Is django-ses safe to use?

django-ses has 2 known vulnerabilities on the latest version (3.1.0). DepScope rates its health at 47/100 (high risk).

What is the latest version of django-ses?

The latest version of django-ses is 3.1.0, released 2025-04-22.

Does django-ses have known vulnerabilities?

Yes. django-ses has 2 known vulnerabilities. See depscope.dev/pkg/conda/django-ses for details.

Is django-ses deprecated?

No, django-ses is actively maintained. Latest release: 3.1.0 (2025-04-22).

What are alternatives to django-ses?

DepScope has no curated alternatives for django-ses at this time.

What license does django-ses use?

django-ses is licensed under MIT.

django-ses

condav3.1.0

A Django email backend for Amazon's Simple Email Service

License MITpermissive20 versions1 maintainers0 deps206 weekly dl

/ 100

Health

safe to use

[email protected] is safe to use (health: 47/100)

Update to >= 3.5.0 to fix known vulnerabilities

Health breakdown0 – 100

5/25

maintenance

3/20

popularity

25/25

security

12/15

maturity

2/15

community

Vulnerabilities

2 low

Advisories (2)

Severity	ID	Summary	Fixed in
low	CVE-2023-33185	Incorrect signature verification in django-ses	3.5.0
unknown	CVE-2023-33185	Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests are signed by AWS and are verified by django_ses, however the verification of this signature was found to be flawed as it allowed users to specify arbitrary public certificates. This issue was patched i	3.5.0

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/conda/django-ses

First published · 2020-05-27 20:00:21.908000+00:00

Last updated · 2025-04-22 14:57:27.070000+00:00