| CVE-2019-19844 |
AVG-1081 |
High |
Yes |
Insufficient validation |
Django's password-reset form uses a case-insensitive query to retrieve accounts matching the email address requesting the password reset. Because this... |
| CVE-2019-14235 |
AVG-1014 |
Medium |
Yes |
Denial of service |
If passed certain inputs, django.utils.encoding.uri_to_iri() could lead to significant memory usage due to excessive recursion when re- percent encoding... |
| CVE-2019-14234 |
AVG-1014 |
Medium |
Yes |
Sql injection |
Key and index lookups for JSONField and key lookups for HStoreField were subject to SQL injection, using a suitably crafted dictionary, with dictionary... |
| CVE-2019-14233 |
AVG-1014 |
Medium |
Yes |
Denial of service |
Due to the behavior of the underlying HTMLParser, django.utils.html.strip_tags() would be extremely slow to evaluate certain inputs containing large... |
| CVE-2019-14232 |
AVG-1014 |
Medium |
Yes |
Denial of service |
If ``django.utils.text.Truncator``'s ``chars()`` and ``words()`` methods were passed the ``html=True`` argument, they were extremely slow to evaluate... |
| CVE-2019-12781 |
AVG-1001 |
High |
Yes |
Silent downgrade |
An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via... |
| CVE-2019-12308 |
AVG-970 |
Medium |
Yes |
Cross-site scripting |
The clickable "Current URL" link generated by AdminURLFieldWidget displayed the provided value without validating it as a safe URL. Thus, an unvalidated... |
| CVE-2019-6975 |
AVG-882 |
Medium |
Yes |
Denial of service |
Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows uncontrolled memory consumption via a malicious attacker- supplied value to... |
| CVE-2019-3498 |
AVG-838 |
Medium |
Yes |
Content spoofing |
A content spoofing issue has been found in django before 2.1.5 and 1.11.18, where an attacker could craft a malicious URL that could make spoofed content... |
| CVE-2018-16984 |
AVG-774 |
Medium |
Yes |
Information disclosure |
If an admin user has the change permission to the user model, only part of the password hash is displayed in the change form. Admin users with the view (but... |
| CVE-2018-14574 |
AVG-746 |
Medium |
Yes |
Open redirect |
If the django.middleware.common.CommonMiddleware and the APPEND_SLASH setting are both enabled, and if the project has a URL pattern that accepts any path... |
| CVE-2018-7537 |
AVG-649 |
Medium |
Yes |
Denial of service |
If django.utils.text.Truncator’s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to... |
| CVE-2018-7536 |
AVG-649 |
Medium |
Yes |
Denial of service |
The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular... |
| CVE-2018-6188 |
AVG-624 |
Medium |
Yes |
Information disclosure |
A regression in Django 1.11.8 and 1.11.9 before 1.11.10 and 2.0 before 2.0.2 made AuthenticationForm run its confirm_login_allowed() method even if an... |
| CVE-2017-7234 |
AVG-233 |
Medium |
Yes |
Open redirect |
A maliciously crafted URL to a Django site using the serve() view could redirect to any other domain. The view no longer does any redirects as they don’t... |
| CVE-2017-7233 |
AVG-233 |
Medium |
Yes |
Cross-site scripting |
Django relies on user input in some cases (e.g. django.contrib.auth.views.login() and i18n) to redirect the user to an “on success” URL. The security check... |
| CVE-2016-9014 |
AVG-57 |
High |
Yes |
Access restriction bypass |
Older versions of Django don't validate the Host header against settings.ALLOWED_HOSTS when settings.DEBUG=True. This makes them vulnerable to a DNS... |
| CVE-2016-9013 |
AVG-57 |
High |
Yes |
Authentication bypass |
When running tests with an Oracle database, Django creates a temporary database user. In older versions, if a password isn't manually specified in the... |
| CVE-2016-7401 |
AVG-35 |
Medium |
Yes |
Cross-site request forgery |
Sergey Bobrov found a vulnerability where an interaction between Google Analytics and Django's cookie parsing could allow an attacker to set arbitrary... |