VYPR

python-django

by Debian

CVEs (2)

  • CVE-2026-53877Jul 8, 2026
    risk 0.00cvss epss

    An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. `django.contrib.gis.gdal.GDALRaster` over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault…

  • CVE-2026-48588Jul 8, 2026
    risk 0.00cvss epss

    An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. `UpdateCacheMiddleware` and the `cache_page()` decorator cache responses that vary on cookies when the incoming request carries unrelated cookies, which allows remote attackers to read private data from…