Wagtail

Latest version: v6.4.1

Vulnerabilities (15)

CVE/PVE	Vulnerability ID	Advisory	Affected versions	Severity	Severity Score
CVE-2024-39317	72127	Wagtail addresses a regular expression denial-of-service (ReDoS) vuln…	<5.2.6 >=6.0rc1,<6.0.6 >=6.1rc1,<6.1.3	MEDIUM	4.9
CVE-2023-45809	61943	Wagtail 4.1.9, 5.0.5 and 5.1.3 include a fix for CVE-2023-45809: A us…	<4.1.9 >=5.1rc1,<5.1.3 >=4.2rc1,<5.0.5	LOW	2.7
CVE-2021-32681	40803	A cross-site scripting vulnerability exists in versions 2.13-2.13.1, …	<2.11.8 >=2.13rc1,<=2.13.1 >=2.12rc1,<=2.12.4	MEDIUM	5.4
CVE-2024-35228	71780	Wagtail is an open source content management system built on Django. …	>=6.0,<6.0.4 >=6.1,<6.1.1	-	-
CVE-2024-32882	71238	Wagtail is an open source content management system built on Django. …	>=6.0.2,<6.0.3 >=6.0,<6.1	-	-
CVE-2023-28836	54840	Wagtail 4.1.4 and 4.2.2 include a fix for CVE-2023-28836: Starting in…	>=4.2rc1,<4.2.2 >=1.5rc1,<4.1.4	MEDIUM	5.4
CVE-2023-4863	61487	Wagtail 5.0.4 and 4.1.8 update its requirement 'pillow' spec to '>=6.…	<4.1.8 >=5.0rc1,<5.0.4	HIGH	8.8
CVE-2023-28837	54841	Wagtail 4.1.4 and 4.2.2 include a fix for CVE-2023-28837: Prior to ve…	<4.1.4 >=4.2rc1,<4.2.2	MEDIUM	4.9
CVE-2020-11037	38249	Affected versions of Wagtail are vulnerable to a potential timing att…	<2.7.3 >=2.8.0,<2.8.2	MEDIUM	4.7
CVE-2020-11001	38184	Affected versions of Wagtail are vulnerable to cross-site scripting (…	<2.7.2 >=2.8rc1,<2.8.1	MEDIUM	6.8
CVE-2021-29434	40230	Wagtail is a Django content management system. In affected versions o…	>=2.11a1,<2.11.7 >=2.12a1,<2.12.4	MEDIUM	4.8
PVE-2024-64464	64464	The Wagtail 5.2rc1 release addresses a race condition issue that coul…	<5.2rc1	-	-
PVE-2024-64506	64506	The Wagtail 5.2rc1 release includes a fix for a race condition that c…	<5.2rc1	-	-
CVE-2020-15118	38922	Wagtail 2.7.4 includes a fix for CVE-2020-15118 to prevent HTML injec…	<2.7.4	MEDIUM	5.4
CVE-2022-21683	44608	Wagtail 2.15.2 includes a fix for CVE-2022-21683: When notifications …	>=2.13a0,<2.15.2	MEDIUM	4.3