ID ASA-201908-2 Type archlinux Reporter ArchLinux Modified 2019-08-05T00:00:00
Description
Arch Linux Security Advisory ASA-201908-2
Severity: Medium
Date : 2019-08-05
CVE-ID : CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235
Package : python-django
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1015
Summary
The package python-django before version 2.2.4-1 is vulnerable to
multiple issues including denial of service and sql injection.
Resolution
Upgrade to 2.2.4-1.
pacman -Syu "python-django>=2.2.4-1"
The problems have been fixed upstream in version 2.2.4.
Workaround
None.
Description
CVE-2019-14232 (denial of service)
If django.utils.text.Truncator's chars() and words()
methods were passed the html=True argument, they were extremely
slow to evaluate certain inputs due to a catastrophic backtracking
vulnerability in a regular expression. The chars() and words()
methods are used to implement the truncatechars_html and
truncatewords_html template filters, which were thus vulnerable.
The regular expressions used by Truncator have been simplified in
order to avoid potential backtracking issues. As a consequence,
trailing punctuation may now at times be included in the truncated
output.
CVE-2019-14233 (denial of service)
Due to the behavior of the underlying HTMLParser,
django.utils.html.strip_tags() would be extremely slow to evaluate
certain inputs containing large sequences of nested incomplete HTML
entities. The strip_tags() method is used to implement the
corresponding striptags template filter, which was thus also
vulnerable. strip_tags() now avoids recursive calls to HTMLParser when
progress removing tags, but necessarily incomplete HTML entities, stops
being made
CVE-2019-14234 (sql injection)
Key and index lookups for JSONField and key lookups for HStoreField
were subject to SQL injection, using a suitably crafted dictionary,
with dictionary expansion, as the **kwargs passed to QuerySet.filter().
CVE-2019-14235 (denial of service)
If passed certain inputs, django.utils.encoding.uri_to_iri() could lead
to significant memory usage due to excessive recursion when re-percent
encoding invalid UTF-8 octet sequences.
Impact
A remote attacker can cause a denial of service via crafted content, or
alter the database via a SQL injection.
{"id": "ASA-201908-2", "type": "archlinux", "bulletinFamily": "unix", "title": "[ASA-201908-2] python-django: multiple issues", "description": "Arch Linux Security Advisory ASA-201908-2\n=========================================\n\nSeverity: Medium\nDate : 2019-08-05\nCVE-ID : CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235\nPackage : python-django\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1015\n\nSummary\n=======\n\nThe package python-django before version 2.2.4-1 is vulnerable to\nmultiple issues including denial of service and sql injection.\n\nResolution\n==========\n\nUpgrade to 2.2.4-1.\n\n# pacman -Syu \"python-django>=2.2.4-1\"\n\nThe problems have been fixed upstream in version 2.2.4.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2019-14232 (denial of service)\n\nIf ``django.utils.text.Truncator``'s ``chars()`` and ``words()``\nmethods were passed the ``html=True`` argument, they were extremely\nslow to evaluate certain inputs due to a catastrophic backtracking\nvulnerability in a regular expression. The ``chars()`` and ``words()``\nmethods are used to implement the ``truncatechars_html`` and\n``truncatewords_html`` template filters, which were thus vulnerable.\nThe regular expressions used by ``Truncator`` have been simplified in\norder to avoid potential backtracking issues. As a consequence,\ntrailing punctuation may now at times be included in the truncated\noutput.\n\n- CVE-2019-14233 (denial of service)\n\nDue to the behavior of the underlying HTMLParser,\ndjango.utils.html.strip_tags() would be extremely slow to evaluate\ncertain inputs containing large sequences of nested incomplete HTML\nentities. The strip_tags() method is used to implement the\ncorresponding striptags template filter, which was thus also\nvulnerable. strip_tags() now avoids recursive calls to HTMLParser when\nprogress removing tags, but necessarily incomplete HTML entities, stops\nbeing made\n\n- CVE-2019-14234 (sql injection)\n\nKey and index lookups for JSONField and key lookups for HStoreField\nwere subject to SQL injection, using a suitably crafted dictionary,\nwith dictionary expansion, as the **kwargs passed to QuerySet.filter().\n\n- CVE-2019-14235 (denial of service)\n\nIf passed certain inputs, django.utils.encoding.uri_to_iri() could lead\nto significant memory usage due to excessive recursion when re-percent\nencoding invalid UTF-8 octet sequences.\n\nImpact\n======\n\nA remote attacker can cause a denial of service via crafted content, or\nalter the database via a SQL injection.\n\nReferences\n==========\n\nhttps://docs.djangoproject.com/en/dev/releases/1.11.23/\nhttps://github.com/django/django/commit/7f65974f8219729c047fbbf8cd5cc9d80faefe77\nhttps://github.com/django/django/commit/4b78420d250df5e21763633871e486ee76728cc4\nhttps://github.com/django/django/commit/7deeabc7c7526786df6894429ce89a9c4b614086\nhttps://github.com/django/django/commit/76ed1c49f804d409cfc2911a890c78584db3c76e\nhttps://security.archlinux.org/CVE-2019-14232\nhttps://security.archlinux.org/CVE-2019-14233\nhttps://security.archlinux.org/CVE-2019-14234\nhttps://security.archlinux.org/CVE-2019-14235", "published": "2019-08-05T00:00:00", "modified": "2019-08-05T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://security.archlinux.org/ASA-201908-2", "reporter": "ArchLinux", "references": ["https://security.archlinux.org/AVG-1015", "https://docs.djangoproject.com/en/dev/releases/1.11.23/", "https://github.com/django/django/commit/7f65974f8219729c047fbbf8cd5cc9d80faefe77", "https://github.com/django/django/commit/4b78420d250df5e21763633871e486ee76728cc4", "https://github.com/django/django/commit/7deeabc7c7526786df6894429ce89a9c4b614086", "https://github.com/django/django/commit/76ed1c49f804d409cfc2911a890c78584db3c76e", "https://security.archlinux.org/CVE-2019-14232", "https://security.archlinux.org/CVE-2019-14233", "https://security.archlinux.org/CVE-2019-14234", "https://security.archlinux.org/CVE-2019-14235"], "cvelist": ["CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "immutableFields": [], "lastseen": "2021-07-28T14:34:00", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "archlinux", "idList": ["ASA-201908-3"]}, {"type": "cve", "idList": ["CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1872-1:760BB", "DEBIAN:DLA-1872-1:91940", "DEBIAN:DSA-4498-1:30C3D", "DEBIAN:DSA-4498-1:4F8F9"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-14232", "DEBIANCVE:CVE-2019-14233", "DEBIANCVE:CVE-2019-14234", "DEBIANCVE:CVE-2019-14235"]}, {"type": "fedora", "idList": ["FEDORA:A044630F303D", "FEDORA:DE0366112E36"]}, {"type": "freebsd", "idList": ["6E65DFEA-B614-11E9-A3A2-1506E15611CC"]}, {"type": "gentoo", "idList": ["GLSA-202004-17"]}, {"type": "github", "idList": ["GHSA-6R97-CJ55-9HRQ", "GHSA-C4QH-4VGV-QC6G", "GHSA-H5JV-4P7W-64JG", "GHSA-V9QG-3J8P-R63V"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-4498.NASL", "FEDORA_2019-647F74CE51.NASL", "FREEBSD_PKG_6E65DFEAB61411E9A3A21506E15611CC.NASL", "GENTOO_GLSA-202004-17.NASL", "OPENSUSE-2019-1839.NASL", "REDHAT-RHSA-2020-4390.NASL", "UBUNTU_USN-4084-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310112616", "OPENVAS:1361412562310112617", "OPENVAS:1361412562310704498", "OPENVAS:1361412562310844123", "OPENVAS:1361412562310852959", "OPENVAS:1361412562310876683", "OPENVAS:1361412562310877984", "OPENVAS:1361412562310891872"]}, {"type": "redhat", "idList": ["RHSA-2020:1324", "RHSA-2020:4390"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-14233"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1839-1", "OPENSUSE-SU-2019:1872-1"]}, {"type": "ubuntu", "idList": ["USN-4084-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-14232", "UB:CVE-2019-14233", "UB:CVE-2019-14234", "UB:CVE-2019-14235"]}], "rev": 4}, "score": {"value": 6.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "archlinux", "idList": ["ASA-201908-3"]}, {"type": "cve", "idList": ["CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1872-1:760BB", "DEBIAN:DSA-4498-1:4F8F9"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-14232", "DEBIANCVE:CVE-2019-14233", "DEBIANCVE:CVE-2019-14234", "DEBIANCVE:CVE-2019-14235"]}, {"type": "fedora", "idList": ["FEDORA:A044630F303D", "FEDORA:DE0366112E36"]}, {"type": "freebsd", "idList": ["6E65DFEA-B614-11E9-A3A2-1506E15611CC"]}, {"type": "gentoo", "idList": ["GLSA-202004-17"]}, {"type": "github", "idList": ["GHSA-6R97-CJ55-9HRQ", "GHSA-C4QH-4VGV-QC6G", "GHSA-H5JV-4P7W-64JG", "GHSA-V9QG-3J8P-R63V"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-4498.NASL", "FEDORA_2019-647F74CE51.NASL", "FREEBSD_PKG_6E65DFEAB61411E9A3A21506E15611CC.NASL", "GENTOO_GLSA-202004-17.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310112616", "OPENVAS:1361412562310112617", "OPENVAS:1361412562310704498", "OPENVAS:1361412562310844123", "OPENVAS:1361412562310876683", "OPENVAS:1361412562310891872"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-14233"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1839-1", "OPENSUSE-SU-2019:1872-1"]}, {"type": "ubuntu", "idList": ["USN-4084-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-14232", "UB:CVE-2019-14233", "UB:CVE-2019-14234", "UB:CVE-2019-14235"]}]}, "exploitation": null, "vulnersScore": 6.3}, "affectedPackage": [{"OS": "ArchLinux", "OSVersion": "any", "arch": "any", "packageVersion": "2.2.4-1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "python-django"}], "_state": {"dependencies": 1647589307, "score": 0}}
{"nessus": [{"lastseen": "2022-05-07T17:37:24", "description": "Several vulnerabilities were discovered in python-django, a web development framework. They could lead to remote denial-of-service or SQL injection,", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-13T00:00:00", "type": "nessus", "title": "Debian DSA-4498-1 : python-django - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:python-django", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4498.NASL", "href": "https://www.tenable.com/plugins/nessus/127822", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4498. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127822);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-14232\", \"CVE-2019-14233\", \"CVE-2019-14234\", \"CVE-2019-14235\");\n script_xref(name:\"DSA\", value:\"4498\");\n\n script_name(english:\"Debian DSA-4498-1 : python-django - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in python-django, a web\ndevelopment framework. They could lead to remote denial-of-service or\nSQL injection,\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934026\"\n );\n # https://security-tracker.debian.org/tracker/source-package/python-django\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?22eb32f6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/python-django\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/python-django\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4498\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the python-django packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 1:1.10.7-2+deb9u6.