Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-12308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the...

6.1CVSS6.9AI score0.02563EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2020/06/05 2:52 p.m.5 views

admindjango-ckeditor-blog (=0.1.0), aiida-core (=1.0.0) +53 more potentially affected by CVE-2020-9402 via django (>=1.11.0 <=1.11.28)

django PYPI version =1.11.0, =0.2.0.dev20181221, =0.28.0, =3.1.4, =2.19.0, =0.0.19, =4.4.1, =1.0.0, =0.6.0, =0.7.2 and more Source cves: CVE-2020-9402 Source advisory: OSV:GHSA-3GH2-XW74-JMCW...

8.8CVSS6.7AI score0.22513EPSS
Exploits0
OSV
OSV
added 2020/02/11 9:3 p.m.7 views

GHSA-HMR4-M2H5-33QX SQL injection in Django

Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter. By passing a suitably crafted delimiter...

9.8CVSS6.9AI score0.65336EPSS
Exploits9References19
PyPA
PyPA
added 2020/02/03 12:15 p.m.10 views

PYSEC-2020-35

Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter. By passing a suitably crafted delimiter...

9.8CVSS7.9AI score0.65336EPSS
Exploits9References13Affected Software1
OSV
OSV
added 2019/08/01 10:0 a.m.3 views

UBUNTU-CVE-2019-14233

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.striptags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities...

7.5CVSS6.8AI score0.03172EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2019/06/03 5:29 p.m.5 views

admindjango-ckeditor-blog (=0.1.0), aileen (>=0.2.0.dev20181221 <=0.2.1) +41 more potentially affected by CVE-2019-12308 via django (>=1.11.0 <=1.11.20)

django PYPI version =1.11.0, =0.2.0.dev20181221, =0.0.19, =4.4.1, =1.0.0, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =1.0.1 - django-defender =0.5.0 and more Source cves: CVE-2019-12308 Source advisory: OSV:PYSEC-2019-79...

6.1CVSS6.8AI score0.02563EPSS
Exploits0
Rows per page
Query Builder