Vulnerabilities > Djangoproject > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-08 CVE-2024-45230 Unspecified vulnerability in Djangoproject Django
An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16.
network
low complexity
djangoproject
7.5
7.5
2024-08-07 CVE-2024-41989 Unspecified vulnerability in Djangoproject Django
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15.
network
low complexity
djangoproject
7.5
7.5
2024-08-07 CVE-2024-41990 Unspecified vulnerability in Djangoproject Django
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15.
network
low complexity
djangoproject
7.5
7.5
2024-08-07 CVE-2024-41991 Improper Validation of Specified Quantity in Input vulnerability in Djangoproject Django
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15.
network
low complexity
djangoproject CWE-1284
7.5
7.5
2024-08-07 CVE-2024-42005 SQL Injection vulnerability in Djangoproject Django
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15.
network
low complexity
djangoproject CWE-89
7.3
7.3
2024-02-06 CVE-2024-24680 Unspecified vulnerability in Djangoproject Django
An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2.
network
low complexity
djangoproject
7.5
7.5
2023-11-03 CVE-2023-41164 Improper Validation of Specified Quantity in Input vulnerability in multiple products
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
network
low complexity
djangoproject fedoraproject CWE-1284
7.5
7.5
2023-11-03 CVE-2023-43665 Improper Validation of Specified Quantity in Input vulnerability in multiple products
In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text.
network
low complexity
djangoproject fedoraproject CWE-1284
7.5
7.5
2023-11-02 CVE-2023-46695 Allocation of Resources Without Limits or Throttling vulnerability in Djangoproject Django
An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7.
network
low complexity
djangoproject CWE-770
7.5
7.5
2023-07-03 CVE-2023-36053 In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.
network
low complexity
djangoproject debian fedoraproject
7.5
7.5