Mageia: Security Advisory (MGASA-2014-0231)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0166)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:0103-1 Security update for python-Django1

This update for python-Django1 fixes the following issues: - CVE-2021-45115: Fixed denial-of-service possibility in UserAttributeSimilarityValidator bsc1194115. - CVE-2021-45116: Fixed potential information disclosure in dictsort template filter bsc1194117. - CVE-2021-45452: Fixed potential...

SUSE-SU-2022:0102-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2021-45115: Fixed denial-of-service possibility in UserAttributeSimilarityValidator bsc1194115. - CVE-2021-45116: Fixed potential information disclosure in dictsort template filter bsc1194117. - CVE-2021-45452: Fixed potential...

Information Disclosure

python-django is vulnerable to information disclosure. The vulnerability exist due to the lack of sanitizaton of the Template Language's variable resolution logic...

MGASA-2022-0011 Updated python-django packages fix security vulnerability

UserAttributeSimilarityValidator incurred significant overhead evaluating submitted password that were artificially large in relative to the comparison values. On the assumption that access to user registration was unrestricted this provided a potential vector for a denial-of-service attack...

Ubuntu: Security Advisory (USN-5204-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

admin-tool-button (>=1.0.1a0 <=1.0.5a0), apis-ampel (=0.1.0) +51 more potentially affected by CVE-2021-45116 via django (>=3.2.0 <=3.2.10)

django PYPI version =3.2.0, =1.0.1a0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =22.0.0.dev30 - autoreduce-utils =0.1.0 - common-framework =2021.4.1 - directory-validators =9.0.0 - django-admin-taggit-ui =0.1.0.dev0 - django-blocklist =1.0.0 - django-brazilian-zipcode =0.1.0 -...

admin-tool-button (>=1.0.1a0 <=1.0.5a0), apis-ampel (=0.1.0) +51 more potentially affected by CVE-2021-45115 via django (>=3.2.0 <=3.2.10)

django PYPI version =3.2.0, =1.0.1a0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =22.0.0.dev30 - autoreduce-utils =0.1.0 - common-framework =2021.4.1 - directory-validators =9.0.0 - django-admin-taggit-ui =0.1.0.dev0 - django-blocklist =1.0.0 - django-brazilian-zipcode =0.1.0 -...

MGASA-2021-0552 Updated python-django packages fix security vulnerability

Potential bypass of an upstream access control based on URL paths. CVE-2021-44420 HTTP requests for URLs with trailing newlines could bypass an upstream access control based on URL paths...

Ubuntu: Security Advisory (USN-5178-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5178-1: Django vulnerability

Sjoerd Job Postmus and TengMA discovered that Django incorrectly handled URLs with trailing newlines. A remote attacker could possibly use this issue to bypass certain access controls...

SUSE-SU-2021:3728-1 Security update for ardana-ansible, ardana-monasca, documentation-suse-openstack-cloud, openstack-ec2-api, openstack-heat-templates, python-Django, python-monasca-common, rubygem-redcarpet, rubygem-puma

This update for ardana-ansible, ardana-monasca, documentation-suse-openstack-cloud, openstack-ec2-api, openstack-heat-templates, python-Django, python-monasca-common, rubygem-redcarpet, rubygem-puma contains the following fixes: Security fixes included in this update: rubygem-redcarpet:...

Fedora: Security Advisory for python-django-filter (FEDORA-2021-f213fea441)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python-django (FEDORA-2021-78e501d62a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2021:2554-1 Security update for ardana-cobbler, cassandra, cassandra-kit, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-heat-templates, openstack-monasca-installer, openstack-nova, python-Django, python-elementpath, python-eventlet, python-py, python-pysaml2, python-six, python-xmlschema

This update for ardana-cobbler, cassandra, cassandra-kit, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-heat-templates, openstack-monasca-installer, openstack-nova, python-Django, python-elementpath, python-eventlet, python-py, python-pysaml2,...

Updated python-django package fixes security vulnerabilities

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability CVE-2021-28658. In Django 2.2 before 2.2.21, 3.1 before 3.1.9, an...

[ASA-202107-11] python-django: insufficient validation

Arch Linux Security Advisory ASA-202107-11 ========================================== Severity: High Date : 2021-07-03 CVE-ID : CVE-2021-35042 Package : python-django Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-2123 Summary ======= The package python-djan...

[ASA-202106-41] python-django: multiple issues

Arch Linux Security Advisory ASA-202106-41 ========================================== Severity: Medium Date : 2021-06-15 CVE-ID : CVE-2021-33203 CVE-2021-33571 Package : python-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2026 Summary ======= The package...

SUSE-SU-2021:1963-1 Security update for crowbar-openstack, grafana, kibana, monasca-installer, python-Django, python-py, rubygem-activerecord-session_store

This update for crowbar-openstack, grafana, kibana, monasca-installer, python-Django, python-py, rubygem-activerecord-sessionstore contains the following fixes: Security fixes included in this update: crowbar-openstack: - CVE-2016-8611: Added rate limiting for the '/images' API POST method...