9 matches found
python311-Django-5.1.8-1.1 on GA media (moderate)
python311-Django-5.1.8-1.1 on GA media Announcement ID: openSUSE-SU-2025:14986-1 Rating: moderate Cross-References: CVE-2025-27556 CVSS scores: CVE-2025-27556 SUSE : 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...
SUSE CVE-2025-27556
An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.setlanguage are subject to a potential denial-of-service attack v...
Django 5.0.x < 5.0.14, 5.1.x < 5.1.8 DoS Vulnerability - Windows
Django is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; ...
aldryn-django (>=5.1.4.0 <=5.1.5.0), allianceauth (=5.0.0a1) +201 more potentially affected by CVE-2025-27556 via django (>=5.1.0 <=5.1.7)
django PYPI version =5.1.0, =5.1.4.0, =0.42.1, =1.0.0, =1.23.0, =0.2.0, =0.46.0, =0.2.0a1, =24.1.0, =0.2.0, =0.2.2 and more Source cves: CVE-2025-27556 Source advisory: SNYK:PYTHON-DJANGO-9634162...
aldryn-django (>=5.0.10.0 <=5.0.11.0), artd-customer (>=0.0.20 <=0.0.23) +65 more potentially affected by CVE-2025-27556 via django (>=5.0.0 <=5.0.13)
django PYPI version =5.0.0, =5.0.10.0, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =1.0.0, =6.0.0, =2.8.1, =0.3.0, =0.35.0 and more Source cves: CVE-2025-27556 Source advisory: OSV:GHSA-WQFG-M96J-85VM...
aldryn-django (>=5.0.10.0 <=5.0.11.0), artd-customer (>=0.0.20 <=0.0.23) +65 more potentially affected by CVE-2025-27556 via django (>=5.0.0 <=5.0.13)
django PYPI version =5.0.0, =5.0.10.0, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =1.0.0, =6.0.0, =2.8.1, =0.3.0, =0.35.0 and more Source cves: CVE-2025-27556 Source advisory: SNYK:PYTHON-DJANGO-9634162...
aldryn-django (>=5.1.4.0 <=5.1.5.0), allianceauth (=5.0.0a1) +201 more potentially affected by CVE-2025-27556 via django (>=5.1.0 <=5.1.7)
django PYPI version =5.1.0, =5.1.4.0, =0.42.1, =1.0.0, =1.23.0, =0.2.0, =0.46.0, =0.2.0a1, =24.1.0, =0.2.0, =0.2.2 and more Source cves: CVE-2025-27556 Source advisory: OSV:GHSA-WQFG-M96J-85VM...
CVE-2025-27556
An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.setlanguage are subject to a potential denial-of-service attack v...
CVE-2025-27556
Django 5.1 before 5.1.8 and 5.0 before 5.0.14 are affected by a Windows‑specific DoS due to slow NFKC normalization. Vulnerable components include django.contrib.auth.views.LoginView/LogoutView and django.views.i18n.set_language, as well as redirect handling that normalizes URLs. Patches are avai...