Search CVE reports


Toggle filters

171 – 172 of 172 results


CVE-2007-0405

Medium priority
Not affected

The LazyUser class in the AuthenticationMiddleware for Django 0.95 does not properly cache the user name across requests, which allows remote authenticated users to gain the privileges of a different user.

1 affected package

python-django

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python-django
Show less packages

CVE-2007-0404

Medium priority
Not affected

bin/compile-messages.py in Django 0.95 does not quote argument strings before invoking the msgfmt program through the os.system function, which allows attackers to execute arbitrary commands via shell metacharacters in a (1) .po...

1 affected package

python-django

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
python-django
Show less packages