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 1:1.11.23-1~deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-django\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"python-django\", reference:\"1:1.11.23-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"python-django-common\", reference:\"1:1.11.23-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"python-django-doc\", reference:\"1:1.11.23-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"python3-django\", reference:\"1:1.11.23-1~deb10u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-django\", reference:\"1:1.10.7-2+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-django-common\", reference:\"1:1.10.7-2+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python-django-doc\", reference:\"1:1.10.7-2+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"python3-django\", reference:\"1:1.10.7-2+deb9u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-07T17:37:26", "description": "Django release notes :\n\nCVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator\n\nIf django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable\n\nThe regular expressions used by Truncator have been simplified in order to avoid potential backtracking issues. As a consequence, trailing punctuation may now at times be included in the truncated output.\n\nCVE-2019-14233: Denial-of-service possibility in strip_tags()\n\nDue to the behavior of the underlying HTMLParser, django.utils.html.strip_tags() would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities. The strip_tags() method is used to implement the corresponding striptags template filter, which was thus also vulnerable.\n\nstrip_tags() now avoids recursive calls to HTMLParser when progress removing tags, but necessarily incomplete HTML entities, stops being made.\n\nRemember that absolutely NO guarantee is provided about the results of strip_tags() being HTML safe. So NEVER mark safe the result of a strip_tags() call without escaping it first, for example with django.utils.html.escape().\n\nCVE-2019-14234: SQL injection possibility in key and index lookups for JSONField/HStoreField\n\nKey and index lookups for JSONField and key lookups for HStoreField were subject to SQL injection, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to QuerySet.filter().\n\nCVE-2019-14235: Potential memory exhaustion in django.utils.encoding.uri_to_iri()\n\nIf passed certain inputs, django.utils.encoding.uri_to_iri() could lead to significant memory usage due to excessive recursion when re-percent-encoding invalid UTF-8 octet sequences.\n\nuri_to_iri() now avoids recursion when re-percent-encoding invalid UTF-8 octet sequences.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "FreeBSD : Django -- multiple vulnerabilities (6e65dfea-b614-11e9-a3a2-1506e15611cc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:py27-django111", "p-cpe:/a:freebsd:freebsd:py27-django21", "p-cpe:/a:freebsd:freebsd:py27-django22", "p-cpe:/a:freebsd:freebsd:py35-django111", "p-cpe:/a:freebsd:freebsd:py35-django21", "p-cpe:/a:freebsd:freebsd:py35-django22", "p-cpe:/a:freebsd:freebsd:py36-django111", "p-cpe:/a:freebsd:freebsd:py36-django21", "p-cpe:/a:freebsd:freebsd:py36-django22", "p-cpe:/a:freebsd:freebsd:py37-django111", "p-cpe:/a:freebsd:freebsd:py37-django21", "p-cpe:/a:freebsd:freebsd:py37-django22", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_6E65DFEAB61411E9A3A21506E15611CC.NASL", "href": "https://www.tenable.com/plugins/nessus/127547", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127547);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-14232\", \"CVE-2019-14233\", \"CVE-2019-14234\", \"CVE-2019-14235\");\n\n script_name(english:\"FreeBSD : Django -- multiple vulnerabilities (6e65dfea-b614-11e9-a3a2-1506e15611cc)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Django release notes :\n\nCVE-2019-14232: Denial-of-service possibility in\ndjango.utils.text.Truncator\n\nIf django.utils.text.Truncator's chars() and words() methods were\npassed the html=True argument, they were extremely slow to evaluate\ncertain inputs due to a catastrophic backtracking vulnerability in a\nregular expression. The chars() and words() methods are used to\nimplement the truncatechars_html and truncatewords_html template\nfilters, which were thus vulnerable\n\nThe regular expressions used by Truncator have been simplified in\norder to avoid potential backtracking issues. As a consequence,\ntrailing punctuation may now at times be included in the truncated\noutput.\n\nCVE-2019-14233: Denial-of-service possibility in strip_tags()\n\nDue to the behavior of the underlying HTMLParser,\ndjango.utils.html.strip_tags() would be extremely slow to evaluate\ncertain inputs containing large sequences of nested incomplete HTML\nentities. The strip_tags() method is used to implement the\ncorresponding striptags template filter, which was thus also\nvulnerable.\n\nstrip_tags() now avoids recursive calls to HTMLParser when progress\nremoving tags, but necessarily incomplete HTML entities, stops being\nmade.\n\nRemember that absolutely NO guarantee is provided about the results of\nstrip_tags() being HTML safe. So NEVER mark safe the result of a\nstrip_tags() call without escaping it first, for example with\ndjango.utils.html.escape().\n\nCVE-2019-14234: SQL injection possibility in key and index lookups for\nJSONField/HStoreField\n\nKey and index lookups for JSONField and key lookups for HStoreField\nwere subject to SQL injection, using a suitably crafted dictionary,\nwith dictionary expansion, as the **kwargs passed to\nQuerySet.filter().\n\nCVE-2019-14235: Potential memory exhaustion in\ndjango.utils.encoding.uri_to_iri()\n\nIf passed certain inputs, django.utils.encoding.uri_to_iri() could\nlead to significant memory usage due to excessive recursion when\nre-percent-encoding invalid UTF-8 octet sequences.\n\nuri_to_iri() now avoids recursion when re-percent-encoding invalid\nUTF-8 octet sequences.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://docs.djangoproject.com/en/1.11/releases/1.11.23/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://docs.djangoproject.com/en/2.1/releases/2.1.11/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://docs.djangoproject.com/en/2.2/releases/2.2.4/\"\n );\n # https://vuxml.freebsd.org/freebsd/6e65dfea-b614-11e9-a3a2-1506e15611cc.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d6a284a7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py27-django111\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py27-django21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py27-django22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py35-django111\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py35-django21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py35-django22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py36-django111\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py36-django21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py36-django22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py37-django111\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py37-django21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:py37-django22\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"py27-django111<1.11.23\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py35-django111<1.11.23\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py36-django111<1.11.23\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py37-django111<1.11.23\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py27-django21<2.1.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py35-django21<2.1.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py36-django21<2.1.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py37-django21<2.1.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py27-django22<2.2.4\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py35-django22<2.2.4\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py36-django22<2.2.4\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"py37-django22<2.2.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-07T17:38:04", "description": "It was discovered that Django incorrectly handled the Truncator function. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service.\n(CVE-2019-14232)\n\nIt was discovered that Django incorrectly handled the strip_tags function. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service.\n(CVE-2019-14233)\n\nIt was discovered that Django incorrectly handled certain lookups in the PostgreSQL support. A remote attacker could possibly use this issue to perform SQL injection attacks. (CVE-2019-14234)\n\nIt was discovered that Django incorrectly handled certain invalid UTF-8 octet sequences. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service.\n(CVE-2019-14235).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : python-django vulnerabilities (USN-4084-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-django", "p-cpe:/a:canonical:ubuntu_linux:python3-django", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4084-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127801", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4084-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127801);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-14232\", \"CVE-2019-14233\", \"CVE-2019-14234\", \"CVE-2019-14235\");\n script_xref(name:\"USN\", value:\"4084-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : python-django vulnerabilities (USN-4084-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Django incorrectly handled the Truncator\nfunction. A remote attacker could possibly use this issue to cause\nDjango to consume resources, leading to a denial of service.\n(CVE-2019-14232)\n\nIt was discovered that Django incorrectly handled the strip_tags\nfunction. A remote attacker could possibly use this issue to cause\nDjango to consume resources, leading to a denial of service.\n(CVE-2019-14233)\n\nIt was discovered that Django incorrectly handled certain lookups in\nthe PostgreSQL support. A remote attacker could possibly use this\nissue to perform SQL injection attacks. (CVE-2019-14234)\n\nIt was discovered that Django incorrectly handled certain invalid\nUTF-8 octet sequences. A remote attacker could possibly use this issue\nto cause Django to consume resources, leading to a denial of service.\n(CVE-2019-14235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4084-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-django and / or python3-django packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-django\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-django\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"python-django\", pkgver:\"1.8.7-1ubuntu5.10\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"python3-django\", pkgver:\"1.8.7-1ubuntu5.10\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"python-django\", pkgver:\"1:1.11.11-1ubuntu1.5\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"python3-django\", pkgver:\"1:1.11.11-1ubuntu1.5\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"python-django\", pkgver:\"1:1.11.20-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"python3-django\", pkgver:\"1:1.11.20-1ubuntu0.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-django / python3-django\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-07T17:36:05", "description": "fixes for CVE-2019-14232 to 14235\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-20T00:00:00", "type": "nessus", "title": "Fedora 30 : python-django (2019-647f74ce51)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python-django", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-647F74CE51.NASL", "href": "https://www.tenable.com/plugins/nessus/127936", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-647f74ce51.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127936);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-14232\", \"CVE-2019-14233\", \"CVE-2019-14234\", \"CVE-2019-14235\");\n script_xref(name:\"FEDORA\", value:\"2019-647f74ce51\");\n\n script_name(english:\"Fedora 30 : python-django (2019-647f74ce51)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fixes for CVE-2019-14232 to 14235\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-647f74ce51\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-django package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-django\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"python-django-2.1.11-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-django\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-07T16:02:42", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4390 advisory.