django vulnerabilities

A high-level Python Web framework that encourages rapid development and clean, pragmatic design.

Latest version: 2.2.1

Licenses detected

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the django package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • M
Uncontrolled Memory Consumption
[1.11.0,1.11.19),[2.0.0,2.0.11),[2.1.0,2.1.6) Not available 11 Feb, 2019
  • M
Content Spoofing
[,1.11.18),[2.0.0, 2.0.10),[2.1.0, 2.1.5) Not available 08 Jan, 2019
  • M
Information Exposure
[2.1.0, 2.1.2) Not available 05 Nov, 2018
  • M
Open Redirect
[,1.11.15), [2.0.0, 2.0.8) Not available 02 Aug, 2018
  • M
Regular Expression Denial of Service (ReDoS)
[,1.0.4), [1.1,1.1.1) Not available 04 Jul, 2018
  • L
Denial of Service (DoS)
[,0.91.1), [0.95, 0.95.1), [0.96, 0.96.1) Not available 20 Jun, 2018
  • M
Information Exposure
[1.7, 1.8.19), [1.9,1.11.11), [2,2.0.3) Not available 07 Mar, 2018
  • M
Regular Expression Denial of Service (ReDoS)
[1.7, 1.8.19), [1.9,1.11.11), [2,2.0.3) Not available 07 Mar, 2018
  • H
Information Exposure
[2,2.0.2), [1.11.8,1.11.10) Not available 12 Feb, 2018
  • M
Cross-site Scripting (XSS)
[1.9,1.10.8), [1.11a1,1.11.5) Not available 06 Sep, 2017
  • M
Open Redirect
[,1.8.18), [1.9,1.9.13), [1.10,1.10.7) Not available 05 Apr, 2017
  • M
Open Redirect
[,1.8.18), [1.9,1.9.13), [1.10,1.10.7) Not available 05 Apr, 2017
  • H
DNS Rebinding
[,1.8.16), [1.9,1.9.11), [1.10,1.10.3) Not available 02 Nov, 2016
  • H
Use of hardcoded DB password
[,1.8.16), [1.9,1.9.11), [1.10,1.10.3) Not available 01 Nov, 2016
  • M
Denial of Service (DoS)
[,1.3.6), [1.4,1.4.4) Not available 30 Sep, 2016
  • H
Cross-site Request Forgery (CSRF)
[,1.8.15), [1.9,1.9.10) Not available 26 Sep, 2016
  • M
Cross-site Scripting (XSS)
[,1.8.14), [1.9,1.9.8) Not available 18 Jul, 2016
  • L
Timing Attack
[,1.8.10), [1.9,1.9.3) Not available 01 Mar, 2016
  • H
Cross-site Scripting (XSS)
[,1.8.10), [1.9,1.9.3) Not available 01 Mar, 2016
  • M
Access Restriction Bypass
[1.9,1.9.2) Not available 01 Feb, 2016
  • M
Information Exposure
[,1.7.11), [1.8,1.8.7) Not available 24 Nov, 2015
  • M
Denial of Service (DoS)
[,1.4.22), [1.5,1.7.10), [1.8,1.8.4) Not available 18 Aug, 2015
  • M
Denial of Service (DoS)
[,1.4.22), [1.5,1.7.10), [1.8,1.8.4) Not available 18 Aug, 2015
  • H
Denial of Service (DoS)
[,1.4.21), [1.5,1.7.9), [1.8,1.8.3) Not available 08 Jul, 2015
  • M
HTTP Response Splitting
[,1.4.21), [1.5,1.7.9), [1.8,1.8.3) Not available 08 Jul, 2015
  • H
Denial of Service (DoS)
[1.8,1.8.3) Not available 08 Jul, 2015
  • M
Session Hijacking
[1.8,1.8.2) Not available 20 May, 2015
  • M
Denial of Service (DoS)
[,1.4.20), [1.5,1.6.11), [1.7,1.7.7) Not available 18 Mar, 2015
  • M
Cross-site Scripting (XSS)
[,1.4.20), [1.5,1.6.11), [1.7,1.7.7) Not available 18 Mar, 2015