Ubuntu: Security Advisory (USN-6054-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-31047

A bypass of validation flaw was found in python-django. When uploading multiple files using one form field, an attacker could upload multiple files without validation due to the server only validating the last file uploaded...

python-django: Potential denial-of-service vulnerability in file uploads

A memory exhaustion flaw was found in the python-django package. This issue occurs when passing certain inputs, leading to a system crash and denial of service...

python-django: Potential denial-of-service via Accept-Language headers

A flaw was found in python-django. The parsed values of the Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial of service vector via excessive memory usage if large header values are sent...

USN-6054-1 python-django vulnerability

Moataz Al-Sharida and nawaik discovered that Django incorrectly handled uploading multiple files using one form field. A remote attacker could possibly use this issue to bypass certain validations...

Fedora: Security Advisory for python-django (FEDORA-2023-8fed428c5e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for python-django (FEDORA-2023-a53ab7c969)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 37 : python-django (2023-8fed428c5e)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-8fed428c5e advisory. Security fix for: - CVE-2023-24580 - CVE-2023-23969 - CVE-2022-41323 - CVE-2022-36359 - CVE-2022-34265 - CVE-2022-28346 - CVE-2022-28347...

Fedora 38 : python-django (2023-a53ab7c969)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a53ab7c969 advisory. Security fix for: - CVE-2023-24580 - CVE-2023-23969 - CVE-2022-41323 - CVE-2022-36359 - CVE-2022-34265 - CVE-2022-28346 - CVE-2022-28347...

Mageia: Security Advisory (MGASA-2023-0026)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2023:0077-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2023-24580: Prevent DOS in file uploads. boo1208082 update to 1.11.15 CVE-2018-14574: Fixed Open redirect possibility in CommonMiddleware boo1102680 Fixed WKBWriter.write and writehex for empty polygons on GEOS 3.6.1+ Fixed a...

Security update for python-Django (important)

openSUSE Security Update: Security update for python-Django Announcement ID: openSUSE-SU-2023:0077-1 Rating: important References: 1077714 1102680 1208082 937524 952198 988420 Cross-References: CVE-2015-3982 CVE-2015-5145 CVE-2015-5963 CVE-2017-12794 CVE-2017-7233 CVE-2017-7234 CVE-2018-14574...

openSUSE 15 Security Update : python-Django (openSUSE-SU-2023:0075-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0075-1 advisory. - An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs...

OPENSUSE-SU-2023:0075-1 Security update for python-Django

python-Django was update to fix: - CVE-2023-24580: Prevent DOS in file uploads. bsc1208082...

Security update for python-Django (moderate)

openSUSE Security Update: Security update for python-Django Announcement ID: openSUSE-SU-2023:0075-1 Rating: moderate References: 1208082 Cross-References: CVE-2023-24580 CVSS scores: CVE-2023-24580 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-24580 SUSE: 7.5...

SUSE-SU-2023:0704-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2023-24580: Fixed DOS in file uploads bsc1208082...

Debian: Security Advisory (DLA-272-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-555-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-349-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-590-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...