Lucene search
K

20 matches found

OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.12 views

openSUSE Security Advisory (SUSE-SU-2024:2817-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.18516EPSS
Exploits3References9
OpenVAS
OpenVAS
added 2020/06/23 12:0 a.m.33 views

Fedora: Security Advisory for python-django (FEDORA-2020-2e7d30f7aa)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.3AI score0.65336EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2020/05/01 12:0 a.m.79 views

GLSA-202004-17 : Django: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202004-17 Django: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Django. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, by sending specially crafted input,...

9.8CVSS6.7AI score0.65336EPSS
Exploits15References10
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.37 views

openSUSE: Security Advisory for python-Django (openSUSE-SU-2019:1839-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.2AI score0.87218EPSS
Exploits4References2
ALT Linux
ALT Linux
added 2019/07/15 12:0 a.m.164 views

Security fix for the ALT Linux 9 package python3-module-django version 2.2.3-alt1

July 15, 2019 Alexey Shabalin 2.2.3-alt1 - 2.2.3 - build python3 only - rename package to python3-module-django2.2 - Fixes for the following security vulnerabilities: + CVE-2019-12781 Incorrect HTTP detection with reverse-proxy connecting via HTTPS + CVE-2019-12308 AdminURLFieldWidget XSS +...

5.8CVSS6.6AI score0.2549EPSS
Exploits0
ALT Linux
ALT Linux
added 2019/07/15 12:0 a.m.156 views

Security fix for the ALT Linux 10 package python3-module-django version 2.2.3-alt1

July 15, 2019 Alexey Shabalin 2.2.3-alt1 - 2.2.3 - build python3 only - rename package to python3-module-django2.2 - Fixes for the following security vulnerabilities: + CVE-2019-12781 Incorrect HTTP detection with reverse-proxy connecting via HTTPS + CVE-2019-12308 AdminURLFieldWidget XSS +...

5.8CVSS6.6AI score0.2549EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/07/08 12:0 a.m.31 views

Debian DSA-4476-1 : python-django - security update

Three security issues were found in Django, a Python web development framework, which could result in denial of service, incomplete sanitisation of clickable links or missing redirects of HTTP requests to HTTPS. C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

7.5CVSS6.2AI score0.05399EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2019/07/07 12:0 a.m.28 views

Debian: Security Advisory (DSA-4476-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.05399EPSS
Exploits0References4
Debian
Debian
added 2019/07/05 6:3 p.m.389 views

[SECURITY] [DSA 4476-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4476-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 05, 2019 https://www.debian.org/security/faq -...

7.5CVSS7.3AI score0.05399EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/07/02 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-4043-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.2AI score0.02563EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2019/07/01 11:2 a.m.83 views

USN-4043-1: Django vulnerabilities

It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10 and Ubuntu 19.04. CVE-2019-12308 Gavin Wahl discovered that Django incorrectly handled HTTP detection when...

6.1CVSS7.2AI score0.02563EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/06/26 12:0 a.m.58 views

Django AdminURLFieldWidget XSS Vulnerability - Linux

Django is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django";...

6.1CVSS6.7AI score0.02563EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/06/13 12:0 a.m.44 views

Fedora 30 : python-django (2019-57a4324120)

update to 2.1.9 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc. T...

6.1CVSS6.9AI score0.02563EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2019/06/10 6:43 p.m.6 views

aimmo (>=0.61.9 <=0.69.1b348), ambition-edc (>=0.3.68 <=0.3.72) +57 more potentially affected by CVE-2019-12308 via django (>=2.2.0 <=2.2.19)

django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2019-12308 Source advisory: OSV:GHSA-7RP2-FM2H-WCHJ...

6.1CVSS6.8AI score0.02563EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/06/10 6:43 p.m.2 views

boorunaut (>=0.1.0 <=0.4.2), burl (=1.0.0) +124 more potentially affected by CVE-2019-12308 via django (>=2.1.0 <=2.1.8)

django PYPI version =2.1.0, =0.1.0, =0.10.0, =2.4.0, =0.3.1, =0.1.6, =0.2.0, =0.2.1 - django-aesfield =3.0.0 - django-alexa =0.0.9 and more Source cves: CVE-2019-12308 Source advisory: OSV:GHSA-7RP2-FM2H-WCHJ...

6.1CVSS6.8AI score0.02563EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/06/03 5:29 p.m.2 views

boorunaut (>=0.1.0 <=0.4.2), burl (=1.0.0) +124 more potentially affected by CVE-2019-12308 via django (>=2.1.0 <=2.1.8)

django PYPI version =2.1.0, =0.1.0, =0.10.0, =2.4.0, =0.3.1, =0.1.6, =0.2.0, =0.2.1 - django-aesfield =3.0.0 - django-alexa =0.0.9 and more Source cves: CVE-2019-12308 Source advisory: OSV:PYSEC-2019-79...

6.1CVSS6.8AI score0.02563EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/06/03 5:29 p.m.5 views

admindjango-ckeditor-blog (=0.1.0), aileen (>=0.2.0.dev20181221 <=0.2.1) +41 more potentially affected by CVE-2019-12308 via django (>=1.11.0 <=1.11.20)

django PYPI version =1.11.0, =0.2.0.dev20181221, =0.0.19, =4.4.1, =1.0.0, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =1.0.1 - django-defender =0.5.0 and more Source cves: CVE-2019-12308 Source advisory: OSV:PYSEC-2019-79...

6.1CVSS6.8AI score0.02563EPSS
Exploits0
CVE
CVE
added 2019/06/03 4:24 p.m.422 views

CVE-2019-12308

The CVE-2019-12308 issue in Django affects the AdminURLFieldWidget, where the current URL value is displayed without validating it as a safe URL. This allows an unvalidated value stored in the database or supplied via a URL query to render as a clickable JavaScript link, enabling cross-site scrip...

6.1CVSS6.2AI score0.02563EPSS
In wildExploits0References17Affected Software1
Debian CVE
Debian CVE
added 2019/06/03 4:24 p.m.23 views

CVE-2019-12308

An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provid...

6.1CVSS6.7AI score0.02563EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/06/03 4:24 p.m.37 views

CVE-2019-12308

An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provid...

6.1CVSS6.5AI score0.02563EPSS
Exploits0
Rows per page
Query Builder