24 matches found
Mageia: Security Advisory (MGASA-2018-0166)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 10 package python3-module-django version 2.2.3-alt1
July 15, 2019 Alexey Shabalin 2.2.3-alt1 - 2.2.3 - build python3 only - rename package to python3-module-django2.2 - Fixes for the following security vulnerabilities: + CVE-2019-12781 Incorrect HTTP detection with reverse-proxy connecting via HTTPS + CVE-2019-12308 AdminURLFieldWidget XSS +...
Security fix for the ALT Linux 9 package python3-module-django version 2.2.3-alt1
July 15, 2019 Alexey Shabalin 2.2.3-alt1 - 2.2.3 - build python3 only - rename package to python3-module-django2.2 - Fixes for the following security vulnerabilities: + CVE-2019-12781 Incorrect HTTP detection with reverse-proxy connecting via HTTPS + CVE-2019-12308 AdminURLFieldWidget XSS +...
RHEL 7 : Red Hat Gluster Storage Web Administration (RHSA-2019:0265)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0265 advisory. Red Hat Gluster Storage Web Administration includes a fully automated setup based on Ansible and provides deep metrics and insights into...
Moderate: Red Hat Security Advisory: Red Hat Gluster Storage Web Administration security update
Updated packages are now available for Red Hat Gluster Storage 3.4 Web Administration Batch Update 3 on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
beanstalk-dispatch (>=0.0.3 <=0.0.5), cklauth (>=0.1.0 <=0.3.0) +120 more potentially affected by CVE-2018-7537 via django (>=2.0.0 <=2.0.2)
django PYPI version =2.0.0, =0.0.3, =0.1.0, =0.5.0, =3.0.0, =2.1.0, =1.1.0, =0.0.7, =0.1.0, =0.0.2, =1.3.0, =2.0.0, =2.0.2 - django-cas-server =1.0.0 and more Source cves: CVE-2018-7537 Source advisory: OSV:GHSA-2F9X-5V75-3QV4...
directory-validators (>=4.4.1 <=4.5.0), django-admin-caching (=0.1.3) +27 more potentially affected by CVE-2018-7537 via django (>=1.11.0 <=1.11.10)
django PYPI version =1.11.0, =4.4.1, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =0.1.2, =0.2.0 - django-inline-actions =1.1.0 - django-mbrowse =0.0.1 - django-misa =0.0.1 - django-mogi =0.0.1 and more Source cves: CVE-2018-7537 Source advisory: OSV:GHSA-2F9X-5V75-3QV4...
SUSE-SU-2018:1102-1 Security update for python-Django
This update for python-Django fixes the following issues: Security issues fixed: - CVE-2018-7537: Fixed catastrophic backtracking in django.utils.text.Truncator. bsc1083305 - CVE-2018-7536: Fixed catastrophic backtracking in urlize and urlizetrunc template filters. bsc1083304 - CVE-2017-12794:...
SUSE-SU-2018:0973-1 Security update for python-Django
This update for python-Django fixes the following issues: Security issues fixed: - CVE-2018-7537: Fixed catastrophic backtracking in django.utils.text.Truncator. bsc1083305 - CVE-2018-7536: Fixed catastrophic backtracking in urlize and urlizetrunc template filters. bsc1083304 - CVE-2017-12794:...
[SECURITY] [DSA 4161-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4161-1 [email protected] https://www.debian.org/security/ Luciano Bello April 01, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4161-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4161-1 [email protected] https://www.debian.org/security/ Luciano Bello April 01, 2018 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-4161-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : python-Django (openSUSE-2018-317)
This update for python-Django to version 1.18.18 fixes multiple issues. Security issues fixed : - CVE-2018-7537: Fixed catastrophic backtracking in django.utils.text.Truncator. bsc1083305 - CVE-2018-7536: Fixed catastrophic backtracking in urlize and urlizetrunc template filters bsc1083304. -...
openSUSE Security Update : python3-Django (openSUSE-2018-318)
This update for python3-Django to version 1.18.18 fixes multiple issues. Security issues fixed : - CVE-2018-7537: Fixed catastrophic backtracking in django.utils.text.Truncator. bsc1083305 - CVE-2018-7536: Fixed catastrophic backtracking in urlize and urlizetrunc template filters bsc1083304. -...
Debian: Security Advisory (DLA-1303-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated python-django packages fix security vulnerabilities
The python-django package has been updated to fix 2 security issues. CVE-2018-7536: Denial-of-service possibility in urlize and urlizetrunc template filters. CVE-2018-7537: Denial-of-service possibility in truncatecharshtml and truncatewordshtml template filters...
directory-validators (>=4.4.1 <=4.5.0), django-admin-caching (=0.1.3) +27 more potentially affected by CVE-2018-7537 via django (>=1.11.0 <=1.11.10)
django PYPI version =1.11.0, =4.4.1, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =0.1.2, =0.2.0 - django-inline-actions =1.1.0 - django-mbrowse =0.0.1 - django-misa =0.0.1 - django-mogi =0.0.1 and more Source cves: CVE-2018-7537 Source advisory: OSV:PYSEC-2018-6...
CVE-2018-7537
The CVE-2018-7537 vulnerability affects Django versions prior to 2.0.3, 1.11 prior to 1.11.11, and 1.8 prior to 1.8.19, where passing html=True to Truncator.chars() and Truncator.words() causes catastrophic backtracking in a regex, impacting the truncatechars_html and truncatewords_html template ...
OPENSUSE-SU-2018:0651-1 Security update for python-Django
This update for python-Django fixes the following issues: Update to 1.11.11 Fixes CVE-2018-7536, CVE-2018-7537...
Debian DLA-1303-1 : python-django security update
Several functions were extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in several regular expressions. CVE-2018-7536 The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in t...