Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f86365f7 by Salvatore Bonaccorso at 2026-02-03T18:41:03+01:00 Add initial tracking for python-django issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,21 @@ +CVE-2026-1312 [Potential SQL injection via QuerySet.order_by and FilteredRelation] + - python-django <unfixed> + NOTE: https://www.djangoproject.com/weblog/2026/feb/03/security-releases/ +CVE-2026-1287 [Potential SQL injection in column aliases via control characters] + - python-django <unfixed> + NOTE: https://www.djangoproject.com/weblog/2026/feb/03/security-releases/ +CVE-2026-1285 [Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods] + - python-django <unfixed> + NOTE: https://www.djangoproject.com/weblog/2026/feb/03/security-releases/ +CVE-2026-1207 [Potential SQL injection via raster lookups on PostGIS] + - python-django <unfixed> + NOTE: https://www.djangoproject.com/weblog/2026/feb/03/security-releases/ +CVE-2025-14550 [Potential denial-of-service vulnerability via repeated headers when using ASGI] + - python-django <unfixed> + NOTE: https://www.djangoproject.com/weblog/2026/feb/03/security-releases/ +CVE-2025-13473 [Username enumeration through timing difference in mod_wsgi authentication handler] + - python-django <unfixed> + NOTE: https://www.djangoproject.com/weblog/2026/feb/03/security-releases/ CVE-2026-25228 (Signal K Server is a server application that runs on a central hub in ...) NOT-FOR-US: Signal K Server CVE-2026-25222 (PolarLearn is a free and open-source learning program. In 0-PRERELEASE ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f86365f7eb20d6057b2eaaf661b13722dd282299 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f86365f7eb20d6057b2eaaf661b13722dd282299 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
