtYzJ4ds0okA
Infinite Loop in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: 12 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA5OXYtNXczYy1qcXE5
Bypass of access control in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY4dzgtcWpxMy0yZ2Zt
Path Traversal in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02Z2otaDlnbS1ndzQ0
Incorrect Default Permissions
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyMjgtNTY5ai01M2M0
Incorrect Default Permissions
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ2Z2YtNmg2aC0zMzIy
Improper Limitation of a Pathname to a Restricted Directory
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJtMzQtamNqdi00NXhm
XSS in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 2 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdwanItajU3eC13eGZ3
Data leakage via cache key collision in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNnaDIteHc3NC1qbWN3
SQL injection in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 2 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtcjQtbTJoNS0zM3F4
SQL injection in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: almost 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmcTYtaHE1ci0yN3I2
Potential account hijack via password reset form in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh2bWYtcjkyci0yN2hy
Django allows unintended model editing
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: about 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZyOTctY2o1NS05aHJx
SQL Injection in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1anYtNHA3dy02NGpn
Uncontrolled Resource Consumption in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY5cWctM2o4cC1yNjN2
Uncontrolled Recursion in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM0cWgtNHZndi1xYzZn
Uncontrolled Resource Consumption in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg1ODItMnBjaC0zeHYz
High severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZjN3YtMmY0OS04aDI2
Cleartext Transmission of Sensitive Information in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdycDItZm0yaC13Y2hq
Cross-site Scripting in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdoNGgtdjNmMi1yMnBw
Uncontrolled Memory Consumption in Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: almost 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMzN3gtNHE4Zy1wcmM1
Improper Input Validation Django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: about 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlyOHctNng4Yy02anI5
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: about 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM3aHAtNzY1eC1qOTV4
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: about 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0aHYtbTRoNC1taHdn
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: about 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIyOHYtbXc2Ny1tNXA5
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: about 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJmOXgtNXY3NS0zcXY0
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: about 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVoZzMtNmMyZi1mM3dy
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJmNGotajI3Mi1majg2
Django allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZteDMtM3ZxZy1ocHAy
Django allows unprivileged users can read the password hashes of arbitrary accounts
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThtM3ItcnY1Zy1mY3Bx
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4cGctZ2c5Zy03Nmdq
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg4OGotOTN2Yy13cG1w
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 4 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdnOWgtYzg4dy1yN2gy
High severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd3cGgtZmM0dy13cXAy
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ3cjUtcTlyeC0yOTRm
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNqcXctY3Jxai13OHF3
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg5NWotaDJydi1xcmc0
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVqMmgtaDVoZy0zd2Y4
Moderate severity vulnerability that affects django
Ecosystems: pypi
Packages: django
Source: GitHub Advisory Database
Published: over 4 years ago
Filter by Package