\n\n - Django: Incorrect HTTP detection with reverse-proxy connecting via HTTPS (CVE-2019-12781)\n\n - Django: backtracking in a regular expression in django.utils.text.Truncator leads to DoS (CVE-2019-14232)\n\n - Django: the behavior of the underlying HTMLParser leading to DoS (CVE-2019-14233)\n\n - Django: SQL injection possibility in key and index lookups for JSONField/HStoreField (CVE-2019-14234)\n\n - Django: Potential memory exhaustion in django.utils.encoding.uri_to_iri() (CVE-2019-14235)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-10-29T00:00:00", "type": "nessus", "title": "RHEL 7 : python-django (RHSA-2020:4390)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12781", "CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2021-10-12T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:python-django-bash-completion", "p-cpe:/a:redhat:enterprise_linux:python2-django"], "id": "REDHAT-RHSA-2020-4390.NASL", "href": "https://www.tenable.com/plugins/nessus/142030", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4390. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142030);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/12\");\n\n script_cve_id(\n \"CVE-2019-12781\",\n \"CVE-2019-14232\",\n \"CVE-2019-14233\",\n \"CVE-2019-14234\",\n \"CVE-2019-14235\"\n );\n script_bugtraq_id(109018);\n script_xref(name:\"RHSA\", value:\"2020:4390\");\n\n script_name(english:\"RHEL 7 : python-django (RHSA-2020:4390)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:4390 advisory.\n\n - Django: Incorrect HTTP detection with reverse-proxy connecting via HTTPS (CVE-2019-12781)\n\n - Django: backtracking in a regular expression in django.utils.text.Truncator leads to DoS (CVE-2019-14232)\n\n - Django: the behavior of the underlying HTMLParser leading to DoS (CVE-2019-14233)\n\n - Django: SQL injection possibility in key and index lookups for JSONField/HStoreField (CVE-2019-14234)\n\n - Django: Potential memory exhaustion in django.utils.encoding.uri_to_iri() (CVE-2019-14235)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/358.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/444.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-12781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-14232\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-14233\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-14234\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-14235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1724497\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1734405\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1734410\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1734417\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1734422\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-django-bash-completion and / or python2-django packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14234\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 358, 400, 444);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-django-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-django\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'openstack-optools_13_el7': [\n 'rhel-7-server-openstack-13-optools-debug-rpms',\n 'rhel-7-server-openstack-13-optools-rpms',\n 'rhel-7-server-openstack-13-optools-source-rpms'\n ],\n 'openstack_13_el7': [\n 'rhel-7-desktop-openstack-13-tools-debug-rpms',\n 'rhel-7-desktop-openstack-13-tools-rpms',\n 'rhel-7-desktop-openstack-13-tools-source-rpms',\n 'rhel-7-server-openstack-13-debug-rpms',\n 'rhel-7-server-openstack-13-deployment-tools-debug-rpms',\n 'rhel-7-server-openstack-13-deployment-tools-els-rpms',\n 'rhel-7-server-openstack-13-deployment-tools-els-source-rpms',\n 'rhel-7-server-openstack-13-deployment-tools-rpms',\n 'rhel-7-server-openstack-13-deployment-tools-source-rpms',\n 'rhel-7-server-openstack-13-devtools-debug-rpms',\n 'rhel-7-server-openstack-13-devtools-rpms',\n 'rhel-7-server-openstack-13-devtools-source-rpms',\n 'rhel-7-server-openstack-13-els-rpms',\n 'rhel-7-server-openstack-13-els-source-rpms',\n 'rhel-7-server-openstack-13-eus-debug-rpms',\n 'rhel-7-server-openstack-13-eus-rpms',\n 'rhel-7-server-openstack-13-eus-source-rpms',\n 'rhel-7-server-openstack-13-octavia-debug-rpms',\n 'rhel-7-server-openstack-13-octavia-eus-debug-rpms',\n 'rhel-7-server-openstack-13-octavia-eus-rpms',\n 'rhel-7-server-openstack-13-octavia-eus-source-rpms',\n 'rhel-7-server-openstack-13-octavia-rpms',\n 'rhel-7-server-openstack-13-octavia-source-rpms',\n 'rhel-7-server-openstack-13-rpms',\n 'rhel-7-server-openstack-13-source-rpms',\n 'rhel-7-server-openstack-13-tools-debug-rpms',\n 'rhel-7-server-openstack-13-tools-rpms',\n 'rhel-7-server-openstack-13-tools-source-rpms',\n 'rhel-7-workstation-openstack-13-tools-debug-rpms',\n 'rhel-7-workstation-openstack-13-tools-rpms',\n 'rhel-7-workstation-openstack-13-tools-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'python-django-bash-completion-1.11.27-1.el7ost', 'release':'7', 'el_string':'el7ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-', 'repo_list':['openstack-optools_13_el7', 'openstack_13_el7']},\n {'reference':'python2-django-1.11.27-1.el7ost', 'release':'7', 'el_string':'el7ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-', 'repo_list':['openstack-optools_13_el7', 'openstack_13_el7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-django-bash-completion / python2-django');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-07T17:36:06", "description": "This update for python-Django fixes the following issues :\n\nSecurity issues fixed :\n\n	 - CVE-2019-11358: Fixed prototype pollution.\n\n - CVE-2019-12308: Fixed XSS in AdminURLFieldWidget (bsc#1136468)\n\n - CVE-2019-12781: Fixed incorrect HTTP detection with reverse-proxy connecting via HTTPS (bsc#1139945).\n\n - CVE-2019-14232: Fixed denial-of-service possibility in ``django.utils.text.Truncator`` (bsc#1142880).\n\n - CVE-2019-14233: Fixed denial-of-service possibility in ``strip_tags()`` (bsc#1142882).\n\n - CVE-2019-14234: Fixed SQL injection possibility in key and index lookups for ``JSONField``/``HStoreField`` (bsc#1142883).\n\n - CVE-2019-14235: Fixed potential memory exhaustion in ``django.utils.encoding.uri_to_iri()`` (bsc#1142885).\n\nNon-security issues fixed :\n\n - Fixed a migration crash on PostgreSQL when adding a check constraint with a contains lookup on DateRangeField or DateTimeRangeField, if the right hand side of an expression is the same type.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "openSUSE Security Update : python-Django (openSUSE-2019-1839)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2019-12308", "CVE-2019-12781", "CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:python3-Django", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-1839.NASL", "href": "https://www.tenable.com/plugins/nessus/127742", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1839.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127742);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-11358\", \"CVE-2019-12308\", \"CVE-2019-12781\", \"CVE-2019-14232\", \"CVE-2019-14233\", \"CVE-2019-14234\", \"CVE-2019-14235\");\n\n script_name(english:\"openSUSE Security Update : python-Django (openSUSE-2019-1839)\");\n script_summary(english:\"Check for the openSUSE-2019-1839 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for python-Django fixes the following issues :\n\nSecurity issues fixed :\n\n	 - CVE-2019-11358: Fixed prototype pollution.\n\n - CVE-2019-12308: Fixed XSS in AdminURLFieldWidget\n (bsc#1136468)\n\n - CVE-2019-12781: Fixed incorrect HTTP detection with\n reverse-proxy connecting via HTTPS (bsc#1139945).\n\n - CVE-2019-14232: Fixed denial-of-service possibility in\n ``django.utils.text.Truncator`` (bsc#1142880).\n\n - CVE-2019-14233: Fixed denial-of-service possibility in\n ``strip_tags()`` (bsc#1142882).\n\n - CVE-2019-14234: Fixed SQL injection possibility in key\n and index lookups for ``JSONField``/``HStoreField``\n (bsc#1142883).\n\n - CVE-2019-14235: Fixed potential memory exhaustion in\n ``django.utils.encoding.uri_to_iri()`` (bsc#1142885).\n\nNon-security issues fixed :\n\n - Fixed a migration crash on PostgreSQL when adding a\n check constraint with a contains lookup on\n DateRangeField or DateTimeRangeField, if the right hand\n side of an expression is the same type.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1136468\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1139945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142880\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142882\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142883\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142885\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-Django package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-Django\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"python3-Django-2.2.4-lp151.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3-Django\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-24T22:04:39", "description": "It was discovered that there were two vulnerabilities in the Django web development framework :\n\n - CVE-2019-14232: Prevent a possible denial of service in django.utils.text.Truncator.\n\n If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.\n\n The regular expressions used by Truncator have been simplified in order to avoid potential backtracking issues. As a consequence, trailing punctuation may now at times be included in the truncated output.\n\n - CVE-2019-14233: Prevent a possible denial of service in strip_tags().\n\n Due to the behavior of the underlying HTMLParser, django.utils.html.strip_tags() would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities. The strip_tags() method is used to implement the corresponding striptags template filter, which was thus also vulnerable.\n\n strip_tags() now avoids recursive calls to HTMLParser when progress removing tags, but necessarily incomplete HTML entities, stops being made.\n\n Remember that absolutely NO guarantee is provided about the results of strip_tags() being HTML safe. So NEVER mark safe the result of a strip_tags() call without escaping it first, for example with django.utils.html.escape().\n\nFor Debian 8 'Jessie', these has been fixed in python-django version 1.7.11-1+deb8u7.\n\nWe recommend that you upgrade your python-django packages. You can find more information in upstream's announcement :\n\nhttps://www.djangoproject.com/weblog/2019/aug/01/security-releases/\n\nThanks to Carlton Gibson et al. for their handling of these issues.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Debian DLA-1872-1 : python-django security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14232", "CVE-2019-14233"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:python-django", "p-cpe:/a:debian:debian_linux:python-django-common", "p-cpe:/a:debian:debian_linux:python-django-doc", "p-cpe:/a:debian:debian_linux:python3-django", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1872.NASL", "href": "https://www.tenable.com/plugins/nessus/127481", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1872-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127481);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_name(english:\"Debian DLA-1872-1 : python-django security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there were two vulnerabilities in the Django\nweb development framework :\n\n - CVE-2019-14232: Prevent a possible denial of service in\n django.utils.text.Truncator.