Lucene search
K

30 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Python-Django

In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True, as well as the truncatewordshtml template filter, are vulnerable to a denial-of-service attack via a crafted regular expression. NOTE: This issue persists due to an...

5.3CVSS6.8AI score0.01854EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/20 12:0 a.m.36 views

Fedora 38 : python-django3 (2024-84fbbbb914)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-84fbbbb914 advisory. Security fixes for - CVE-2024-27351 Potential regular expression DOS in django.utils.text.Truncator.words - CVE-2024-24680 denial-of-service in...

7.5CVSS6.8AI score0.02669EPSS
Exploits0References6
Circl
Circl
added 2024/03/16 9:3 p.m.8 views

CVE-2019-14232

creationtimestamp| type| source ---|---|--- 2024-03-16 21:03:26+00:00| seen| https://t.me/arpsyndicate/4254...

7.5CVSS6.5AI score0.03502EPSS
Exploits0References1
OSV
OSV
added 2024/03/15 8:15 p.m.9 views

CVE-2024-27351

In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True and the truncatewordshtml template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because ...

5.3CVSS6.4AI score
Exploits0References13
AlpineLinux
AlpineLinux
added 2024/03/15 12:0 a.m.72 views

CVE-2024-27351

In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True and the truncatewordshtml template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because ...

5.3CVSS7.3AI score0.01854EPSS
Exploits0
OSV
OSV
added 2024/03/06 10:51 a.m.50 views

BIT-DJANGO-2023-43665

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

7.5CVSS6.6AI score0.01236EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2023/11/03 6:36 a.m.50 views

Django Denial-of-service in django.utils.text.Truncator

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

7.5CVSS7.1AI score0.01236EPSS
Exploits0References16Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/10/29 12:0 a.m.38 views

RHEL 7 : python-django (RHSA-2020:4390)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4390 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as muc...

9.8CVSS7.1AI score0.47694EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2020/10/28 6:24 p.m.50 views

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.8AI score0.47694EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2020/06/23 12:0 a.m.33 views

Fedora: Security Advisory for python-django (FEDORA-2020-2e7d30f7aa)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.3AI score0.65336EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2020/05/01 12:0 a.m.79 views

GLSA-202004-17 : Django: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202004-17 Django: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Django. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, by sending specially crafted input,...

9.8CVSS6.7AI score0.65336EPSS
Exploits15References10
RedHat Linux
RedHat Linux
added 2020/04/06 9:2 a.m.78 views

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat OpenStack Platform 15 Stein. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.8AI score0.47694EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.37 views

openSUSE: Security Advisory for python-Django (openSUSE-SU-2019:1839-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.2AI score0.87218EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2019/08/20 12:0 a.m.37 views

Fedora 30 : python-django (2019-647f74ce51)

fixes for CVE-2019-14232 to 14235 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Networ...

9.8CVSS7.2AI score0.47694EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/08/13 12:0 a.m.41 views

Debian DSA-4498-1 : python-django - security update

Several vulnerabilities were discovered in python-django, a web development framework. They could lead to remote denial-of-service or SQL injection, C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4498. The...

9.8CVSS7.3AI score0.47694EPSS
Exploits0References9
Debian
Debian
added 2019/08/12 9:7 a.m.37 views

[SECURITY] [DSA 4498-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4498-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 12, 2019 https://www.debian.org/security/faq -...

7.5CVSS2.4AI score0.47694EPSS
Exploits0
Debian
Debian
added 2019/08/12 9:7 a.m.90 views

[SECURITY] [DSA 4498-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4498-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 12, 2019 https://www.debian.org/security/faq -...

9.8CVSS8.1AI score0.47694EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.53 views

Ubuntu 16.04 LTS / 18.04 LTS : Django vulnerabilities (USN-4084-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4084-1 advisory. It was discovered that Django incorrectly handled the Truncator function. A remote attacker could possibly use this issue to cause Django to...

9.8CVSS7.5AI score0.47694EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2019/08/07 12:0 a.m.55 views

Debian: Security Advisory (DLA-1872-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.03502EPSS
Exploits0References3
Debian
Debian
added 2019/08/06 10:7 a.m.64 views

[SECURITY] [DLA 1872-1] python-django security update

Package : python-django Version : 1.7.11-1+deb8u7 CVE IDs : CVE-2019-14232 CVE-2019-14233 Debian Bug : 934026 It was discovered that there were two vulnerabilities in the Django web development framework: CVE-2019-14232: Prevent a possible denial-of-service in django.utils.text.Truncator. If...

7.5CVSS7.7AI score0.03502EPSS
Exploits0
Rows per page
Query Builder