Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-41990HistoryAug 07, 2024 - 3:15 p.m.
CVE-2024-41990
2024-08-0715:15:56
Debian Security Bug Tracker
security-tracker.debian.org
3
cve-2024-41990
django
security
vulnerability
unix
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
8.5
Confidence
High
EPSS
0.001
Percentile
21.9%
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | python-django | <= 3:3.2.19-1+deb12u1 | python-django_3:3.2.19-1+deb12u1_all.deb |
| Debian | 11 | all | python-django | <= 2:2.2.28-1~deb11u2 | python-django_2:2.2.28-1~deb11u2_all.deb |
| Debian | 999 | all | python-django | < 3:4.2.15-1 | python-django_3:4.2.15-1_all.deb |
| Debian | 13 | all | python-django | < 3:4.2.15-1 | python-django_3:4.2.15-1_all.deb |
Related
github
github
Django vulnerable to a denial-of-service attack
2024-08-07 15:30:42
nvd
nvd
CVE-2024-41990
2024-08-07 15:15:56
ubuntucve
ubuntucve
CVE-2024-41990
2024-08-06 00:00:00
vulnrichment
vulnrichment
CVE-2024-41990
2024-08-07 00:00:00
redhatcve
redhatcve
CVE-2024-41990
2024-08-07 16:17:24
osv
osv
Security update for python-Django
2024-08-09 07:18:39
Django vulnerable to a denial-of-service attack
2024-08-07 15:30:42
BIT-django-2024-41990
2024-08-08 07:17:28
veracode
veracode
Denial Of Service (DoS)
2024-08-08 09:15:46
cvelist
cvelist
CVE-2024-41990
2024-08-07 00:00:00
nessus
nessus
cve
cve
CVE-2024-41990
2024-08-07 15:15:56
openvas
openvas
Django 4.x < 4.2.15, 5.x < 5.0.8 Multiple Vulnerabilities - Windows
2024-08-07 00:00:00
Django 4.x < 4.2.15, 5.x < 5.0.8 Multiple Vulnerabilities - Linux
2024-08-07 00:00:00
Ubuntu: Security Advisory (USN-6946-1)
2024-08-07 00:00:00
ubuntu
ubuntu
Django vulnerabilities
2024-08-06 00:00:00
freebsd
freebsd
Django -- multiple vulnerabilities
2024-08-01 00:00:00
redhat
redhat
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
8.5
Confidence
High
EPSS
0.001
Percentile
21.9%
Related for DEBIANCVE:CVE-2024-41990