Summary
A security update is available that fixes 2 vulnerabilities, one of which is “high” severity, in Django, a well-known open source framework for developing web applications. This vulnerability, if exploited, could compromise the availability of the service on the affected instances.
Risk
Estimate of the impact of the vulnerability on the reference community: MEDIUM/YELLOW (59.61/100)1.
Type
- Denial of Service
Affected products and versions
Django
- 5.1.x, versions prior to 5.1.1
- 5.0.x, versions prior to 5.0.9
- 4.2.x, versions prior to 4.2.16
Mitigation actions
In line with the vendor’s statements, it is recommended to update the vulnerable products following the instructions in the security bulletin reported in the References section.
Unique Vulnerability Identifiers
Here are only the CVEs related to the “high” severity vulnerabilities:
References
https://www.djangoproject.com/weblog/2024/sep/03/security-releases
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.
