Lucene search
K

29 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.25 views

RHEL 8 : RHUI 4.5.0 - Security, Bug Fixes, and Enhancements (Moderate) (RHSA-2023:4591)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4591 advisory. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and content...

9.8CVSS6.8AI score0.0138EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2023/08/04 12:0 a.m.36 views

Debian DSA-5465-1 : python-django - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5465 advisory. Seokchan Yoon discovered that missing sanitising in the email and URL validators of Django, a Python web development framework, could result in denial of...

9.8CVSS6.4AI score0.62575EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2023/08/04 12:0 a.m.17 views

Debian: Security Advisory (DSA-5465-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.62575EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/07/20 12:0 a.m.21 views

Oracle Solaris Critical Patch Update : jul2023_SRU11_4_58_144_3

This Solaris system is missing necessary patches to address critical security updates : %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Oracle CPU for jul2023. include'deprecatednasllevel.inc'; include'compat.inc'...

9.8CVSS7.7AI score0.0462EPSS
Exploits6References30
Tenable Nessus
Tenable Nessus
added 2023/07/15 12:0 a.m.31 views

openSUSE 15 Security Update : python-Django (SUSE-SU-2023:2839-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2839-1 advisory. - CVE-2023-31047: Fixed a potential bypass of validation when uploading multiple files using one form field bsc1210866. - CVE-2023-36053: Fixed...

9.8CVSS6.9AI score0.02669EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/05/25 12:0 a.m.28 views

Ubuntu 16.04 ESM : Django vulnerability (USN-6054-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6054-2 advisory. USN-6054-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted the...

9.8CVSS7AI score0.0138EPSS
Exploits0References2
Mageia
Mageia
added 2023/05/16 7:17 p.m.44 views

Updated python-django packages fix security vulnerability

Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack. CVE-2023-24580 Bypass of validation when using one form field to upload multiple files. This...

9.8CVSS7.1AI score0.62575EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/05/16 12:0 a.m.24 views

Fedora 37 : python-django3 (2023-8f9d949dbc)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-8f9d949dbc advisory. - Update to latest 3.2 release - Security fix for CVE-2023-31047 - Provide python3-django so it can be used by dependents that do not use the...

9.8CVSS7.1AI score0.0138EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/11 12:0 a.m.40 views

Fedora 38 : python-django3 (2023-0d20d09f2d)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-0d20d09f2d advisory. - Update to latest 3.2 release - Security fix for CVE-2023-31047 - Provide python3-django so it can be used by dependents that do not use the...

9.8CVSS7.1AI score0.0138EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/05/09 12:0 a.m.35 views

Django 3.2.x < 3.2.19, 4.1.x < 4.1.9, 4.2.x < 4.2.1 Improper Input Validation Vulnerability - Linux

Django is prone to an input validation vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if...

9.8CVSS9.5AI score0.0138EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/05/08 12:0 a.m.21 views

Debian: Security Advisory (DLA-3415-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.0138EPSS
Exploits0References3
Circl
Circl
added 2023/05/07 7:41 a.m.8 views

CVE-2023-31047

creationtimestamp| type| source ---|---|--- 2023-05-07 07:41:24+00:00| seen| https://t.me/cibsecurity/63405 2023-06-23 01:18:56+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4427...

9.8CVSS7AI score0.0138EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2023/05/07 3:30 a.m.5 views

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +412 more potentially affected by CVE-2023-31047 via django (>=4.0.0 <=4.1.8)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =3.1.1, =3.6.4, =3.7.0 and more Source cves: CVE-2023-31047 Source advisory: OSV:GHSA-R3XC-PRGR-MG9P...

9.8CVSS6.8AI score0.0138EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/05/07 3:30 a.m.5 views

admin-tool-button (>=1.0.1a0 <=1.0.5a0), aedttest (=0.0.2) +115 more potentially affected by CVE-2023-31047 via django (>=3.2.0 <=3.2.18)

django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.0.1, =6.2.0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =0.1.26, =0.1.27 and more Source cves: CVE-2023-31047 Source advisory: OSV:GHSA-R3XC-PRGR-MG9P...

9.8CVSS6.8AI score0.0138EPSS
Exploits0
OSV
OSV
added 2023/05/07 2:15 a.m.43 views

CVE-2023-31047

In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField only the last uploaded file was validated. However,...

9.8CVSS7.2AI score
Exploits0References6
OSV
OSV
added 2023/05/07 2:15 a.m.1 views

DEBIAN-CVE-2023-31047

In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField only the last uploaded file was validated. However,...

9.8CVSS6.8AI score0.0138EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/05/07 2:15 a.m.4 views

bfactory (>=0.4.0 <=0.4.4), coop (>=5.2.0 <=5.2.2) +39 more potentially affected by CVE-2023-31047 via django (>=4.2.0 <=4.2.0rc1)

django PYPI version =4.2.0, =0.4.0, =5.2.0, =3.1.0, =7.2.2, =39.1.0, =9.3.0, =0.1.0a1, =1.0.0, =0.2.1, =0.2.2 - django-handy-admin =0.0.0 and more Source cves: CVE-2023-31047 Source advisory: OSV:PYSEC-2023-61...

9.8CVSS6.8AI score0.0138EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/05/07 2:15 a.m.5 views

admin-tool-button (>=1.0.1a0 <=1.0.5a0), aedttest (=0.0.2) +115 more potentially affected by CVE-2023-31047 via django (>=3.2.0 <=3.2.18)

django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.0.1, =6.2.0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =0.1.26, =0.1.27 and more Source cves: CVE-2023-31047 Source advisory: OSV:PYSEC-2023-61...

9.8CVSS6.8AI score0.0138EPSS
Exploits0
CVE
CVE
added 2023/05/07 12:0 a.m.311 views

CVE-2023-31047

CVE-2023-31047 affects Django: 3.2.x before 3.2.19, 4.x before 4.1.9, and 4.2.x before 4.2.1. The vulnerability allows bypassing validation when using a single form field to upload multiple files; forms.FileField/ImageField never validated earlier uploads, with only the last file being validated....

9.8CVSS9.3AI score0.0138EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2023/05/07 12:0 a.m.48 views

CVE-2023-31047

In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField only the last uploaded file was validated. However,...

9.7AI score0.0138EPSS
Exploits0References6
Rows per page
Query Builder