Lucene search
GoogleOSV:PYSEC-2024-47HistoryMar 15, 2024 - 8:15 p.m.
PYSEC-2024-47
2024-03-1520:15:00
Google
osv.dev
45
django
truncator
words()
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665.
Related
debiancve
debiancve
alpinelinux
alpinelinux
osv
osv
Regular expression denial-of-service in Django
2024-03-15 21:30:43
BIT-django-2023-43665
2024-03-06 10:51:25
Django Denial-of-service in django.utils.text.Truncator
2023-11-03 06:36:30
ubuntucve
ubuntucve
cve
cve
cvelist
cvelist
github
github
Regular expression denial-of-service in Django
2024-03-15 21:30:43
Django Denial-of-service in django.utils.text.Truncator
2023-11-03 06:36:30
Django Denial-of-service in django.utils.text.Truncator
2019-08-06 01:43:29
hackerone
hackerone
nessus
nessus
RHEL 7 : python-django (Unpatched Vulnerability)
2024-05-11 00:00:00
Fedora 40 : python-django (2024-5c7fb64c74)
2024-04-29 00:00:00
Fedora 39 : python-django (2024-2ec03ca8cb)
2024-04-18 00:00:00
openvas
openvas
Django < 3.2.22, 4.1.x < 4.1.12, 4.2.x < 4.2.6 DoS Vulnerability - Linux
2023-10-05 00:00:00
Django < 3.2.22, 4.1.x < 4.1.12, 4.2.x < 4.2.6 DoS Vulnerability - Windows
2023-10-05 00:00:00
Ubuntu: Security Advisory (USN-6674-1)
2024-03-05 00:00:00
prion
prion
Hardcoded credentials
2023-11-03 05:15:00
Design/Logic Flaw
2019-08-02 15:15:00
ubuntu
ubuntu
Django vulnerability
2024-03-04 00:00:00
Django vulnerability
2024-03-04 00:00:00
Django vulnerability
2023-10-04 00:00:00
ibm
ibm
wolfi
wolfi
CVE-2024-27351 vulnerabilities
2024-05-28 15:40:08
redhatcve
redhatcve
cgr
cgr
CVE-2024-27351 vulnerabilities
2024-05-19 03:07:16
freebsd
freebsd
Django -- multiple vulnerabilities
2024-02-25 00:00:00
Django -- multiple vulnerabilities
2023-10-01 00:00:00
Django -- multiple vulnerabilities
2019-08-01 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: python-django3-3.2.25-2.fc38
2024-04-20 02:14:46
[SECURITY] Fedora 39 Update: python-django-4.2.11-2.fc39
2024-04-18 01:12:12
[SECURITY] Fedora 39 Update: python-django-4.2.6-1.fc39
2023-11-03 18:57:22
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2019-08-02 09:44:23
Regular Expression Denial Of Service (ReDoS)
2024-03-22 04:01:57
Regular Expression Denial Of Service (ReDoS)
2023-10-30 06:23:22
redos
redos
ROS-20231030-02
2023-10-30 00:00:00
mageia
mageia
Updated python-django package fixes a security vulnerability
2024-03-20 06:35:18
debian
debian
[SECURITY] [DLA 1872-1] python-django security update
2019-08-06 10:07:54
[SECURITY] [DSA 4498-1] python-django security update
2019-08-12 09:08:11
[SECURITY] [DSA 4498-1] python-django security update
2019-08-12 09:07:57
redhat
redhat
(RHSA-2023:6158) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
2023-10-30 01:15:30
(RHSA-2023:5758) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
2023-10-16 15:29:02
(RHSA-2020:1324) Moderate: python-django security update
2020-04-06 08:39:12
archlinux
archlinux
[ASA-201908-2] python-django: multiple issues
2019-08-05 00:00:00
[ASA-201908-3] python2-django: multiple issues
2019-08-05 00:00:00
altlinux
altlinux
suse
suse
Security update for python-Django (moderate)
2019-08-14 00:00:00
Security update for python-Django (moderate)
2019-08-08 00:00:00
gentoo
gentoo
Django: Multiple vulnerabilities
2020-04-30 00:00:00