\n\n If django.utils.text.Truncator's chars() and words()\n methods were passed the html=True argument, they were\n extremely slow to evaluate certain inputs due to a\n catastrophic backtracking vulnerability in a regular\n expression. The chars() and words() methods are used to\n implement the truncatechars_html and truncatewords_html\n template filters, which were thus vulnerable.\n\n The regular expressions used by Truncator have been\n simplified in order to avoid potential backtracking\n issues. As a consequence, trailing punctuation may now\n at times be included in the truncated output.\n\n - CVE-2019-14233: Prevent a possible denial of service in\n strip_tags().\n\n Due to the behavior of the underlying HTMLParser,\n django.utils.html.strip_tags() would be extremely slow\n to evaluate certain inputs containing large sequences of\n nested incomplete HTML entities. The strip_tags() method\n is used to implement the corresponding striptags\n template filter, which was thus also vulnerable.\n\n strip_tags() now avoids recursive calls to HTMLParser\n when progress removing tags, but necessarily incomplete\n HTML entities, stops being made.\n\n Remember that absolutely NO guarantee is provided about\n the results of strip_tags() being HTML safe. So NEVER\n mark safe the result of a strip_tags() call without\n escaping it first, for example with\n django.utils.html.escape().\n\nFor Debian 8 'Jessie', these has been fixed in python-django version\n1.7.11-1+deb8u7.\n\nWe recommend that you upgrade your python-django packages. You can\nfind more information in upstream's announcement :\n\nhttps://www.djangoproject.com/weblog/2019/aug/01/security-releases/\n\nThanks to Carlton Gibson et al. for their handling of these issues.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/08/msg00005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/python-django\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.djangoproject.com/weblog/2019/aug/01/security-releases/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-django\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-django-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-django-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-django\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"python-django\", reference:\"1.7.11-1+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-django-common\", reference:\"1.7.11-1+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-django-doc\", reference:\"1.7.11-1+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3-django\", reference:\"1.7.11-1+deb8u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-05-08T14:46:33", "description": "The remote host is affected by the vulnerability described in GLSA-202004-17 (Django: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Django. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker, by sending specially crafted input, could possibly cause a Denial of Service condition, or alter the database.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-05-01T00:00:00", "type": "nessus", "title": "GLSA-202004-17 : Django: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12308", "CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235", "CVE-2019-19118", "CVE-2019-19844", "CVE-2020-7471", "CVE-2020-9402"], "modified": "2020-05-07T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:django", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202004-17.NASL", "href": "https://www.tenable.com/plugins/nessus/136216", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202004-17.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136216);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/07\");\n\n script_cve_id(\"CVE-2019-12308\", \"CVE-2019-14232\", \"CVE-2019-14233\", \"CVE-2019-14234\", \"CVE-2019-14235\", \"CVE-2019-19118\", \"CVE-2019-19844\", \"CVE-2020-7471\", \"CVE-2020-9402\");\n script_xref(name:\"GLSA\", value:\"202004-17\");\n\n script_name(english:\"GLSA-202004-17 : Django: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-202004-17\n(Django: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Django. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker, by sending specially crafted input, could possibly\n cause a Denial of Service condition, or alter the database.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202004-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Django users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-python/django-2.2.11'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:django\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-python/django\", unaffected:make_list(\"ge 2.2.11\"), vulnerable:make_list(\"lt 2.2.11\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Django\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-03-10T17:21:12", "description": "Django is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-08-05T00:00:00", "type": "openvas", "title": "Django 1.11.x < 1.11.23, 2.1.x < 2.1.11, 2.2.x < 2.2.4 Multiple Vulnerabilities (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14233", "CVE-2019-14235", "CVE-2019-14234", "CVE-2019-14232"], "modified": "2020-03-06T00:00:00", "id": "OPENVAS:1361412562310112617", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112617", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112617\");\n script_version(\"2020-03-06T09:37:40+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-06 09:37:40 +0000 (Fri, 06 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-08-05 12:11:11 +0000 (Mon, 05 Aug 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2019-14232\", \"CVE-2019-14233\", \"CVE-2019-14234\", \"CVE-2019-14235\");\n\n script_name(\"Django 1.11.x < 1.11.23, 2.1.x < 2.1.11, 2.2.x < 2.2.4 Multiple Vulnerabilities (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_django_detect_win.nasl\");\n script_mandatory_keys(\"django/windows/detected\");\n\n script_tag(name:\"summary\", value:\"Django is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The following vulnerabilities exist:\n\n - CVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator\n\n - CVE-2019-14233: Denial-of-service possibility in strip_tags()\n\n - CVE-2019-14234: SQL injection possibility in key and index lookups for JSONField/HStoreField\n\n - CVE-2019-14235: Potential memory exhaustion in django.utils.encoding.uri_to_iri().\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to crash the\n affected system or inject and execute malicious SQL queries.\");\n\n script_tag(name:\"affected\", value:\"Django versions 1.11.0 through 1.11.22, 2.1.0 through 2.1.10 and 2.2.0 through 2.2.3.\");\n\n script_tag(name:\"solution\", value:\"Update to version 1.11.23, 2.1.11 or 2.2.4 respectively.\");\n\n script_xref(name:\"URL\", value:\"https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs\");\n script_xref(name:\"URL\", value:\"https://www.djangoproject.com/weblog/2019/aug/01/security-releases/\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:djangoproject:django\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, exit_no_version: TRUE ) ) exit( 0 );\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_in_range( version: version, test_version: \"1.11.0\", test_version2: \"1.11.22\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"1.11.23\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"2.1.0\", test_version2: \"2.1.10\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"2.1.11\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"2.2.0\", test_version2: \"2.2.3\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"2.2.4\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-22T16:54:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for python-django USN-4084-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14233", "CVE-2019-14235", "CVE-2019-14234", "CVE-2019-14232"], "modified": "2019-08-22T00:00:00", "id": "OPENVAS:1361412562310844123", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844123", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844123\");\n script_version(\"2019-08-22T06:41:28+0000\");\n script_cve_id(\"CVE-2019-14232\", \"CVE-2019-14233\", \"CVE-2019-14234\", \"CVE-2019-14235\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-08-22 06:41:28 +0000 (Thu, 22 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-02 02:00:35 +0000 (Fri, 02 Aug 2019)\");\n script_name(\"Ubuntu Update for python-django USN-4084-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU19\\.04|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4084-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-4084-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-django'\n package(s) announced via the USN-4084-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that Django incorrectly handled the Truncator function. A\nremote attacker could possibly use this issue to cause Django to consume\nresources, leading to a denial of service. (CVE-2019-14232)\n\nIt was discovered that Django incorrectly handled the strip_tags function.\nA remote attacker could possibly use this issue to cause Django to consume\nresources, leading to a denial of service. (CVE-2019-14233)\n\nIt was discovered that Django incorrectly handled certain lookups in the\nPostgreSQL support. A remote attacker could possibly use this issue to\nperform SQL injection attacks. (CVE-2019-14234)\n\nIt was discovered that Django incorrectly handled certain invalid UTF-8\noctet sequences. A remote attacker could possibly use this issue to cause\nDjango to consume resources, leading to a denial of service.\n(CVE-2019-14235)\");\n\n script_tag(name:\"affected\", value:\"'python-django' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python-django\", ver:\"1:1.11.11-1ubuntu1.5\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3-django\", ver:\"1:1.11.11-1ubuntu1.5\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python-django\", ver:\"1:1.11.20-1ubuntu0.2\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3-django\", ver:\"1:1.11.20-1ubuntu0.2\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python-django\", ver:\"1.8.7-1ubuntu5.10\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3-django\", ver:\"1.8.7-1ubuntu5.10\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-22T16:55:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-13T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4498-1 (python-django - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14233", "CVE-2019-14235", "CVE-2019-14234", "CVE-2019-14232"], "modified": "2019-08-22T00:00:00", "id": "OPENVAS:1361412562310704498", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704498", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704498\");\n script_version(\"2019-08-22T06:41:28+0000\");\n script_cve_id(\"CVE-2019-14232\", \"CVE-2019-14233\", \"CVE-2019-14234\", \"CVE-2019-14235\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-08-22 06:41:28 +0000 (Thu, 22 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-13 02:00:11 +0000 (Tue, 13 Aug 2019)\");\n script_name(\"Debian Security Advisory DSA 4498-1 (python-django - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(10|9)\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4498.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4498-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-django'\n package(s) announced via the DSA-4498-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in python-django, a web\ndevelopment framework. They could lead to remote denial-of-service or\nSQL injection.\");\n\n script_tag(name:\"affected\", value:\"'python-django' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been fixed\nin version 1:1.10.7-2+deb9u6.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:1.11.23-1~deb10u1.