21 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-38875
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certai...
openSUSE Security Advisory (SUSE-SU-2024:2577-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 / 9 : Satellite 6.16.0 (Critical) (RHSA-2024:8906)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8906 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessit...
Critical: Red Hat Security Advisory: Satellite 6.16.0 release
A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Fedora: Security Advisory (FEDORA-2024-d05d37ead7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-a7eef0ca7b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-82547e3e16)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-7dac82a14e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : python-django (2024-82547e3e16)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-82547e3e16 advisory. Security fixes for - https://nvd.nist.gov/vuln/detail/CVE-2024-38875 - https://nvd.nist.gov/vuln/detail/CVE-2024-39329 -...
openSUSE Security Advisory (SUSE-SU-2024:2545-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:2545-1 Security update for python-Django
This update for python-Django fixes the following issues: - CVE-2024-38875: Fixed potential denial-of-service attack via certain inputs with a very large number of brackets bsc1227590 - CVE-2024-39329: Fixed username enumeration through timing difference for users with unusable passwords bsc12275...
Django 4.x < 4.2.14, 5.x < 5.0.7 Multiple Vulnerabilities - Windows
Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...
Django 4.x < 4.2.14, 5.x < 5.0.7 Multiple Vulnerabilities - Linux
Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...
CVE-2024-38875
creationtimestamp| type| source ---|---|--- 2024-07-10 07:33:50+00:00| seen| https://t.me/cvedetector/510...
11x-wagtail-blog (>=0.0.0 <=0.2.0), aldryn-django (>=5.0.2.0 <=5.0.11.0) +234 more potentially affected by CVE-2024-38875 via django (>=5.0.0 <=5.0.6)
django PYPI version =5.0.0, =0.0.0, =5.0.2.0, =0.0.15, =1.14.3, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =0.1.0, =0.2.5 and more Source cves: CVE-2024-38875 Source advisory: OSV:GHSA-QG2P-9JWR-MMQF...
CVE-2024-38875 vulnerabilities
Vulnerabilities for packages: py3-django...
CVE-2024-38875 vulnerabilities
Vulnerabilities for packages: py3-django...
CVE-2024-38875
An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets...
CVE-2024-38875
CVE-2024-38875 affects Django 4.2 before 4.2.14 and 5.0 before 5.0.7, where the urlize and urlizetrunc functions can be triggered into a denial-of-service condition by inputs containing a very large number of brackets. The connected sources (e.g., Astra Linux, Gentoo GLSA, Fedora advisories, and ...
USN-6888-1: Django vulnerabilities
Elias Myllymäki discovered that Django incorrectly handled certain inputs with a large number of brackets. A remote attacker could possibly use this issue to cause Django to consume resources or stop responding, resulting in a denial of service. CVE-2024-38875 It was discovered that Django...