Software Detail

Software Informaton Top

Framework

Software Detail

Django

Number Of NVD

112

CRITICAL

HIGH

MEDIUM

LOW

URL	https://www.djangoproject.com/
Explanation	It is a web application framework written in Python. Django uses the "A.B.C" format for versioning. A.B" is for feature releases, and "C" is for patches, which are used for bug fixes and security fixes. Feature releases are released at intervals of about eight months. There are releases that are covered by long-term support, such as security releases, which are guaranteed for three years. Long-term support covers A.2". A.2" is the version with ".2".
Tag	Python オープンソース BSD License

Add Information URL

No	Type	Name	URL
1			https://www.djangoproject.com/download/
2			https://djangoproject.jp/
3			https://docs.djangoproject.com/en/dev/internals/release-process/
4			https://github.com/django/django

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Extended for a fee	Critical	High	Medium	Low
111	Django5.0	5.0.14	April 2, 2025	Dec. 4, 2023	Aug. 31, 2022	April 30, 2025	0	4	1	0
112	Django4.2 LTS	4.2.26	Nov. 5, 2025	April 1, 2023	Dec. 31, 2023	April 30, 2026	2	10	2	1
113	Django4.1	4.1.13	Nov. 1, 2023	Aug. 1, 2022	April 30, 2023	Dec. 31, 2023	1	7	0	0
114	Django4.0	4.0.10	Feb. 14, 2023	Dec. 1, 2021	Aug. 31, 2022	April 30, 2023	4	8	2	0
115	Django3.2 LTS	3.2.25	March 4, 2024	April 6, 2021	Dec. 31, 2021	April 30, 2024	5	15	4	0
116	Django3.1	3.1.13	July 1, 2021	Aug. 4, 2020	April 30, 2021	Dec. 31, 2021	1	5	5	0
117	Django3.0	3.0.14	April 6, 2021	Dec. 2, 2019	Aug. 31, 2020	April 30, 2021	2	4	6	0
118	Django2.2 LTS	2.2.28	April 11, 2022	April 1, 2019	Dec. 2, 2019	April 30, 2022	5	12	12	0
119	Django2.1	2.1.15	Dec. 2, 2019	Aug. 1, 2018	April 1, 2019	Dec. 2, 2019	1	4	6	0
120	Django2.0 LTS	2.0.9	Feb. 12, 2019	Dec. 3, 2017	Aug. 1, 2018	April 1, 2019	0	2	5	0
121	Django1.11 LTS	1.11.29	March 4, 2020	April 5, 2017	April 1, 2017	April 1, 2020	3	6	8	0
122	Django1.9	1.9.13	April 1, 2017	Dec. 1, 2015	Aug. 31, 2016	April 30, 2017	4	8	12	1
123	Django1.8	1.8.19	March 6, 2018	April 2, 2015	Dec. 1, 2015	April 1, 2018	2	5	14	1
124	Django1.7	1.7.11	Nov. 24, 2015	Sept. 2, 2014	Jan. 1, 1900		1	3	20	1
125	Django1.6	1.6.11	March 18, 2015	Nov. 6, 2013	Jan. 1, 1900		1	3	22	1
126	Django1.5	1.5.12	Jan. 2, 2015	Feb. 26, 2013	Jan. 1, 1900		1	3	19	1
127	Django1.4	1.4.22	Aug. 18, 2015	March 23, 2012	Jan. 1, 1900		1	3	28	1
128	Django1.3	1.3.7	Feb. 20, 2013	March 23, 2011	Jan. 1, 1900		1	2	28	1
129	Django1.2	1.2.7	Sept. 10, 2011	May 17, 2010	Jan. 1, 1900		1	3	28	1
130	Django1.2-alpha1	1.2-alpha1	Jan. 1, 1900		Jan. 1, 1900		0	0	4	0
131	Django1.10	1.10.8	Jan. 1, 1900		April 30, 2017	Nov. 30, 2017	2	1	5	0
132	Django1.1	1.1.4	Jan. 1, 1900		Jan. 1, 1900		2	5	33	1
133	Django1.0	1.0.2	Jan. 1, 1900		Jan. 1, 1900		1	2	26	1
134	Django0.96	0.96	Jan. 1, 1900		Jan. 1, 1900		1	2	25	1
135	Django0.95	0.95	July 1, 2006		Jan. 1, 1900		1	2	25	1

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
111	- 4.3	MEDIUM	Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via a csrfmiddlewaretoken (aka csrf_token) cookie.	CWE-79 Cross-site Scripting	CVE-2010-3082	cpe:2.3:a:djangoproject:django:1.2.2:* cpe:2.3:a:djangoproject:django:1.2.1:2 cpe:2.3:a:djangoproject:django:1.2.…	2024-11-21 10:17 2010-09-15	Show	GitHub Exploit DB Packet Storm

112	- 5.0	MEDIUM	Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a crafted (1) Emai…	NVD-CWE-Other	CVE-2009-3695	cpe:2.3:a:djangoproject:django:1.1:* cpe:2.3:a:djangoproject:django:1.0:*	2026-04-23 09:35 2009-10-13	Show	GitHub Exploit DB Packet Storm