\n\nWe recommend that you upgrade your python-django packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"python-django\", ver:\"1:1.11.23-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-django-common\", ver:\"1:1.11.23-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-django-doc\", ver:\"1:1.11.23-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3-django\", ver:\"1:1.11.23-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-django\", ver:\"1:1.10.7-2+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-django-common\", ver:\"1:1.10.7-2+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-django-doc\", ver:\"1:1.10.7-2+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3-django\", ver:\"1:1.10.7-2+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-10T17:21:12", "description": "Django is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-08-05T00:00:00", "type": "openvas", "title": "Django 1.11.x < 1.11.23, 2.1.x < 2.1.11, 2.2.x < 2.2.4 Multiple Vulnerabilities (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14233", "CVE-2019-14235", "CVE-2019-14234", "CVE-2019-14232"], "modified": "2020-03-06T00:00:00", "id": "OPENVAS:1361412562310112616", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112616", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112616\");\n script_version(\"2020-03-06T09:37:40+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-06 09:37:40 +0000 (Fri, 06 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-08-05 12:11:11 +0000 (Mon, 05 Aug 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2019-14232\", \"CVE-2019-14233\", \"CVE-2019-14234\", \"CVE-2019-14235\");\n\n script_name(\"Django 1.11.x < 1.11.23, 2.1.x < 2.1.11, 2.2.x < 2.2.4 Multiple Vulnerabilities (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_django_detect_lin.nasl\");\n script_mandatory_keys(\"Django/Linux/Ver\");\n\n script_tag(name:\"summary\", value:\"Django is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The following vulnerabilities exist:\n\n - CVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator\n\n - CVE-2019-14233: Denial-of-service possibility in strip_tags()\n\n - CVE-2019-14234: SQL injection possibility in key and index lookups for JSONField/HStoreField\n\n - CVE-2019-14235: Potential memory exhaustion in django.utils.encoding.uri_to_iri().\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to crash the\n affected system or inject and execute malicious SQL queries.\");\n\n script_tag(name:\"affected\", value:\"Django versions 1.11.0 through 1.11.22, 2.1.0 through 2.1.10 and 2.2.0 through 2.2.3.\");\n\n script_tag(name:\"solution\", value:\"Update to version 1.11.23, 2.1.11 or 2.2.4 respectively.\");\n\n script_xref(name:\"URL\", value:\"https://groups.google.com/forum/#!topic/django-announce/jIoju2-KLDs\");\n script_xref(name:\"URL\", value:\"https://www.djangoproject.com/weblog/2019/aug/01/security-releases/\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:djangoproject:django\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, exit_no_version: TRUE ) ) exit( 0 );\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_in_range( version: version, test_version: \"1.11.0\", test_version2: \"1.11.22\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"1.11.23\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"2.1.0\", test_version2: \"2.1.10\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"2.1.11\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"2.2.0\", test_version2: \"2.2.3\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"2.2.4\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-22T16:49:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-16T00:00:00", "type": "openvas", "title": "Fedora Update for python-django FEDORA-2019-647f74ce51", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14233", "CVE-2019-14235", "CVE-2019-12781", "CVE-2019-14234", "CVE-2019-12308", "CVE-2019-14232"], "modified": "2019-08-22T00:00:00", "id": "OPENVAS:1361412562310876683", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876683", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876683\");\n script_version(\"2019-08-22T06:41:28+0000\");\n script_cve_id(\"CVE-2019-14232\", \"CVE-2019-14235\", \"CVE-2019-14234\", \"CVE-2019-14233\", \"CVE-2019-12781\", \"CVE-2019-12308\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-08-22 06:41:28 +0000 (Thu, 22 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-16 02:23:53 +0000 (Fri, 16 Aug 2019)\");\n script_name(\"Fedora Update for python-django FEDORA-2019-647f74ce51\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-647f74ce51\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STVX7X7IDWAH5SKE6MBMY3TEI6ZODBTK\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-django'\n package(s) announced via the FEDORA-2019-647f74ce51 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Django is a high-level Python Web framework that encourages rapid\ndevelopment and a clean, pragmatic design. It focuses on automating as\nmuch as possible and adhering to the DRY (Don', t Repeat Yourself)\nprinciple.\");\n\n script_tag(name:\"affected\", value:\"'python-django' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-django\", rpm:\"python-django~2.1.11~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:27:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for python-Django (openSUSE-SU-2019:1839-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11358", "CVE-2019-14233", "CVE-2019-14235", "CVE-2019-12781", "CVE-2019-14234", "CVE-2019-12308", "CVE-2019-14232"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852959", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852959", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852959\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-11358\", \"CVE-2019-12308\", \"CVE-2019-12781\", \"CVE-2019-14232\",\n \"CVE-2019-14233\", \"CVE-2019-14234\", \"CVE-2019-14235\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:47:56 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for python-Django (openSUSE-SU-2019:1839-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1839-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-Django'\n package(s) announced via the openSUSE-SU-2019:1839-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for python-Django fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-11358: Fixed prototype pollution.\n\n - CVE-2019-12308: Fixed XSS in AdminURLFieldWidget (bsc#1136468)\n\n - CVE-2019-12781: Fixed incorrect HTTP detection with reverse-proxy\n connecting via HTTPS (bsc#1139945).\n\n - CVE-2019-14232: Fixed denial-of-service possibility in\n ``django.utils.text.Truncator`` (bsc#1142880).\n\n - CVE-2019-14233: Fixed denial-of-service possibility in ``strip_tags()``\n (bsc#1142882).\n\n - CVE-2019-14234: Fixed SQL injection possibility in key and index lookups\n for ``JSONField``/``HStoreField`` (bsc#1142883).\n\n - CVE-2019-14235: Fixed potential memory exhaustion in\n ``django.utils.encoding.uri_to_iri()`` (bsc#1142885).\n\n Non-security issues fixed:\n\n - Fixed a migration crash on PostgreSQL when adding a check constraint\n with a contains lookup on DateRangeField or DateTimeRangeField, if the\n right hand side of an expression is the same type.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-1839=1\");\n\n script_tag(name:\"affected\", value:\"'python-Django' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-Django\", rpm:\"python3-Django~2.2.4~lp151.2.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:27:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-07T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for python-django (DLA-1872-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14233", "CVE-2019-14232"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891872", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891872", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891872\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2019-14232\", \"CVE-2019-14233\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-08-07 02:00:06 +0000 (Wed, 07 Aug 2019)\");\n script_name(\"Debian LTS: Security Advisory for python-django (DLA-1872-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/08/msg00005.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1872-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/934026\");\n script_xref(name:\"URL\", value:\"https://www.djangoproject.com/weblog/2019/aug/01/security-releases/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-django'\n package(s) announced via the DLA-1872-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that there were two vulnerabilities in the\nDjango web development framework:\n\n * CVE-2019-14232: Prevent a possible denial-of-service in\ndjango.utils.text.Truncator.\n\nIf django.utils.text.Truncator's chars() and words() methods were\npassed the html=True argument, they were extremely slow to\nevaluate certain inputs due to a catastrophic backtracking\nvulnerability in a regular expression. The chars() and words()\nmethods are used to implement the truncatechars_html and\ntruncatewords_html template filters, which were thus vulnerable.\n\nThe regular expressions used by Truncator have been simplified in\norder to avoid potential backtracking issues. As a consequence,\ntrailing punctuation may now at times be included in the\ntruncated output.\n\n * CVE-2019-14233: Prevent a possible denial-of-service in strip_tags().\n\nDue to the behavior of the underlying HTMLParser,\ndjango.utils.html.strip_tags() would be extremely slow to\nevaluate certain inputs containing large sequences of nested\nincomplete HTML entities. The strip_tags() method is used to\nimplement the corresponding striptags template filter, which was\nthus also vulnerable.\n\nstrip_tags() now avoids recursive calls to HTMLParser when\nprogress removing tags, but necessarily incomplete HTML entities,\nstops being made.\n\nRemember that absolutely NO guarantee is provided about the\nresults of strip_tags() being HTML safe. So NEVER mark safe the\nresult of a strip_tags() call without escaping it first, for\nexample with django.utils.html.escape().\");\n\n script_tag(name:\"affected\", value:\"'python-django' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these has been fixed in python-django version\n1.7.11-1+deb8u7.\n\nWe recommend that you upgrade your python-django packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"python-django\", ver:\"1.7.11-1+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-django-common\", ver:\"1.7.11-1+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python-django-doc\", ver:\"1.7.11-1+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"python3-django\", ver:\"1.7.11-1+deb8u7\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-25T13:46:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-06-23T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for python-django (FEDORA-2020-2e7d30f7aa)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6975", "CVE-2019-19844", "CVE-2019-14233", "CVE-2019-14235", "CVE-2020-13596", "CVE-2019-19118", "CVE-2019-12781", "CVE-2020-7471", "CVE-2019-14234", "CVE-2020-13254", "CVE-2019-12308", "CVE-2020-9402", "CVE-2019-14232"], "modified": "2020-06-24T00:00:00", "id": "OPENVAS:1361412562310877984", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877984", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877984\");\n script_version(\"2020-06-24T03:42:18+0000\");\n script_cve_id(\"CVE-2020-7471\", \"CVE-2020-9402\", \"CVE-2020-13254\", \"CVE-2020-13596\", \"CVE-2019-19844\", \"CVE-2019-19118\", \"CVE-2019-14235\", \"CVE-2019-14234\", \"CVE-2019-14233\", \"CVE-2019-14232\", \"CVE-2019-12781\", \"CVE-2019-12308\", \"CVE-2019-6975\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-24 03:42:18 +0000 (Wed, 24 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-23 03:19:59 +0000 (Tue, 23 Jun 2020)\");\n script_name(\"Fedora: Security Advisory for python-django (FEDORA-2020-2e7d30f7aa)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-2e7d30f7aa\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZMN2NKAGTFE3YKMNM2JVJG7R2W7LLHY\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python-django'\n package(s) announced via the FEDORA-2020-2e7d30f7aa advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Django is a high-level Python Web framework that encourages rapid\ndevelopment and a clean, pragmatic design. It focuses on automating as\nmuch as possible and adhering to the DRY (Don', t Repeat Yourself)\nprinciple.