Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedHat Linux
RedHat Linuxadded 2024/10/28 1:27 p.m.0 views

python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()

A flaw was found in Python's Django urlize and urlizetrunc functions. Excessive input with a specific sequence of characters may lead to denial of service...

7.5CVSS7.1AI score0.02254EPSS
Exploits0References4
OSV
OSVadded 2024/10/18 11:9 a.m.3 views

OESA-2024-2281 python-django security update

Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize and urlizetrunc template filters are subject to a potential...

7.5CVSS7.1AI score0.02254EPSS
Exploits0References3
BDU FSTEC
BDU FSTECadded 2024/09/16 12:0 a.m.1 views

The vulnerability of the django.utils.html.urlize() function in the Django web application framework allows a attacker to trigger a denial-of-service attack.

The vulnerability of the django.utils.html.urlize function in the Django web application framework is related to inconsistencies in the parameters related to input data length. Exploiting this vulnerability could allow an attacker to cause service failures remotely...

7.8CVSS6.6AI score0.01222EPSS
Exploits0References8Affected Software2
RedHat Linux
RedHat Linuxadded 2024/09/05 2:13 p.m.3 views

python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget

A flaw was found in Django. 'urlize', 'urlizetrunc', and 'AdminURLFieldWidget' may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters...

7.5CVSS7AI score0.0091EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2019/01/16 5:10 p.m.16 views

django: Catastrophic backtracking in regular expressions via 'urlize' and 'urlizetrunc'

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...

5.3CVSS7.2AI score0.01372EPSS
Exploits0References5
BDU FSTEC
BDU FSTECadded 2018/12/18 12:0 a.m.4 views

The vulnerability of the django.utils.html.urlize function, as well as the chars and words methods of the django.utils.text.Truncator object in the Django web application framework, allows attackers to trigger a denial-of-service attack.

The vulnerability of the django.utils.html.urlize function, as well as the chars and words methods of the django.utils.text.Truncator object in the Django web application framework, lies in the fact that when control over input data is possible, a malicious attacker can create a string that will...

5.3CVSS6.5AI score0.03173EPSS
Exploits0References5Affected Software3
Rows per page
Query Builder