Known Vulnerabilities for Django by Djangoproject
Listed below are 10 of the newest known vulnerabilities associated with "Django" by "Djangoproject".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
CVE | Shortened Description | Severity | Publish Date | Last Modified |
---|---|---|---|---|
CVE-2022-23833 | An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing cert... | 7.5 - HIGH | 2022-02-03 | 2023-11-22 |
CVE-2022-22818 | The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode th... | 6.1 - MEDIUM | 2022-02-03 | 2023-11-07 |
CVE-2021-35042 | Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from ... | 9.8 - CRITICAL | 2021-07-02 | 2023-11-07 |
CVE-2021-33571 | In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46... | 7.5 - HIGH | 2021-06-08 | 2023-12-07 |
CVE-2021-33203 | Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admind... | 4.9 - MEDIUM | 2021-06-08 | 2023-11-07 |
CVE-2021-32052 | In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit new... | 6.1 - MEDIUM | 2021-05-06 | 2023-11-07 |
CVE-2021-31542 | In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed dir... | 7.5 - HIGH | 2021-05-05 | 2023-12-07 |
CVE-2021-28658 | In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploade... | 5.3 - MEDIUM | 2021-04-06 | 2023-11-07 |
CVE-2021-23336 | The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 an... | 5.9 - MEDIUM | 2021-02-15 | 2023-11-07 |
CVE-2021-3281 | In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by "start... | 5.3 - MEDIUM | 2021-02-02 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Djangoproject | Django | 3.1.8 | All | All | All |
Application | Djangoproject | Django | 3.1.7 | All | All | All |
Application | Djangoproject | Django | 3.1.6 | All | All | All |
Application | Djangoproject | Django | 3.1.5 | All | All | All |
Application | Djangoproject | Django | 3.1.4 | All | All | All |
Application | Djangoproject | Django | 3.1.3 | All | All | All |
Application | Djangoproject | Django | 3.1.2 | All | All | All |
Application | Djangoproject | Django | 3.1.1 | All | All | All |
Application | Djangoproject | Django | 3.1 | All | All | All |
Application | Djangoproject | Django | 3.0.9 | All | All | All |
Application | Djangoproject | Django | 3.0.8 | All | All | All |
Application | Djangoproject | Django | 3.0.7 | All | All | All |
Application | Djangoproject | Django | 3.0.4 | All | All | All |
Application | Djangoproject | Django | 3.0.3 | All | All | All |
Application | Djangoproject | Django | 3.0.2 | All | All | All |
Application | Djangoproject | Django | 3.0.12 | All | All | All |
Application | Djangoproject | Django | 3.0.11 | All | All | All |
Application | Djangoproject | Django | 3.0.10 | All | All | All |
Application | Djangoproject | Django | 3.0.1 | All | All | All |
Application | Djangoproject | Django | 3.0 | All | All | All |
Popular searches for Django
The Web framework for perfectionists with deadlines | Django
www.djangoproject.com @
Getting started with Django | Django
www.djangoproject.com/startGetting started with Django | Django Its quick & easy to get up and running with Django Its got two parts:. import renderdef band listing request :"""A view of all bands."""bands. import gettextdef homepage request :""" Shows the homepage with a welcome message that is translated in the user's language.
Django (web framework) User (computing) URL Django Django Hypertext Transfer Protocol Application software Installation (computer programs) Programmer Macintosh startup Python (programming language) Web template system Rendering (computer graphics) Home page Tutorial Web application HTML Object (computer science) Application programming interface Internationalization and localization Interface (computing)