\");\n\n script_tag(name:\"affected\", value:\"'python-django' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-django\", rpm:\"python-django~2.2.13~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2021-07-28T14:34:00", "description": "Arch Linux Security Advisory ASA-201908-3\n=========================================\n\nSeverity: Medium\nDate : 2019-08-05\nCVE-ID : CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235\nPackage : python2-django\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1014\n\nSummary\n=======\n\nThe package python2-django before version 1.11.23-1 is vulnerable to\nmultiple issues including denial of service and sql injection.\n\nResolution\n==========\n\nUpgrade to 1.11.23-1.\n\n# pacman -Syu \"python2-django>=1.11.23-1\"\n\nThe problems have been fixed upstream in version 1.11.23.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2019-14232 (denial of service)\n\nIf ``django.utils.text.Truncator``'s ``chars()`` and ``words()``\nmethods were passed the ``html=True`` argument, they were extremely\nslow to evaluate certain inputs due to a catastrophic backtracking\nvulnerability in a regular expression. The ``chars()`` and ``words()``\nmethods are used to implement the ``truncatechars_html`` and\n``truncatewords_html`` template filters, which were thus vulnerable.\nThe regular expressions used by ``Truncator`` have been simplified in\norder to avoid potential backtracking issues. As a consequence,\ntrailing punctuation may now at times be included in the truncated\noutput.\n\n- CVE-2019-14233 (denial of service)\n\nDue to the behavior of the underlying HTMLParser,\ndjango.utils.html.strip_tags() would be extremely slow to evaluate\ncertain inputs containing large sequences of nested incomplete HTML\nentities. The strip_tags() method is used to implement the\ncorresponding striptags template filter, which was thus also\nvulnerable. strip_tags() now avoids recursive calls to HTMLParser when\nprogress removing tags, but necessarily incomplete HTML entities, stops\nbeing made\n\n- CVE-2019-14234 (sql injection)\n\nKey and index lookups for JSONField and key lookups for HStoreField\nwere subject to SQL injection, using a suitably crafted dictionary,\nwith dictionary expansion, as the **kwargs passed to QuerySet.filter().\n\n- CVE-2019-14235 (denial of service)\n\nIf passed certain inputs, django.utils.encoding.uri_to_iri() could lead\nto significant memory usage due to excessive recursion when re-percent\nencoding invalid UTF-8 octet sequences.\n\nImpact\n======\n\nA remote attacker can cause a denial of service via crafted content, or\nalter the database via a SQL injection.\n\nReferences\n==========\n\nhttps://docs.djangoproject.com/en/dev/releases/1.11.23/\nhttps://github.com/django/django/commit/7f65974f8219729c047fbbf8cd5cc9d80faefe77\nhttps://github.com/django/django/commit/4b78420d250df5e21763633871e486ee76728cc4\nhttps://github.com/django/django/commit/7deeabc7c7526786df6894429ce89a9c4b614086\nhttps://github.com/django/django/commit/76ed1c49f804d409cfc2911a890c78584db3c76e\nhttps://security.archlinux.org/CVE-2019-14232\nhttps://security.archlinux.org/CVE-2019-14233\nhttps://security.archlinux.org/CVE-2019-14234\nhttps://security.archlinux.org/CVE-2019-14235", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-05T00:00:00", "type": "archlinux", "title": "[ASA-201908-3] python2-django: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2019-08-05T00:00:00", "id": "ASA-201908-3", "href": "https://security.archlinux.org/ASA-201908-3", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-21T18:38:01", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4498-1 security@debian.org\nhttps://www.debian.org/security/ Sebastien Delafond\nAugust 12, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : python-django\nCVE ID : CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235\nDebian Bug : 934026\n\nSeveral vulnerabilities were discovered in python-django, a web\ndevelopment framework. They could lead to remote denial-of-service or\nSQL injection,\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 1:1.10.7-2+deb9u6.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.11.23-1~deb10u1.\n\nWe recommend that you upgrade your python-django packages.\n\nFor the detailed security status of python-django please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/python-django\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-12T09:07:57", "type": "debian", "title": "[SECURITY] [DSA 4498-1] python-django security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2019-08-12T09:07:57", "id": "DEBIAN:DSA-4498-1:30C3D", "href": "https://lists.debian.org/debian-security-announce/2019/msg00145.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-26T13:15:17", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4498-1 security@debian.org\nhttps://www.debian.org/security/ Sebastien Delafond\nAugust 12, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : python-django\nCVE ID : CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235\nDebian Bug : 934026\n\nSeveral vulnerabilities were discovered in python-django, a web\ndevelopment framework. They could lead to remote denial-of-service or\nSQL injection,\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 1:1.10.7-2+deb9u6.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.11.23-1~deb10u1.\n\nWe recommend that you upgrade your python-django packages.\n\nFor the detailed security status of python-django please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/python-django\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-12T09:07:57", "type": "debian", "title": "[SECURITY] [DSA 4498-1] python-django security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2019-08-12T09:07:57", "id": "DEBIAN:DSA-4498-1:4F8F9", "href": "https://lists.debian.org/debian-security-announce/2019/msg00145.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-19T15:24:20", "description": "Package : python-django\nVersion : 1.7.11-1+deb8u7\nCVE IDs : CVE-2019-14232 CVE-2019-14233\nDebian Bug : #934026\n\nIt was discovered that there were two vulnerabilities in the\nDjango web development framework:\n\n * CVE-2019-14232: Prevent a possible denial-of-service in\n django.utils.text.Truncator.\n\n If django.utils.text.Truncator's chars() and words() methods were\n passed the html=True argument, they were extremely slow to\n evaluate certain inputs due to a catastrophic backtracking\n vulnerability in a regular expression. The chars() and words()\n methods are used to implement the truncatechars_html and\n truncatewords_html template filters, which were thus vulnerable.\n\n The regular expressions used by Truncator have been simplified in\n order to avoid potential backtracking issues. As a consequence,\n trailing punctuation may now at times be included in the\n truncated output.\n\n * CVE-2019-14233: Prevent a possible denial-of-service in strip_tags().\n\n Due to the behavior of the underlying HTMLParser,\n django.utils.html.strip_tags() would be extremely slow to\n evaluate certain inputs containing large sequences of nested\n incomplete HTML entities. The strip_tags() method is used to\n implement the corresponding striptags template filter, which was\n thus also vulnerable.\n\n strip_tags() now avoids recursive calls to HTMLParser when\n progress removing tags, but necessarily incomplete HTML entities,\n stops being made.\n\n Remember that absolutely NO guarantee is provided about the\n results of strip_tags() being HTML safe. So NEVER mark safe the\n result of a strip_tags() call without escaping it first, for\n example with django.utils.html.escape().\n\nFor Debian 8 "Jessie", these has been fixed in python-django version\n1.7.11-1+deb8u7.\n\nWe recommend that you upgrade your python-django packages. You can\nfind more information in upstream's announcement:\n\n https://www.djangoproject.com/weblog/2019/aug/01/security-releases/\n\nThanks to Carlton Gibson et al. for their handling of these issues.\n\n\nRegards,\n\n- -- \n ,''`.\n : :' : Chris Lamb\n `. `'` lamby@debian.org / chris-lamb.co.uk\n `-", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-08-06T10:07:39", "type": "debian", "title": "[SECURITY] [DLA 1872-1] python-django security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232", "CVE-2019-14233"], "modified": "2019-08-06T10:07:39", "id": "DEBIAN:DLA-1872-1:760BB", "href": "https://lists.debian.org/debian-lts-announce/2019/08/msg00005.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-22T12:47:07", "description": "Package : python-django\nVersion : 1.7.11-1+deb8u7\nCVE IDs : CVE-2019-14232 CVE-2019-14233\nDebian Bug : #934026\n\nIt was discovered that there were two vulnerabilities in the\nDjango web development framework:\n\n * CVE-2019-14232: Prevent a possible denial-of-service in\n django.utils.text.Truncator.\n\n If django.utils.text.Truncator's chars() and words() methods were\n passed the html=True argument, they were extremely slow to\n evaluate certain inputs due to a catastrophic backtracking\n vulnerability in a regular expression. The chars() and words()\n methods are used to implement the truncatechars_html and\n truncatewords_html template filters, which were thus vulnerable.\n\n The regular expressions used by Truncator have been simplified in\n order to avoid potential backtracking issues. As a consequence,\n trailing punctuation may now at times be included in the\n truncated output.\n\n * CVE-2019-14233: Prevent a possible denial-of-service in strip_tags().\n\n Due to the behavior of the underlying HTMLParser,\n django.utils.html.strip_tags() would be extremely slow to\n evaluate certain inputs containing large sequences of nested\n incomplete HTML entities. The strip_tags() method is used to\n implement the corresponding striptags template filter, which was\n thus also vulnerable.\n\n strip_tags() now avoids recursive calls to HTMLParser when\n progress removing tags, but necessarily incomplete HTML entities,\n stops being made.\n\n Remember that absolutely NO guarantee is provided about the\n results of strip_tags() being HTML safe. So NEVER mark safe the\n result of a strip_tags() call without escaping it first, for\n example with django.utils.html.escape().\n\nFor Debian 8 "Jessie", these has been fixed in python-django version\n1.7.11-1+deb8u7.\n\nWe recommend that you upgrade your python-django packages. You can\nfind more information in upstream's announcement:\n\n https://www.djangoproject.com/weblog/2019/aug/01/security-releases/\n\nThanks to Carlton Gibson et al. for their handling of these issues.\n\n\nRegards,\n\n- -- \n ,''`.\n : :' : Chris Lamb\n `. `'` lamby@debian.org / chris-lamb.co.uk\n `-", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-08-06T10:07:39", "type": "debian", "title": "[SECURITY] [DLA 1872-1] python-django security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232", "CVE-2019-14233"], "modified": "2019-08-06T10:07:39", "id": "DEBIAN:DLA-1872-1:91940", "href": "https://lists.debian.org/debian-lts-announce/2019/08/msg00005.