Lucene search
Gentoo FoundationMGASA-2022-0011HistoryJan 11, 2022 - 10:12 a.m.
Updated python-django packages fix security vulnerability
2022-01-1110:12:42
Gentoo Foundation
advisories.mageia.org
14
0.002 Low
EPSS
Percentile
60.1%
UserAttributeSimilarityValidator incurred significant overhead evaluating submitted password that were artificially large in relative to the comparison values. On the assumption that access to user registration was unrestricted this provided a potential vector for a denial-of-service attack. (CVE-2021-45115) Due to leveraging the Django Template Language’s variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure or unintended method calls, if passed a suitably crafted key. (CVE-2021-45116) Storage.save() allowed directory-traversal if directly passed suitably crafted file names. (CVE-2021-45452)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 8 | noarch | python-django | <Â 3.1.14-1.1 | python-django-3.1.14-1.1.mga8 |
Related
redos
redos
ROS-20220112-04
2022-01-12 00:00:00
altlinux
altlinux
ubuntu
ubuntu
Django vulnerabilities
2022-01-05 00:00:00
openvas
openvas
Django < 2.2.26, 3.x < 3.2.11, 4.x < 4.0.1 Multiple Vulnerabilities - Linux
2022-01-11 00:00:00
Ubuntu: Security Advisory (USN-5204-1)
2022-01-07 00:00:00
Mageia: Security Advisory (MGASA-2022-0011)
2022-01-28 00:00:00
nessus
nessus
FreeBSD : Django -- multiple vulnerabilities (d3e023fb-6e88-11ec-b948-080027240888)
2022-01-05 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : Django vulnerabilities (USN-5204-1)
2022-01-05 00:00:00
Debian DLA-3177-1 : python-django - LTS security update
2022-11-05 00:00:00
osv
osv
python-django vulnerabilities
2022-01-05 13:21:45
python-django - security update
2022-11-04 00:00:00
BIT-django-2021-45115
2024-03-06 10:53:58
freebsd
freebsd
Django -- multiple vulnerabilities
2021-12-20 00:00:00
debian
debian
[SECURITY] [] python-django security update
2022-11-04 14:36:21
[SECURITY] [] python-django security update
2022-11-04 14:35:57
[SECURITY] [DLA 3191-1] python-django security update
2022-11-17 22:00:43
prion
prion
Directory traversal
2022-01-05 00:15:00
Design/Logic Flaw
2022-01-05 00:15:00
Information disclosure
2022-01-05 00:15:00
redhatcve
redhatcve
ubuntucve
ubuntucve
github
github
Denial-of-service in Django
2022-01-12 19:20:53
Information disclosure in Django
2022-01-12 19:21:10
Directory-traversal in Django
2022-01-12 19:21:04
cvelist
cvelist
debiancve
debiancve
alpinelinux
alpinelinux
cve
cve
fedora
fedora
[SECURITY] Fedora 35 Update: python-django-3.2.12-1.fc35
2022-02-11 01:23:09
cnvd
cnvd
Django Denial of Service Vulnerability (CNVD-2022-03215)
2022-01-06 00:00:00
veracode
veracode
Information Disclosure
2022-01-15 00:37:48
Denial Of Service (DoS)
2022-01-06 09:09:31
Path Traversal
2022-01-06 04:31:30
redhat
redhat
(RHSA-2022:5498) Moderate: Satellite 6.11 Release
2022-07-05 13:55:16
rocky
rocky
Satellite 6.11 Release
2022-07-05 13:55:16