Django vulnerable to Denial of Service via i18n middleware component

🗓️ 01 May 2022 18:36:08Reported by GitHub Advisory DatabaseType

Django i18n middleware vulnerability in versions 0.91, 0.95, 0.95.1, and 0.96 allows remote DoS via large Accept-Language header

Reporter	Title	Published	Views	Family All 30
CVE	CVE-2007-5712	30 Oct 200719:00	–	cve
Cvelist	CVE-2007-5712	30 Oct 200719:00	–	cvelist
Debian	[SECURITY] [DSA 1640-1] New python-django packages fix cross site request forgery	20 Sep 200813:08	–	debian
Debian CVE	CVE-2007-5712	30 Oct 200719:00	–	debiancve
Tenable Nessus	Debian DSA-1640-1 : python-django - several vulnerabilities	23 Sep 200800:00	–	nessus
Tenable Nessus	Fedora 8 : Django-0.96.1-1.fc8 (2007-2788)	12 Nov 200700:00	–	nessus
Tenable Nessus	Fedora 7 : Django-0.96.1-1.fc7 (2007-3157)	12 Nov 200700:00	–	nessus
Tenable Nessus	Fedora 7 : Django-0.96.2-1.fc7 (2008-4191)	22 May 200800:00	–	nessus
EUVD	EUVD-2007-0001	7 Oct 202500:30	–	euvd
Fedora	[SECURITY] Fedora 8 Update: Django-0.96.1-1.fc8	9 Nov 200723:53	–	fedora

Vulners

Node

django_project djangoRange0.95–0.95.2pip

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2007-5712
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/38143
redhat	www.redhat.com/archives/fedora-package-announce/2007-November/msg00243.html
redhat	www.redhat.com/archives/fedora-package-announce/2007-November/msg00257.html
sourceforge	www.sourceforge.net/forum/forum.php
debian	www.debian.org/security/2008/dsa-1640
djangoproject	www.djangoproject.com/weblog/2007/oct/26/security-fix
web	www.web.archive.org/web/20091201070224/http://secunia.com/advisories/27435
web	www.web.archive.org/web/20111224195100/http://secunia.com/advisories/27597
web	www.web.archive.org/web/20111229085535/http://secunia.com/advisories/31961

18 Nov 2024 16:26Current

6.7Medium risk

Vulners AI Score6.7

CVSS 22.6

EPSS0.01815