It was discovered that the Django URLValidator function incorrectly handled newlines and tabs. A remote attacker could possibly use this issue to perform a header injection attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-32052)
Rasmus Lerchedahl Petersen and Rasmus Wriedt Larsen discovered that Django incorrectly handled path sanitation in admindocs. A remote attacker could possibly use this issue to determine the existence of arbitrary files and in certain configurations obtain their contents. (CVE-2021-33203)
It was discovered that Django incorrectly handled IPv4 addresses with leading zeros. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions. (CVE-2021-33571)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1:1.11.11-1ubuntu1.14", "binary_name": "python-django" }, { "binary_version": "1:1.11.11-1ubuntu1.14", "binary_name": "python-django-common" }, { "binary_version": "1:1.11.11-1ubuntu1.14", "binary_name": "python-django-doc" }, { "binary_version": "1:1.11.11-1ubuntu1.14", "binary_name": "python3-django" } ] }