Django vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2016-2513Lowdjango: Django User Enumeration VulnerabilityCVE-2015-5144Highdjango: Django Vulnerable to HTTP Response Splitting AttackCVE-2015-5145HighDjango: Django ReDoS in validators.URLValidatorCVE-2015-5963MediumDjango: Django denial of service via empty session record creationCVE-2016-9014CriticalDjango: Django DNS Rebinding VulnerabilityCVE-2016-9013CriticalDjango: Django user with hardcoded password created when running tests on OracleCVE-2013-6044MediumDjango: Django cross-site scripting (XSS) vulnerability via is_safe_url function CVE-2016-7401Highdjango: Django CSRF Protection BypassCVE-2011-4139Highdjango: Django Vulnerable to Cache PoisoningCVE-2011-4138HighDjango: Django Might Allow CSRF Requests via URL VerificationCVE-2016-6186Mediumdjango: Django Cross-site scripting VulnerabilityCVE-2014-3730HighDjango: Django Allows Open RedirectsCVE-2014-0483MediumDjango: Django data leakage via querystring manipulation in adminCVE-2014-0480Highdjango: Django Incorrectly Validates URLsCVE-2014-0482Mediumdjango: Django Middleware Enables Session HijackingCVE-2015-2316HighDjango: Django Denial-of-service possibility with strip_tagsCVE-2015-2317MediumDjango: Django cross-site scripting (XSS) attack via user-supplied redirect URLsCVE-2014-0481Highdjango: Django denial of service via file upload namingCVE-2013-0305MediumDjango: Django Data leakage via admin history logCVE-2013-0306MediumDjango: Django is vulnerable to Denial of Service attack in formset CVE-2009-3695HighDjango: Django Regex Algorithmic Complexity Causes Denial of ServiceCVE-2009-2659HighDjango: Django Admin Media Handler Vulnerable to Directory TraversalCVE-2008-3909Highdjango: Django cross-site request forgery (CSRF) vulnerabilityCVE-2008-2302Mediumdjango: Django Cross-site scripting (XSS) vulnerabilityCVE-2007-5712HighDjango: Django vulnerable to Denial of Service via i18n middleware component

Stop the waste.
Protect your environment with Kodem.