Back

Critical Django Vulnerabilities Affecting Multiple Ubuntu Releases

Severity: High (Score: 72.8)

Sources: Linuxsecurity, Ubuntu

Summary

Multiple vulnerabilities in Django have been identified, affecting various Ubuntu versions including 22.04 LTS, 24.04 LTS, and 25.10. These vulnerabilities allow remote attackers to exploit memory handling issues, potentially leading to denial of service conditions. Specifically, CVE-2026-33033 details improper memory handling during multipart uploads, while CVE-2026-33034 reveals a lack of enforcement on upload memory size limits in the Content-Length header. Additionally, CVE-2026-4277 and CVE-2026-4292 involve issues with model data verification that could allow permission forging. The vulnerabilities were published on April 7, 2026, and are considered critical. Users are advised to update their Django packages to mitigate these risks. The affected systems include Ubuntu 18.04 LTS through 25.10, with specific package versions provided for remediation. Key Points: • Django vulnerabilities could lead to denial of service on multiple Ubuntu versions. • Critical CVEs include CVE-2026-33033 and CVE-2026-33034, published on April 7, 2026. • Immediate updates are required for affected systems to prevent exploitation.

Key Entities

  • Denial of Service (attack_type)
  • CVE-2026-33033 (cve)
  • CVE-2026-33034 (cve)
  • CVE-2026-3902 (cve)
  • CVE-2026-4277 (cve)
  • CVE-2026-4292 (cve)
  • Django (platform)
  • Python3-django (platform)
  • Python (tool)
  • Ubuntu (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed