CVE-2024-38875

A vulnerability was found in the Django framework's urlize and urlizetrunc functions, where an attacker can input a certain string containing a large number of brackets, leads to a potential denial of service when the application attempts to process the excessive input. Mitigation Mitigation for...

Fedora 40 : python-django (2024-7dac82a14e)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-7dac82a14e advisory. Security fixes for - https://nvd.nist.gov/vuln/detail/CVE-2024-38875 - https://nvd.nist.gov/vuln/detail/CVE-2024-39329 -...

Fedora 39 : python-django (2024-82547e3e16)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-82547e3e16 advisory. Security fixes for - https://nvd.nist.gov/vuln/detail/CVE-2024-38875 - https://nvd.nist.gov/vuln/detail/CVE-2024-39329 -...

SUSE SLES15 / openSUSE 15 Security Update : python-Django (SUSE-SU-2024:2577-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2577-1 advisory. - CVE-2024-38875: Fixed potential denial-of-service attack via certain inputs with a very large number of brackets bsc1227590 -...

SUSE-SU-2024:2577-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2024-38875: Fixed potential denial-of-service attack via certain inputs with a very large number of brackets bsc1227590 - CVE-2024-39329: Fixed username enumeration through timing difference for users with unusable passwords bsc12275...

openSUSE 15 Security Update : python-Django (SUSE-SU-2024:2545-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2545-1 advisory. - CVE-2024-38875: Fixed potential denial-of-service attack via certain inputs with a very large number of brackets bsc1227590 - CVE-2024-39329: Fixed...

SUSE-SU-2024:2545-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2024-38875: Fixed potential denial-of-service attack via certain inputs with a very large number of brackets bsc1227590 - CVE-2024-39329: Fixed username enumeration through timing difference for users with unusable passwords bsc12275...

CVE-2024-39614

A vulnerability was found in Python-Django in the getsupportedlanguagevariant function. The issue triggers when parsed with very long strings, including a specific set of characters, leading to a potential denial of service attack...

Ubuntu: Security Advisory (USN-6888-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

11x-wagtail-blog (>=0.0.0 <=0.2.0), aldryn-django (>=5.0.2.0 <=5.0.11.0) +235 more potentially affected by CVE-2024-39330 via django (>=5.0.0 <=5.0.6)

django PYPI version =5.0.0, =0.0.0, =5.0.2.0, =0.0.15, =1.14.3, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =0.1.0, =0.2.5 and more Source cves: CVE-2024-39330 Source advisory: OSV:GHSA-9JMF-237G-QF46...

Ubuntu: Security Advisory (USN-6888-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-2ec03ca8cb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 9 : Red Hat OpenStack Platform 17.1 (python-django) (RHSA-2024:2731)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2731 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as...

RHEL 6 : python-django (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-django: DNS rebinding vulnerability when 'DEBUG=True' CVE-2016-9014 - Django 1.10 before 1.10.7, 1...

RHEL 7 : python-django (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-django: Potential regular expression denial of service vulnerability in EmailValidator/URLValidato...

Fedora 40 : python-django (2024-5c7fb64c74)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5c7fb64c74 advisory. Security fix for CVE-2024-24680 and CVE-2024-27351 Tenable has extracted the preceding description block directly from the Fedora security advisory...

RHEL 8 : Satellite 6.14.3 Async Security Update (Moderate) (RHSA-2024:1536)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1536 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

RHEL 8 : RHUI 4.4.0 - Security Fixes, Bug Fixes, and Enhancements Update (Moderate) (RHSA-2023:2101)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2101 advisory. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and content...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5701)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5701 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

RHEL 8 : RHUI 4.5.0 - Security, Bug Fixes, and Enhancements (Moderate) (RHSA-2023:4591)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4591 advisory. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and content...