python-django Info

python-django was added to epel7 repo on 2013-12-18
Page updated: 2024-04-20 21:14
Repo Status - Overall Status

Source NVR: python-django-1.11.27-1.el7 (2020-01-24)

Binary Packages

python-django-bash-completion python-django-bash-completion-1.11.27-1.el7
python2-django python2-django-1.11.27-1.el7
python36-django python36-django-1.11.27-1.el7

Bugs

1726015 NEW CVE-2019-12781 python-django: Django: Incorrect HTTP detection with reverse-proxy connecting via HTTPS [epel-7]
1781271 NEW CVE-2019-19118 python-django: django: privilege escalation in the django admin [epel-7]
1798518 NEW CVE-2020-7471 python-django: django: potential SQL injection via StringAgg(delimiter) [epel-7]
1874486 NEW CVE-2020-24583 python-django: django: incorrect permissions on intermediate-level directories on Python 3.7+ [epel-all]
1874493 NEW CVE-2020-24584 python-django: django: permission escalation in intermediate-level directories of the file system cache on Python 3.7+ [epel-all]
1923732 NEW CVE-2021-3281 python-django: django: Potential directory-traversal via archive.extract() [epel-all]
1946581 NEW CVE-2021-28658 python-django: django: potential directory-traversal via uploaded files [epel-all]
1958207 NEW CVE-2021-32052 python-django: django: header injection possibility since URLValidator accepted newlines in input on Python 3.9.5+ [epel-all]
1961137 NEW CVE-2021-31542 python-django: django: Potential directory-traversal via uploaded files [epel-all]
1967411 NEW CVE-2021-33203 python-django: django: Potential directory traversal via ``admindocs`` [epel-all]
1967426 NEW CVE-2021-33571 python-django: django: Possible indeterminate SSRF, RFI, and LFI attacks since validators accepted leading zeros in IPv4 addresses [epel-all]
2029746 NEW CVE-2021-44420 python-django: django: potential bypass of an upstream access control based on URL paths [epel-all]
2037171 NEW CVE-2021-45115 CVE-2021-45116 CVE-2021-45452 python-django: various flaws [epel-all]
2049327 NEW CVE-2022-23833 python-django: django: Denial-of-service possibility in file uploads [epel-all]
2049328 NEW CVE-2022-22818 python-django: django: Possible XSS via '{% debug %}' template tag [epel-all]

Install Failures