Moderate severityNVD Advisory· Published Oct 11, 2021· Updated Aug 4, 2024
CVE-2021-42134
CVE-2021-42134
Description
The Unicorn framework before 0.36.1 for Django allows XSS via a component. NOTE: this issue exists because of an incomplete fix for CVE-2021-42053.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
django-unicornPyPI | < 0.36.1 | 0.36.1 |
Affected products
2- Django/Unicorn frameworkdescription
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-ggmv-6q9p-9gm6ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-42134ghsaADVISORY
- github.com/adamghill/django-unicorn/commit/3a832a9e3f6455ddd3b87f646247269918ad10c6ghsax_refsource_MISCWEB
- github.com/adamghill/django-unicorn/compare/0.36.0...0.36.1ghsax_refsource_MISCWEB
- github.com/pypa/advisory-database/tree/main/vulns/django-unicorn/PYSEC-2021-369.yamlghsaWEB
News mentions
0No linked articles in our index yet.