30 matches found
TencentOS Server 4: python-django (TSSA-2024:0158)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0158 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2022-22818
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The % debug % template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to...
Fedora 36 : python-django (2022-4094ccf096)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-4094ccf096 advisory. Automatic update for python-django-4.0.2-1.fc36. Changelog Wed Feb 2 2022 Matthias Runge - 4.0.2-1 - rebase to 4.0.2, fix for CVE-2022-22818...
SUSE CVE-2022-22818
The % debug % template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS...
RHEL 8 : Red Hat OpenStack Platform 16.2.4 (python-django20) (RHSA-2022:8853)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8853 advisory. Security Fixes: Possible XSS via '% debug %' template tag CVE-2022-22818 Denial of service possibility in file uploads CVE-2022-23833 For mo...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 (python-django20) security update
An update for python-django20 is now available for Red Hat OpenStack Platform 16.1.9 Train for Red Hat Enterprise Linux RHEL 8.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Debian: Security Advisory (DLA-3191-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3191-1] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3191-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb November 17, 2022 https://wiki.debian.org/LTS -...
Important: Red Hat Security Advisory: Satellite 6.12 Release
An update is now available for Red Hat Satellite 6.12. The release contains a new version of Satellite and important security fixes for various components. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring ...
RLSA-2022:8506 Important: Satellite 6.12 Release
Rocky Enterprise Software Foundation Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: netty-codec: Bzip2Decoder doesn't allow setting...
[SECURITY] [DSA 5254-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5254-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 15, 2022 https://www.debian.org/security/faq -...
Ubuntu: Security Advisory (USN-5269-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: Satellite 6.11 Release
An update is now available for Red Hat Satellite 6.11 Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: libsolv: Heap-based buff...
Security fix for the ALT Linux 10 package python3-module-django version 3.2.12-alt1
3.2.12-alt1 built Feb. 25, 2022 Anton Farygin in task 295709 Feb. 20, 2022 Anton Farygin - 3.2.11 - 3.2.12 - Fixes for the following security vulnerabilities: + CVE-2022-22818: Possible XSS via % debug % template tag. + CVE-2022-23833: Denial-of-service possibility in file uploads...
Fedora: Security Advisory for python-django (FEDORA-2022-e7fd530688)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
USN-5269-2 python-django vulnerabilities
USN-5269-1 fixed several vulnerabilities in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Keryn Knight discovered that Django incorrectly handled certain template tags. A remote attacker could possibly use this issue to...
Ubuntu 16.04 ESM : Django vulnerabilities (USN-5269-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5269-2 advisory. USN-5269-1 fixed several vulnerabilities in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...
aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +212 more potentially affected by CVE-2022-22818 via django (>=4.0.0 <=4.0.10)
django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =3.1.1, =3.6.4, =0.10.0, =1.1.2, =0.2.0, =0.6.1, =0.6.10 - auth-satvadev =1.0.2 and more Source cves: CVE-2022-22818 Source advisory: OSV:GHSA-95RW-FX8R-36V6...
aimmo (>=0.61.9 <=1.4.6b776), ambition-edc (>=0.3.68 <=0.3.72) +72 more potentially affected by CVE-2022-22818 via django (>=2.2.0 <=2.2.26)
django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2022-22818 Source advisory: OSV:GHSA-95RW-FX8R-36V6...
USN-5269-1: Django vulnerabilities
Keryn Knight discovered that Django incorrectly handled certain template tags. A remote attacker could possibly use this issue to perform a cross-site scripting attack. CVE-2022-22818 Alan Ryan discovered that Django incorrectly handled file uploads. A remote attacker could possibly use this issu...