tensorflow 403 tensorflow-cpu 366 tensorflow-gpu 366 apache-airflow 42 ansible 42 django 41 rdiffweb 40 Pillow 39 opencv-python 30 opencv-contrib-python 30 matrix-synapse 20 apache-superset 20 Plone 20 notebook 13 pyftpdlib 13 onionshare-cli 11 Django 11 twisted 10 vyper 10 calibreweb 9 waitress 9 opencv-python-headless 9 OctoPrint 8 pyload-ng 8 opencv-contrib-python-headless 8 pillow 7 pysaml2 7 numpy 7 urllib3 7 tensorflow-lite 7 lief 6 ipython 6 inventree 6 python-gnupg 6 Flask-AppBuilder 6 cobbler 6 wagtail 6 Zope2 6 bleach 5 salt 5 matrix-sydent 5 modoboa 5 pip 5 tuf 5 feedparser 5 lxml 5 Zope 5 cryptography 5 Flask-Security-Too 4 scrapy 4 nvflare 4 gerapy 4 markdown2 4 nltk 4 jupyter-server 4 FreeTAKServer-UI 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 aws-iot-device-sdk-v2 4 awsiotsdk 4 qutebrowser 4 graphite-web 4 omero-web 3 Pygments 3 bitlyshortener 3 pyspark 3 indy-node 3 poetry 3 ansible-runner 3 jupyterhub 3 paramiko 3 fava 3 Jinja2 3 bottle 3 requests 3 oauthenticator 3 pyyaml 3 quokka 3 httpie 3 mistune 3 mitmproxy 3 django-helpdesk 3 Products.PluggableAuthService 3 ujson 3 plone.supermodel 3 plone.app.event 3 plone.app.dexterity 3 plone.app.theming 3 datasette 3 Weblate 3 aubio 3 mayan-edms 3 moin 3 protobuf 3 ecdsa 3 indico 2 Google.Protobuf 2 aioxmpp 2 aiohttp-session 2 pycrypto 2 bikeshed 2 google/protobuf 2 websockets 2 sickrage 2 werkzeug 2 py 2 rsa 2 webargs 2 SQLAlchemy 2 aiohttp 2 httplib2 2 pyopenssl 2 com.google.protobuf:protobuf-parent 2 Red-DiscordBot 2 openapi-python-client 2 rpyc 2 sanic 2 wagtail-2fa 2 github.com/protocolbuffers/protobuf 2 typed-ast 2 scout-browser 2 paddlepaddle 2 guarddog 2 reportlab 2 red-arrow 2 petl 2 tflite 2 aws-encryption-sdk-cli 2 org.apache.spark:spark-core 2 apache-iotdb 2 keystone 2 pyjwt 2 html5lib 2 pyarrow 2 autobahn 2 flower 2 djangorestframework 2 untangle 2 python-cjson 2 keyring 2 python-keystoneclient 2 pgadmin4 2 logilab-common 2 uvicorn 2 superset 2 python-ldap 2 django-sendfile2 2 tryton 2 archivy 2 pywasm3 2 ctx 2 roundup 2 pytorch-lightning 2 flask 2 trytond 2 proteus 2 Twisted 2 saleor 2 starkbank-ecdsa 2 tlslite-ng 2 distributed 2 FreeTAKServer 2 localstack 2 python-libnmap 2 django-anymail 2 Products.CMFPlone 2 gradio 2 mailman 2 parlai 2 aws-encryption-sdk 2 django-unicorn 2 simiki 2 shuup 2 dompurify 2 django-nopassword 1 ipycache 1 pyro 1 django-two-factor-auth 1 pypiserver 1 plone.app.users 1 octoprint 1 jupyterhub-kubespawner 1 nova 1 AccessControl 1 sqlparse 1 PyYAML 1 tripleo-heat-templates 1 ihatemoney 1 django-mfa3 1 flask-session-captcha 1 guake 1 url_regex 1 xmpp-http-upload 1 blazar-dashboard 1 aleksis-core 1 alerta-server 1 datasette-graphql 1 amundsen-frontend 1 red-dashboard 1 django-basic-auth-ip-whitelist 1 mpmath 1 gunicorn 1 django-photologue 1 Werkzeug 1 botframework-connector 1 CairoSVG 1 tenable-jira-cloud 1 Products.GenericSetup 1 django-rest-registration 1 jinja2 1 modulemd 1 python-fedora 1 jupyter-core 1 mat2 1 Lin-CMS 1 io.github.talelin:lin-cms-core 1 python-docx 1 Passeo 1 django-filter 1 jupyter_server 1 mobsf 1 django-registration 1 papermerge 1 invenio-records 1 invenio-communities 1 django-termsandconditions 1 ubi-reader 1 SentineloneSDK 1 asyncpg 1 xml2rfc 1 oncall 1 supervisor 1 safety 1 jw.util 1 contentful 1 api-res-py 1 nbdime 1 mysql-connector-python 1 Flask-Cors 1 jupyter-notebook 1 svglib 1 Sentinelone 1 joblib 1 clickhouse-driver 1 fastapi 1 Products.PasswordResetTool 1 py-mini-racer 1 openssh-key-parser 1 swift 1 Flask-Unchained 1 Kotti 1 flask-admin 1 pywin32 1 django-celery-results 1 Glances 1 Products.isurlinportal 1 yamale 1 apache-airflow-providers-apache-hive 1 sopel-modules.weather 1 pywb 1 django-widgy 1 XML2Dict 1 sqla-yaml-fixtures 1 pulsar-client 1 sqlite-web 1 CoAPthon 1 django-user-sessions 1 pollbot 1 novajoin 1 psutil 1 rply 1 py-evm 1 django-epiceditor 1 leo 1 cryptoauthlib 1 exotel 1 eventlet 1 GitPython 1 pydantic 1 cfscrape 1 pikepdf 1 chainerrl-visualizer 1 opencv-opencv-contrib-python-headless 1 Scrapy 1 PyInstaller 1 validators 1 Nuitka 1 topydo 1 com.amazonaws:aws-encryption-sdk-java 1 easybuild-framework 1 fastecdsa 1 mkdocs 1 pybluemonday 1 github.com/microcosm-cc/bluemonday 1 py-bcrypt 1 rucio-webui 1 babel 1 barbican 1 antilles-tools 1 org.apache.iotdb:iotdb-server 1 tendenci 1