SB2025091805 - Gentoo update for Django 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025091805

SB2025091805 - Gentoo update for Django

Published: September 18, 2025

Security Bulletin ID SB2025091805
Severity
High
Patch available
YES
Number of vulnerabilities 38
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 24% Medium 68% Low 8%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 38 secuirty vulnerabilities.


1) Path traversal (CVE-ID: CVE-2021-3281)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences inside archives with "django.utils.archive.extract()" function. A remote attacker can pass specially crafted archive to the application and write files to arbitrary directory on the system.


2) Path traversal (CVE-ID: CVE-2021-28658)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in MultiPartParser. A remote attacker can use a specially crafted files with suitably crafted file names and read arbitrary files on the system.


3) Arbitrary file upload (CVE-ID: CVE-2021-31542)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to insufficient validation of file during file upload via the MultiPartParser, UploadedFile, and FieldFile methods. A remote attacker can upload a file with a specially crafted filename containing directory traversal characters and overwrite arbitrary files on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise the affected system.


4) HTTP response splitting (CVE-ID: CVE-2021-32052)

The vulnerability allows a remote attacker to perform HTTP splitting attacks.

The vulnerability exists due to software does not correctly processes CRLF character sequences in URLValidator. A remote attacker can send specially crafted request containing CRLF sequence and make the application to send a split HTTP response.

Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.

Note, the vulnerability affects Django installations on Python 3.9.5+.


5) Path traversal (CVE-ID: CVE-2021-33203)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences within the "admindocs" view. A remote authenticated attacker can send a specially crafted HTTP request and read arbitrary files on the system.


6) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2021-33571)

The disclosed vulnerability allows a remote attacker to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input in the "URLValidator", "validate_ipv4_address()" and "validate_ipv46_address()" . A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.

Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.


7) SQL injection (CVE-ID: CVE-2021-35042)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in "QuerySet.order_by()". A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.


8) Improper access control (CVE-ID: CVE-2021-44420)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote attacker can send specially crafted HTTP requests for URLs with trailing newlines and bypass an upstream access control based on URL paths.


9) Resource management error (CVE-ID: CVE-2021-45115)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources in UserAttributeSimilarityValidator when evaluating submitted password that were artificially large in relative to the comparison values. A remote attacker can pass specially crafted password to the application and perform a denial of service (DoS) attack.


10) Information exposure through externally-generated error message (CVE-ID: CVE-2021-45116)

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application while handling error conditions in the dictsort template filter. A remote user can obtain sensitive information on the system.


11) Path traversal (CVE-ID: CVE-2021-45452)

The vulnerability allows a remote user to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in the Storage.save() method. A remote user can pass a specially crafted HTTP filename to the application and write the file outside of the intended directory.


12) Cross-site scripting (CVE-ID: CVE-2022-22818)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data when displaying information via the {% debug %} tag. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


13) Infinite loop (CVE-ID: CVE-2022-23833)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when parsing files. A remote attacker can upload a specially crafted file  to the server, consume all available system resources and cause denial of service conditions.


14) SQL injection (CVE-ID: CVE-2022-28346)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data within the QuerySet.annotate(), aggregate(), and extra() methods. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.


15) SQL injection (CVE-ID: CVE-2022-28347)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data within the QuerySet.explain() method. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.


16) SQL injection (CVE-ID: CVE-2022-34265)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data within Trunc(kind) and Extract(lookup_name) arguments. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.


17) Spoofing attack (CVE-ID: CVE-2022-36359)

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of user-supplied data in the FileResponse method. A remote attacker can spoof content of downloaded file and perform reflected file download (RFD) attack.


18) Input validation error (CVE-ID: CVE-2022-41323)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input passed via the locale parameter in internationalized URLs. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


19) Input validation error (CVE-ID: CVE-2023-23969)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the Accept-Language headers. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


20) Resource exhaustion (CVE-ID: CVE-2023-24580)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can certain inputs to multipart forms, trigger memory exhaustion and perform a denial of service (DoS) attack.


21) Resource exhaustion (CVE-ID: CVE-2023-41164)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the django.utils.encoding.uri_to_iri() method. A remote attacker can pass a large number of characters to the affected method and perform a denial of service (DoS) attack.


22) Resource exhaustion (CVE-ID: CVE-2024-24680)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in intcomma template filter. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


23) Inefficient regular expression complexity (CVE-ID: CVE-2024-27351)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when processing untrusted input with a regular expressions in django.utils.text.Truncator.words(). A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.


24) Input validation error (CVE-ID: CVE-2024-38875)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in django.utils.html.urlize() function. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


25) Information disclosure (CVE-ID: CVE-2024-39329)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application in the django.contrib.auth.backends.ModelBackend.authenticate() method. A remote attacker can enumerate users via a timing attack involving login requests for users with an unusable password.


26) Path traversal (CVE-ID: CVE-2024-39330)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in django.core.files.storage.Storage.save() function. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.


27) Input validation error (CVE-ID: CVE-2024-39614)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in django.utils.translation.get_supported_language_variant() function. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


28) Resource exhaustion (CVE-ID: CVE-2024-41989)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in django.utils.numberformat.floatformat() function. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


29) Input validation error (CVE-ID: CVE-2024-41990)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in django.utils.html.urlize() function. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


30) Input validation error (CVE-ID: CVE-2024-41991)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in django.utils.html.urlize() and AdminURLFieldWidget. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


31) SQL injection (CVE-ID: CVE-2024-42005)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in QuerySet.values() and values_list() functions. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.


32) Resource management error (CVE-ID: CVE-2024-45230)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources in urlize and urlizetrunc. A remote attacker can pass very large inputs with a specific sequence of characters the application and perform a denial of service (DoS) attack.


33) Information Exposure Through an Error Message (CVE-ID: CVE-2024-45231)

The vulnerability allows a remote attacker to enumerate email addresses.

The vulnerability exists due to an error when handling password reset in django.contrib.auth.forms.PasswordResetForm. A remote attacker can enumerate user email addresses.


34) Resource exhaustion (CVE-ID: CVE-2024-53907)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the django.utils.html.strip_tags() function. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


35) SQL injection (CVE-ID: CVE-2024-53908)

The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data within the django.db.models.fields.json.HasKey() function in Oracle lookup. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.


36) Input validation error (CVE-ID: CVE-2024-56374)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due lack of upper-bound limit enforcement in strings passed when performing IPv6 validation in clean_ipv6_address() and is_valid_ipv6_address() functions. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


37) Input validation error (CVE-ID: CVE-2025-26699)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in django.utils.text.wrap() and wordwrap template filter. A remote attacker can pass very long strings to the application and perform a denial of service (DoS) attack.


38) Resource exhaustion (CVE-ID: CVE-2025-32873)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the django.utils.html.strip_tags() function. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References