Lucene search
K

14 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/03/12 9:43 p.m.9 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.15-py3-none-any.whl CVE-2024-45231

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.15-py3-none-any.whl CVE-2024-45231. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-45231 DESCRIPTION: Django could allow a remote attacker to obtai...

9.8CVSS7.5AI score0.25327EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-45231

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password...

5.3CVSS6AI score0.00805EPSS
Exploits0References2
OSV
OSV
added 2024/10/18 11:9 a.m.4 views

OESA-2024-2281 python-django security update

Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize and urlizetrunc template filters are subject to a potential...

7.5CVSS7.1AI score0.25327EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2024/10/08 6:33 p.m.4 views

11x-wagtail-blog (>=0.0.0 <=0.2.0), aldryn-django (>=5.0.2.0 <=5.0.11.0) +240 more potentially affected by CVE-2024-45231 via django (>=5.0.0 <=5.0.8)

django PYPI version =5.0.0, =0.0.0, =5.0.2.0, =0.0.15, =1.14.3, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =0.1.0, =0.2.5 and more Source cves: CVE-2024-45231 Source advisory: OSV:GHSA-RRQC-C2JX-6JGV...

5.3CVSS6.5AI score0.00805EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/10/08 6:33 p.m.4 views

a3m (=0.1.0), aa-charlink (>=0.1.1 <=1.0.0) +2500 more potentially affected by CVE-2024-45231 via django (>=1.10.0 <=4.2.15)

django PYPI version =1.10.0, =0.1.1, =1.0.0, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =1.4.0, =1.4.2 - adede =4.1.0 and more Source cves: CVE-2024-45231 Source advisory: OSV:GHSA-RRQC-C2JX-6JGV...

5.3CVSS6.4AI score0.00805EPSS
Exploits0
CVE
CVE
added 2024/10/08 12:0 a.m.90 views

CVE-2024-45231

Django CVE-2024-45231: Affects Django v5.1.1, v5.0.9, and v4.2.16. PasswordResetForm could reveal user email addresses during password-reset attempts when email sending fails, allowing remote enumeration through response outcomes. Public details in Debian/IBM advisories confirm exploitation requi...

5.3CVSS7.2AI score0.00805EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2024/10/08 12:0 a.m.16 views

CVE-2024-45231

An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers to enumerate user e-mail addresses by sending password reset requests and observing the outcome only...

5.3CVSS6.1AI score0.00805EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/09/07 12:0 a.m.12 views

openSUSE Security Advisory (SUSE-SU-2024:3161-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5AI score0.25327EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2024/09/07 12:0 a.m.11 views

openSUSE Security Advisory (SUSE-SU-2024:3139-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5AI score0.25327EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2024/09/05 12:0 a.m.13 views

Django 4.x < 4.2.16, 5.0.x < 5.0.9, 5.1.x < 5.1.1 Multiple Vulnerabilities - Windows

Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...

7.5CVSS6.5AI score0.25327EPSS
Exploits0References1
OSV
OSV
added 2024/09/04 10:16 a.m.10 views

SUSE-SU-2024:3139-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2024-45230: Fixed potential denial-of-service vulnerability in django.utils.html.urlize. bsc1229823 - CVE-2024-45231: Fixed potential user email enumeration via response status on password reset. bsc1229824...

7.5CVSS6AI score0.25327EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2024/09/04 12:0 a.m.9 views

Ubuntu: Security Advisory (USN-6987-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.25327EPSS
Exploits0References2
OSV
OSV
added 2024/09/03 4:36 p.m.6 views

USN-6987-1 python-django vulnerabilities

It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. CVE-2024-45230 It was discovered that Django incorrectly handled certain email sending failures. A remote attacker could possibly use this issue to enumerate...

7.5CVSS6.9AI score0.25327EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/09/03 12:0 a.m.14 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Django vulnerabilities (USN-6987-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6987-1 advisory. It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to cause ...

7.5CVSS6.1AI score0.25327EPSS
Exploits0References3
Rows per page
Query Builder