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nDjango release notes:\n\nCVE-2019-14232: Denial-of-service possibility in\n\t django.utils.text.Truncator\nIf django.utils.text.Truncator's chars() and words() methods were\n\t passed the html=True argument, they were extremely slow to evaluate\n\t certain inputs due to a catastrophic backtracking vulnerability in a\n\t regular expression. The chars() and words() methods are used to\n\t implement the truncatechars_html and truncatewords_html template\n\t filters, which were thus vulnerable\nThe regular expressions used by Truncator have been simplified in\n\t order to avoid potential backtracking issues. As a consequence, trailing\n\t punctuation may now at times be included in the truncated output.\nCVE-2019-14233: Denial-of-service possibility in strip_tags()\nDue to the behavior of the underlying HTMLParser,\n\t django.utils.html.strip_tags() would be extremely slow to evaluate\n\t certain inputs containing large sequences of nested incomplete HTML\n\t entities. The strip_tags() method is used to implement the corresponding\n\t striptags template filter, which was thus also vulnerable.\nstrip_tags() now avoids recursive calls to HTMLParser when progress\n\t removing tags, but necessarily incomplete HTML entities, stops being\n\t made.\nRemember that absolutely NO guarantee is provided about the results of\n\t strip_tags() being HTML safe. So NEVER mark safe the result of a\n\t strip_tags() call without escaping it first, for example with\n\t django.utils.html.escape().\nCVE-2019-14234: SQL injection possibility in key and index lookups for\n\t JSONField/HStoreField\nKey and index lookups for JSONField and key lookups for HStoreField\n\t were subject to SQL injection, using a suitably crafted dictionary,\n\t with dictionary expansion, as the **kwargs passed to QuerySet.filter().\nCVE-2019-14235: Potential memory exhaustion in\n\t django.utils.encoding.uri_to_iri()\nIf passed certain inputs, django.utils.encoding.uri_to_iri() could lead\n\t to significant memory usage due to excessive recursion when\n\t re-percent-encoding invalid UTF-8 octet sequences.\nuri_to_iri() now avoids recursion when re-percent-encoding invalid\n\t UTF-8 octet sequences.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-01T00:00:00", "type": "freebsd", "title": "Django -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2019-08-01T00:00:00", "id": "6E65DFEA-B614-11E9-A3A2-1506E15611CC", "href": "https://vuxml.freebsd.org/freebsd/6e65dfea-b614-11e9-a3a2-1506e15611cc.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T11:39:53", "description": "It was discovered that Django incorrectly handled the Truncator function. A \nremote attacker could possibly use this issue to cause Django to consume \nresources, leading to a denial of service. (CVE-2019-14232)\n\nIt was discovered that Django incorrectly handled the strip_tags function. \nA remote attacker could possibly use this issue to cause Django to consume \nresources, leading to a denial of service. (CVE-2019-14233)\n\nIt was discovered that Django incorrectly handled certain lookups in the \nPostgreSQL support. A remote attacker could possibly use this issue to \nperform SQL injection attacks. (CVE-2019-14234)\n\nIt was discovered that Django incorrectly handled certain invalid UTF-8 \noctet sequences. A remote attacker could possibly use this issue to cause \nDjango to consume resources, leading to a denial of service. \n(CVE-2019-14235)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-01T00:00:00", "type": "ubuntu", "title": "Django vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14235", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14232"], "modified": "2019-08-01T00:00:00", "id": "USN-4084-1", "href": "https://ubuntu.com/security/notices/USN-4084-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-19T20:40:15", "description": "Django is a high-level Python Web framework that encourages rapid\ndevelopment and a clean, pragmatic design. It focuses on automating as much\nas possible and adhering to the DRY (Don't Repeat Yourself) principle.\n\nSecurity Fix(es):\n\n* Incorrect HTTP detection with reverse-proxy connecting via HTTPS\n(CVE-2019-12781)\n\n* backtracking in a regular expression in django.utils.text.Truncator leads\nto DoS (CVE-2019-14232)\n\n* the behavior of the underlying HTMLParser leading to DoS (CVE-2019-14233)\n\n* SQL injection possibility in key and index lookups for\nJSONField/HStoreField (CVE-2019-14234)\n\n* Potential memory exhaustion in django.utils.encoding.uri_to_iri()\n(CVE-2019-14235)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-10-28T17:42:01", "type": "redhat", "title": "(RHSA-2020:4390) Moderate: python-django security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12781", "CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2020-10-28T17:54:13", "id": "RHSA-2020:4390", "href": "https://access.redhat.com/errata/RHSA-2020:4390", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:39:36", "description": "Django is a high-level Python Web framework that encourages rapid\ndevelopment and a clean, pragmatic design. It focuses on automating as much\nas possible and adhering to the DRY (Don't Repeat Yourself) principle.\n\nSecurity Fix(es):\n\n* Incorrect HTTP detection with reverse-proxy connecting via HTTPS\n(CVE-2019-12781)\n\n* backtracking in a regular expression in django.utils.text.Truncator leads\nto DoS (CVE-2019-14232)\n\n* the behavior of the underlying HTMLParser leading to DoS (CVE-2019-14233)\n\n* SQL injection possibility in key and index lookups for\nJSONField/HStoreField (CVE-2019-14234)\n\n* Potential memory exhaustion in django.utils.encoding.uri_to_iri()\n(CVE-2019-14235)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-04-06T08:39:12", "type": "redhat", "title": "(RHSA-2020:1324) Moderate: python-django security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12781", "CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2020-04-06T08:44:12", "id": "RHSA-2020:1324", "href": "https://access.redhat.com/errata/RHSA-2020:1324", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2021-07-28T14:46:51", "description": "Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself) principle. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-15T18:10:42", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: python-django-2.1.11-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12308", "CVE-2019-12781", "CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2019-08-15T18:10:42", "id": "FEDORA:DE0366112E36", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself) principle. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-06-19T01:07:50", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: python-django-2.2.13-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12308", "CVE-2019-12781", "CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235", "CVE-2019-19118", "CVE-2019-19844", "CVE-2019-6975", "CVE-2020-13254", "CVE-2020-13596", "CVE-2020-7471", "CVE-2020-9402"], "modified": "2020-06-19T01:07:50", "id": "FEDORA:A044630F303D", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:41:49", "description": "An update that fixes 7 vulnerabilities is now available.\n\nDescription:\n\n This update for python-Django fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-11358: Fixed prototype pollution.\n - CVE-2019-12308: Fixed XSS in AdminURLFieldWidget (bsc#1136468)\n - CVE-2019-12781: Fixed incorrect HTTP detection with reverse-proxy\n connecting via HTTPS (bsc#1139945).\n - CVE-2019-14232: Fixed denial-of-service possibility in\n ``django.utils.text.Truncator`` (bsc#1142880).\n - CVE-2019-14233: Fixed denial-of-service possibility in ``strip_tags()``\n (bsc#1142882).\n - CVE-2019-14234: Fixed SQL injection possibility in key and index lookups\n for ``JSONField``/``HStoreField`` (bsc#1142883).\n - CVE-2019-14235: Fixed potential memory exhaustion in\n ``django.utils.encoding.uri_to_iri()`` (bsc#1142885).\n\n Non-security issues fixed:\n\n - Fixed a migration crash on PostgreSQL when adding a check constraint\n with a contains lookup on DateRangeField or DateTimeRangeField, if the\n right hand side of an expression is the same type.\n\n This update was imported from the openSUSE:Leap:15.1:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP1:\n\n zypper in -t patch openSUSE-2019-1872=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-14T00:00:00", "type": "suse", "title": "Security update for python-Django (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11358", "CVE-2019-12308", "CVE-2019-12781", "CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2019-08-14T00:00:00", "id": "OPENSUSE-SU-2019:1872-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5XTP44JEOSNXRVW4JDZXA5XGMBDZLWSW/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-21T22:49:04", "description": "An update that fixes 7 vulnerabilities is now available.\n\nDescription:\n\n This update for python-Django fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-11358: Fixed prototype pollution.\n - CVE-2019-12308: Fixed XSS in AdminURLFieldWidget (bsc#1136468)\n - CVE-2019-12781: Fixed incorrect HTTP detection with reverse-proxy\n connecting via HTTPS (bsc#1139945).\n - CVE-2019-14232: Fixed denial-of-service possibility in\n ``django.utils.text.Truncator`` (bsc#1142880).\n - CVE-2019-14233: Fixed denial-of-service possibility in ``strip_tags()``\n (bsc#1142882).\n - CVE-2019-14234: Fixed SQL injection possibility in key and index lookups\n for ``JSONField``/``HStoreField`` (bsc#1142883).\n - CVE-2019-14235: Fixed potential memory exhaustion in\n ``django.utils.encoding.uri_to_iri()`` (bsc#1142885).\n\n Non-security issues fixed:\n\n - Fixed a migration crash on PostgreSQL when adding a check constraint\n with a contains lookup on DateRangeField or DateTimeRangeField, if the\n right hand side of an expression is the same type.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-1839=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-08T00:00:00", "type": "suse", "title": "Security update for python-Django (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11358", "CVE-2019-12308", "CVE-2019-12781", "CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235"], "modified": "2019-08-08T00:00:00", "id": "OPENSUSE-SU-2019:1839-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3LGJSPCN3VEG2UJPYCUB6TU75JTIV2TQ/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:02:06", "description": "### Background\n\nDjango is a Python-based web framework.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Django. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker, by sending specially crafted input, could possibly cause a Denial of Service condition, or alter the database. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Django users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-python/django-2.2.11\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-04-30T00:00:00", "type": "gentoo", "title": "Django: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12308", "CVE-2019-14232", "CVE-2019-14233", "CVE-2019-14234", "CVE-2019-14235", "CVE-2019-19118", "CVE-2019-19844", "CVE-2020-7471", "CVE-2020-9402"], "modified": "2020-04-30T00:00:00", "id": "GLSA-202004-17", "href": "https://security.gentoo.org/glsa/202004-17", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:30:13", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before\n2.1.11, and 2.2.x before 2.2.4. If passed certain inputs,\ndjango.utils.encoding.uri_to_iri could lead to significant memory usage due\nto a recursion when repercent-encoding invalid UTF-8 octet sequences.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-08-01T00:00:00", "type": "ubuntucve", "title": "CVE-2019-14235", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14235"], "modified": "2019-08-01T00:00:00", "id": "UB:CVE-2019-14235", "href": "https://ubuntu.com/security/CVE-2019-14235", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-22T21:30:13", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before\n2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key\ntransformation, key and index lookups for\ndjango.contrib.postgres.fields.JSONField, and key lookups for\ndjango.contrib.postgres.fields.HStoreField, were subject to SQL injection.