Lucene search
+L

116 matches found

OSV
OSV
added 2024/03/04 3:4 p.m.7 views

USN-6674-1 python-django vulnerability

Seokchan Yoon discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service...

5.3CVSS6.8AI score0.01854EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2024/03/04 3:4 p.m.46 views

USN-6674-1: Django vulnerability

Seokchan Yoon discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service...

5.3CVSS6.8AI score0.01854EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/03/04 9:0 a.m.30 views

CVE-2024-27351

In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True and the truncatewordshtml template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because ...

5.3CVSS6.8AI score0.01854EPSS
Exploits0References4
OSV
OSV
added 2024/03/04 9:0 a.m.5 views

UBUNTU-CVE-2024-27351

In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True and the truncatewordshtml template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because ...

5.3CVSS6.8AI score0.01854EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/04 12:0 a.m.6 views

Django Security Vulnerabilities

Django is the Django Foundation's set of open source Web application framework based on the Python language . The framework includes an object-oriented mapper, a view system, a template system, and more. Django versions 5.0, 4.2, 3.2 have a security vulnerability that stems from a denial of servi...

5.3CVSS6.7AI score0.01854EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2023/11/03 6:36 a.m.51 views

Django Denial-of-service in django.utils.text.Truncator

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

7.5CVSS7.1AI score0.01225EPSS
Exploits0References16Affected Software1
OSV
OSV
added 2023/11/03 6:36 a.m.1 views

GHSA-H8GC-PGJ2-VJM3 Django Denial-of-service in django.utils.text.Truncator

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

8.7CVSS6.8AI score0.01225EPSS
Exploits0References16
OSV
OSV
added 2023/11/03 5:15 a.m.2 views

DEBIAN-CVE-2023-43665

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

7.5CVSS6.6AI score0.01225EPSS
Exploits0References1
PyPA
PyPA
added 2023/11/03 5:15 a.m.5 views

PYSEC-2023-226

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

7.5CVSS6.8AI score0.03502EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/11/03 5:15 a.m.7 views

PYSEC-2023-226

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

7.5CVSS6.8AI score0.01225EPSS
Exploits0References4
OSV
OSV
added 2023/11/03 12:0 a.m.22 views

CVE-2023-43665

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

7.5CVSS8.3AI score0.01225EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2023/10/30 1:22 a.m.6 views

python-django: Denial-of-service possibility in django.utils.text.Truncator

An inefficient regular expression complexity was found in Django. The text truncator regular expressions exhibit linear backtracking complexity, which can be slow, leading to a potential denial of service, given certain HTML inputs...

7.5CVSS7AI score0.01225EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/10/16 3:39 p.m.6 views

python-django: Denial-of-service possibility in django.utils.text.Truncator

An inefficient regular expression complexity was found in Django. The text truncator regular expressions exhibit linear backtracking complexity, which can be slow, leading to a potential denial of service, given certain HTML inputs...

7.5CVSS7AI score0.01225EPSS
Exploits0References5
OSV
OSV
added 2023/10/13 11:6 a.m.3 views

OESA-2023-1722 python-django security update

Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An inefficient regular expression complexity was found in Django. The text truncator regular expressions exhibit linear backtracking complexity, which can be slow, leading to...

7.5CVSS6.7AI score0.01225EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/10/06 1:45 a.m.3 views

SUSE CVE-2023-43665

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

5.3CVSS7.8AI score0.01225EPSS
Exploits0References11
OSV
OSV
added 2023/10/04 10:1 p.m.4 views

USN-6414-2 python-django vulnerabilities

USN-6414-1 and USN-6378-1 fixed CVE-2023-43665 and CVE-2023-41164 in Django, respectively. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote...

7.5CVSS6.8AI score0.01273EPSS
Exploits0References3
OSV
OSV
added 2023/10/04 4:25 p.m.6 views

USN-6414-1 python-django vulnerability

Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service...

7.5CVSS6.8AI score0.01225EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/10/04 4:25 p.m.55 views

USN-6414-1: Django vulnerability

Wenchao Li discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service...

7.5CVSS6.8AI score0.01225EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2023/10/04 3:0 p.m.34 views

CVE-2023-43665

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

7.5CVSS6.8AI score0.01225EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/10/04 12:0 a.m.9 views

PT-2023-6558

Name of the Vulnerable Software and Affected Versions Django versions 3.2 before 3.2.22 Django versions 4.1 before 4.1.12 Django versions 4.2 before 4.2.6 Description The issue is related to the django.utils.text.Truncator chars and words methods when used with html=True, which can be subject to ...

8.7CVSS6.7AI score0.01225EPSS
Exploits0References161
Rows per page
Query Builder