Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
djangoproject django 1.10.7 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-12308
An issue exists in Django 1.11 prior to 1.11.21, 2.1 prior to 2.1.9, and 2.2 prior to 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or...
Djangoproject Django
7.5
CVSSv3
CVE-2019-6975
Django 1.11.x prior to 1.11.19, 2.0.x prior to 2.0.11, and 2.1.x prior to 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.
Djangoproject Django
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Fedoraproject Fedora 28
Fedoraproject Fedora 29
3 Github repositories
6.1
CVSSv3
CVE-2017-12794
In Django 1.10.x prior to 1.10.8 and 1.11.x prior to 1.11.5, HTML autoescaping was disabled in a portion of the template for the technical 500 debug page. Given the right circumstances, this allowed a cross-site scripting attack. This vulnerability shouldn't affect most prod...
Djangoproject Django 1.10.1
Djangoproject Django 1.10.2
Djangoproject Django 1.11.0
Djangoproject Django 1.11.1
Djangoproject Django 1.10.3
Djangoproject Django 1.10.4
Djangoproject Django 1.11.4
Djangoproject Django 1.10.0
Djangoproject Django 1.10.7
Djangoproject Django 1.11.2
Djangoproject Django 1.11.3
Djangoproject Django 1.10.5
Djangoproject Django 1.10.6
6.1
CVSSv3
CVE-2017-7234
A maliciously crafted URL to a Django (1.10 prior to 1.10.7, 1.9 prior to 1.9.13, and 1.8 prior to 1.8.18) site using the ``django.views.static.serve()`` view could redirect to any other domain, aka an open redirect vulnerability.
Djangoproject Django 1.8.2
Djangoproject Django 1.8.3
Djangoproject Django 1.8.10
Djangoproject Django 1.8.11
Djangoproject Django 1.8.0
Djangoproject Django 1.9.4
Djangoproject Django 1.9.5
Djangoproject Django 1.10.1
Djangoproject Django 1.10.2
Djangoproject Django 1.9
Djangoproject Django 1.9.1
Djangoproject Django 1.8.4
Djangoproject Django 1.8.5
Djangoproject Django 1.8.12
Djangoproject Django 1.8.13
Djangoproject Django 1.9.6
Djangoproject Django 1.9.7
Djangoproject Django 1.10.3
Djangoproject Django 1.10.4
Djangoproject Django 1.9.2
Djangoproject Django 1.9.8
Djangoproject Django 1.8.1
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2