Package impact
PyPI / django-unicorn
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-42053 | unknown | — | 1.0 | 5y ago | The Unicorn framework through 0.35.3 for Django allows XSS via component.name. | |||
| CVE-2026-31815 | unknown | — | — | 3mo ago | django-unicorn affected by component state manipulation via unvalidated attribute access | |||
| CVE-2025-24370 | unknown | — | — | 1y ago | Django-Unicorn Class Pollution Vulnerability, Leading to XSS, DoS and Authentication Bypass | |||
| CVE-2021-42134 | unknown | — | — | 5y ago | The Unicorn framework before 0.36.1 for Django allows XSS via a component. NOTE: this issue exists because of an incomplete fix for CVE-2021-42053. |