python310-django-ckeditor-6.7.2-1.1 on GA media (moderate)

python310-django-ckeditor-6.7.2-1.1 on GA media Announcement ID: openSUSE-SU-2024:14557-1 Rating: moderate Cross-References: CVE-2024-24815 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

artd-customer (>=0.0.20 <=0.0.23), artd-location (>=0.0.13 <=0.0.21) +62 more potentially affected by CVE-2024-53908 via django (>=5.0.0 <=5.0.1)

django PYPI version =5.0.0, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =1.0.0, =6.0.0, =2.8.1, =0.3.0, =24.1.1, =24.2.0 and more Source cves: CVE-2024-53908 Source advisory: OSV:PYSEC-2024-157...

Ubuntu: Security Advisory (USN-7136-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7136-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

artd-customer (>=0.0.20 <=0.0.23), artd-location (>=0.0.13 <=0.0.21) +62 more potentially affected by CVE-2024-53907 via django (>=5.0.0 <=5.0.1)

django PYPI version =5.0.0, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =1.0.0, =6.0.0, =2.8.1, =0.3.0, =24.1.1, =24.2.0 and more Source cves: CVE-2024-53907 Source advisory: SNYK:PYTHON-DJANGO-8456315...

allianceauth (=5.0.0a1), anime-quiz (=1.0.0) +181 more potentially affected by CVE-2024-53907 via django (>=5.1.0 <=5.1.3)

django PYPI version =5.1.0, =0.42.1, =1.23.0, =0.46.0, =24.1.0, =0.2.0, =0.1.0, =0.1.6, =0.6.0, =0.8.0 and more Source cves: CVE-2024-53907 Source advisory: SNYK:PYTHON-DJANGO-8456315...

danceschool-dancervax (>=0.1.1 <=0.1.5), django-danceschool (>=0.9.1 <=0.9.3) +5 more potentially affected by CVE-2024-11404 via django-filer (=3.0.3)

django-filer PYPI version =3.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on django-filer and may be impacted: - danceschool-dancervax =0.1.1, =0.9.1, =0.2.0.0, =1.16.0, =2.7.1 Source cves: CVE-2024-11404 Source advisory:...

Fedora 41 : python-django (2024-396c94f0a3)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-396c94f0a3 advisory. urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters. Tenable has extract...

Fedora 36 : python-django (2022-4094ccf096)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-4094ccf096 advisory. Automatic update for python-django-4.0.2-1.fc36. Changelog Wed Feb 2 2022 Matthias Runge - 4.0.2-1 - rebase to 4.0.2, fix for CVE-2022-22818...

Fedora 41 : python-django (2024-c5c5671edb)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c5c5671edb advisory. Automatic update for python-django-4.2.11-1.fc41. Changelog Mon Apr 8 2024 Michel Lind - 4.2.11-1 - Update to 4.2.11 - Resolves CVE-2024-24680...

python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()

A vulnerability was found in Python-Django in the getsupportedlanguagevariant function. The issue triggers when parsed with very long strings, including a specific set of characters, leading to a potential denial of service attack...

python-django: Username enumeration through timing difference for users with unusable passwords

A vulnerability was found in Python-Django in the django.contrib.auth.backends.ModelBackend.authenticate method. This flaw allows remote attackers to enumerate users via a timing attack involving login requests for users with unusable passwords...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 18.0.3 (python-django) security update

An update for python-django is now available for Red Hat OpenStack Platform 18.0.3 Feature Release 1 Antelope. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2024-52004

MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...

CVE-2024-52004 Remote code execution vulnerabilities in MediaCMS

MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...

CVE-2024-52004 Remote code execution vulnerabilities in MediaCMS

MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...

CVE-2024-52004 Remote code execution vulnerabilities in MediaCMS

MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...

RHEL 6 : python-django-horizon and python-django-openstack-auth update (Moderate) (RHSA-2015:0845)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0845 advisory. OpenStack Dashboard horizon provides administrators and users a graphical interface to access, provision and automate cloud-based resources. The...

RHEL 7 : python-django (RHSA-2016:0129)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:0129 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as...

RHEL 7 : python-django (RHSA-2017:1462)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:1462 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as...