\nThis could, for example, be exploited via crafted use of \"OR 1=1\" in a key\nor index name to return all records, using a suitably crafted dictionary,\nwith dictionary expansion, as the **kwargs passed to the QuerySet.filter()\nfunction.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-01T00:00:00", "type": "ubuntucve", "title": "CVE-2019-14234", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14234"], "modified": "2019-08-01T00:00:00", "id": "UB:CVE-2019-14234", "href": "https://ubuntu.com/security/CVE-2019-14234", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-22T21:30:13", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before\n2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying\nHTMLParser, django.utils.html.strip_tags would be extremely slow to\nevaluate certain inputs containing large sequences of nested incomplete\nHTML entities.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-08-01T00:00:00", "type": "ubuntucve", "title": "CVE-2019-14233", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14233"], "modified": "2019-08-01T00:00:00", "id": "UB:CVE-2019-14233", "href": "https://ubuntu.com/security/CVE-2019-14233", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-22T21:30:13", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before\n2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars()\nand words() methods were passed the html=True argument, they were extremely\nslow to evaluate certain inputs due to a catastrophic backtracking\nvulnerability in a regular expression. The chars() and words() methods are\nused to implement the truncatechars_html and truncatewords_html template\nfilters, which were thus vulnerable.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-08-01T00:00:00", "type": "ubuntucve", "title": "CVE-2019-14232", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232"], "modified": "2019-08-01T00:00:00", "id": "UB:CVE-2019-14232", "href": "https://ubuntu.com/security/CVE-2019-14232", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-04-16T07:35:22", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-02T15:15:00", "type": "debiancve", "title": "CVE-2019-14235", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14235"], "modified": "2019-08-02T15:15:00", "id": "DEBIANCVE:CVE-2019-14235", "href": "https://security-tracker.debian.org/tracker/CVE-2019-14235", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-16T07:35:21", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of \"OR 1=1\" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-09T13:15:00", "type": "debiancve", "title": "CVE-2019-14234", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14234"], "modified": "2019-08-09T13:15:00", "id": "DEBIANCVE:CVE-2019-14234", "href": "https://security-tracker.debian.org/tracker/CVE-2019-14234", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T07:35:21", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-02T15:15:00", "type": "debiancve", "title": "CVE-2019-14233", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14233"], "modified": "2019-08-02T15:15:00", "id": "DEBIANCVE:CVE-2019-14233", "href": "https://security-tracker.debian.org/tracker/CVE-2019-14233", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-16T07:35:21", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-02T15:15:00", "type": "debiancve", "title": "CVE-2019-14232", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232"], "modified": "2019-08-02T15:15:00", "id": "DEBIANCVE:CVE-2019-14232", "href": "https://security-tracker.debian.org/tracker/CVE-2019-14232", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "osv": [{"lastseen": "2022-05-12T01:31:29", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-02T15:15:00", "type": "osv", "title": "PYSEC-2019-14", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14235"], "modified": "2020-08-24T17:37:00", "id": "OSV:PYSEC-2019-14", "href": "https://osv.dev/vulnerability/PYSEC-2019-14", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-18T05:35:22", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-06T01:43:31", "type": "osv", "title": "Uncontrolled Recursion in Django", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14235"], "modified": "2022-05-18T04:19:13", "id": "OSV:GHSA-V9QG-3J8P-R63V", "href": "https://osv.dev/vulnerability/GHSA-v9qg-3j8p-r63v", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-12T01:32:52", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of \"OR 1=1\" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-09T13:15:00", "type": "osv", "title": "PYSEC-2019-13", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14234"], "modified": "2019-08-28T13:15:00", "id": "OSV:PYSEC-2019-13", "href": "https://osv.dev/vulnerability/PYSEC-2019-13", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-18T05:36:20", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of \"OR 1=1\" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-16T14:00:34", "type": "osv", "title": "SQL Injection in Django", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14234"], "modified": "2022-05-18T04:18:00", "id": "OSV:GHSA-6R97-CJ55-9HRQ", "href": "https://osv.dev/vulnerability/GHSA-6r97-cj55-9hrq", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T01:31:22", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-02T15:15:00", "type": "osv", "title": "PYSEC-2019-12", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14233"], "modified": "2020-08-24T17:37:00", "id": "OSV:PYSEC-2019-12", "href": "https://osv.dev/vulnerability/PYSEC-2019-12", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-18T05:38:13", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-06T01:43:33", "type": "osv", "title": "Uncontrolled Resource Consumption in Django", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14233"], "modified": "2022-05-18T04:15:43", "id": "OSV:GHSA-H5JV-4P7W-64JG", "href": "https://osv.dev/vulnerability/GHSA-h5jv-4p7w-64jg", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-12T01:31:22", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-02T15:15:00", "type": "osv", "title": "PYSEC-2019-11", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232"], "modified": "2020-08-24T17:37:00", "id": "OSV:PYSEC-2019-11", "href": "https://osv.dev/vulnerability/PYSEC-2019-11", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-18T05:38:53", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-06T01:43:29", "type": "osv", "title": "Uncontrolled Resource Consumption in Django", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232"], "modified": "2022-05-18T04:14:57", "id": "OSV:GHSA-C4QH-4VGV-QC6G", "href": "https://osv.dev/vulnerability/GHSA-c4qh-4vgv-qc6g", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "github": [{"lastseen": "2022-05-13T12:33:22", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-06T01:43:31", "type": "github", "title": "Uncontrolled Recursion in Django", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14235"], "modified": "2021-05-10T18:17:48", "id": "GHSA-V9QG-3J8P-R63V", "href": "https://github.com/advisories/GHSA-v9qg-3j8p-r63v", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-13T12:33:22", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of \"OR 1=1\" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-16T14:00:34", "type": "github", "title": "SQL Injection in Django", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14234"], "modified": "2022-03-21T21:11:02", "id": "GHSA-6R97-CJ55-9HRQ", "href": "https://github.com/advisories/GHSA-6r97-cj55-9hrq", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-13T12:33:22", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-06T01:43:33", "type": "github", "title": "Uncontrolled Resource Consumption in Django", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14233"], "modified": "2021-05-10T21:18:12", "id": "GHSA-H5JV-4P7W-64JG", "href": "https://github.com/advisories/GHSA-h5jv-4p7w-64jg", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-13T12:33:22", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-06T01:43:29", "type": "github", "title": "Uncontrolled Resource Consumption in Django", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232"], "modified": "2021-12-03T20:28:51", "id": "GHSA-C4QH-4VGV-QC6G", "href": "https://github.com/advisories/GHSA-c4qh-4vgv-qc6g", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T20:33:21", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-02T15:15:00", "type": "cve", "title": "CVE-2019-14235", "cwe": ["CWE-674"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14235"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:opensuse:leap:15.1"], "id": "CVE-2019-14235", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14235", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T20:33:23", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of \"OR 1=1\" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-09T13:15:00", "type": "cve", "title": "CVE-2019-14234", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14234"], "modified": "2019-08-28T13:15:00", "cpe": ["cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:30"], "id": "CVE-2019-14234", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14234", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T20:33:21", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-02T15:15:00", "type": "cve", "title": "CVE-2019-14233", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14233"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:opensuse:leap:15.1"], "id": "CVE-2019-14233", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14233", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T20:33:20", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-02T15:15:00", "type": "cve", "title": "CVE-2019-14232", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:opensuse:leap:15.1"], "id": "CVE-2019-14232", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14232", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}], "redhatcve": [{"lastseen": "2022-05-18T16:09:21", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-09T01:30:25", "type": "redhatcve", "title": "CVE-2019-14235", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14235"], "modified": "2022-05-18T15:51:01", "id": "RH:CVE-2019-14235", "href": "https://access.redhat.com/security/cve/cve-2019-14235", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-18T16:09:21", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of \"OR 1=1\" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-04T17:27:36", "type": "redhatcve", "title": "CVE-2019-14234", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14234"], "modified": "2022-05-18T15:50:58", "id": "RH:CVE-2019-14234", "href": "https://access.redhat.com/security/cve/cve-2019-14234", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-18T16:09:21", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-01T12:53:26", "type": "redhatcve", "title": "CVE-2019-14233", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14233"], "modified": "2022-05-18T15:50:56", "id": "RH:CVE-2019-14233", "href": "https://access.redhat.com/security/cve/cve-2019-14233", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-18T16:09:21", "description": "An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-08T21:41:20", "type": "redhatcve", "title": "CVE-2019-14232", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14232"], "modified": "2022-05-18T15:50:52", "id": "RH:CVE-2019-14232", "href": "https://access.redhat.com/security/cve/cve-2019-14232", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}
