Lucene search
+L

109 matches found

NVD
NVD
added 2023/02/01 7:15 p.m.18 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS7.5AI score0.47102EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2023/02/01 7:15 p.m.3 views

adede (=4.1.0), alastria-auth (>=0.0.3 <=0.0.17) +231 more potentially affected by CVE-2023-23969 via django (>=4.1.0 <=4.1.5)

django PYPI version =4.1.0, =0.0.3, =4.1.12.0, =0.6.3, =1.0.0, =0.1.1, =1.10.0, =4.14.0, =0.0.3, =4.1.0, =38.0.0, =55.0.0 - channels-postgres =0.0.5 and more Source cves: CVE-2023-23969 Source advisory: OSV:PYSEC-2023-12...

7.5CVSS6.4AI score0.47102EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/02/01 7:15 p.m.5 views

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +233 more potentially affected by CVE-2023-23969 via django (>=4.0.0 <=4.0.8)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =3.1.1, =3.6.4, =0.10.0, =1.1.2, =0.2.0, =0.6.1, =0.6.10 and more Source cves: CVE-2023-23969 Source advisory: OSV:PYSEC-2023-12...

7.5CVSS6.6AI score0.47102EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/02/01 7:15 p.m.4 views

admin-tool-button (>=1.0.1a0 <=1.0.5a0), aimmo (>=2.0.0 <=2.5.11) +108 more potentially affected by CVE-2023-23969 via django (>=3.2.0 <=3.2.16)

django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.0.1, =6.2.0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =0.1.26, =0.1.27 - botbuilder-applicationinsights =4.14.3 - botbuilder-integration-applicationinsights-aiohttp =4.14.3 and more Source cves: CVE-2023-23969 Source advisory:...

7.5CVSS6.8AI score0.47102EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/02/01 12:0 a.m.78 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS7AI score0.47102EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/02/01 12:0 a.m.3 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.4AI score0.47102EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/02/01 12:0 a.m.26 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Django vulnerability (USN-5837-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5837-1 advisory. Nick Pope discovered that Django incorrectly handled certain Accept-Language headers. A remote attacker could possibly use this issue to...

7.5CVSS7AI score0.47102EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/01 12:0 a.m.17 views

Ubuntu 16.04 ESM : Django vulnerability (USN-5837-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5837-2 advisory. USN-5837-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the preceding description...

7.5CVSS7AI score0.47102EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2023/02/01 12:0 a.m.31 views

Django -- multiple vulnerabilities

Django reports: CVE-2023-23969: Potential denial-of-service via Accept-Language headers...

7.5CVSS7.7AI score0.47102EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2023/02/01 12:0 a.m.118 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS7.5AI score0.47102EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.10 views

Mageia: Security Advisory (MGASA-2021-0097)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.8AI score0.0153EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/11/08 12:0 a.m.21 views

Mozilla Firefox Security Advisory (MFSA2021-07) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2021-07. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

8.8CVSS6.6AI score0.0153EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.26 views

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2021:14657-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14657-1 advisory. - If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation...

8.8CVSS7.8AI score0.0153EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2021:0659-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.0153EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2021:14657-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.1AI score0.0153EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/18 11:41 a.m.41 views

Security Bulletin: Multiple vulnerabilities in Mozilla Firefox affect IBM Cloud Pak for Multicloud Management Monitoring

Summary Multiple vulnerabilities in Mozilla Firefox affect IBM Cloud Pak for Multicloud Management Monitoring. Vulnerability Details CVEID: CVE-2021-23978 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the...

9.8CVSS2.3AI score0.01876EPSS
Exploits4Affected Software1
OpenVAS
OpenVAS
added 2021/05/07 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-4936-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.0153EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/05/03 12:0 a.m.282 views

GLSA-202104-09 : Mozilla Thunderbird: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202104-09 Mozilla Thunderbird: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CV...

8.8CVSS7.7AI score0.01764EPSS
Exploits2References21
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2021:0676-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.1AI score0.0153EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2021:0667-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.1AI score0.0153EPSS
Exploits0References5
Rows per page
Query Builder