Lucene search
+L

22 matches found

Tenable Nessus
Tenable Nessus
added 2020/10/29 12:0 a.m.39 views

RHEL 7 : python-django (RHSA-2020:4390)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4390 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as muc...

9.8CVSS7.1AI score0.47694EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2020/10/28 6:24 p.m.51 views

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.8AI score0.47694EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2020/06/23 12:0 a.m.33 views

Fedora: Security Advisory for python-django (FEDORA-2020-2e7d30f7aa)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.3AI score0.65336EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2020/05/01 12:0 a.m.79 views

GLSA-202004-17 : Django: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202004-17 Django: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Django. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, by sending specially crafted input,...

9.8CVSS6.7AI score0.65336EPSS
Exploits15References10
RedHat Linux
RedHat Linux
added 2020/04/06 9:2 a.m.80 views

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat OpenStack Platform 15 Stein. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.8AI score0.47694EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.37 views

openSUSE: Security Advisory for python-Django (openSUSE-SU-2019:1839-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.2AI score0.87218EPSS
Exploits4References2
vulnersOsv
vulnersOsv
added 2019/08/16 2:0 p.m.12 views

a3m (=0.1.0), aa-fleet (>=1.0.0 <=1.1.0) +654 more potentially affected by CVE-2019-14234 via django (>=2.2.0 <=2.2.3)

django PYPI version =2.2.0, =1.0.0, =1.1.12, =0.1.0a0, =0.1.0a0, =1.2.0a1, =2.0.0, =0.1.0, =1.1.0, =1.4.1, =1.6.0 - aiida-crystal17 =0.11.0 and more Source cves: CVE-2019-14234 Source advisory: OSV:GHSA-6R97-CJ55-9HRQ...

9.8CVSS6.7AI score0.47694EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/08/16 2:0 p.m.4 views

django-aesfield (=3.0.0), django-autoconfig (=0.8.0) +11 more potentially affected by CVE-2019-14234 via django (>=2.1.0 <=2.1.10)

django PYPI version =2.1.0, =0.1.0, =0.1.0, =0.3.0, =1.7.3, =0.0.3, =1.1.0, =0.1.2, =1.0.0rc2, =0.1.0, =0.2.0.dev2 Source cves: CVE-2019-14234 Source advisory: OSV:GHSA-6R97-CJ55-9HRQ...

9.8CVSS6.8AI score0.47694EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/08/16 2:0 p.m.5 views

admindjango-ckeditor-blog (=0.1.0), aileen (>=0.2.0.dev20181221 <=0.2.1) +43 more potentially affected by CVE-2019-14234 via django (>=1.11.0 <=1.11.22)

django PYPI version =1.11.0, =0.2.0.dev20181221, =0.0.19, =4.4.1, =1.0.0, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =1.0.1 - django-defender =0.5.0 and more Source cves: CVE-2019-14234 Source advisory: OSV:GHSA-6R97-CJ55-9HRQ...

9.8CVSS6.8AI score0.47694EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/13 12:0 a.m.41 views

Debian DSA-4498-1 : python-django - security update

Several vulnerabilities were discovered in python-django, a web development framework. They could lead to remote denial-of-service or SQL injection, C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4498. The...

9.8CVSS7.3AI score0.47694EPSS
Exploits0References9
Debian
Debian
added 2019/08/12 9:7 a.m.66 views

[SECURITY] [DSA 4498-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4498-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 12, 2019 https://www.debian.org/security/faq -...

7.5CVSS2.4AI score0.47694EPSS
Exploits0
Debian
Debian
added 2019/08/12 9:7 a.m.107 views

[SECURITY] [DSA 4498-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4498-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 12, 2019 https://www.debian.org/security/faq -...

9.8CVSS8.1AI score0.47694EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.53 views

Ubuntu 16.04 LTS / 18.04 LTS : Django vulnerabilities (USN-4084-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4084-1 advisory. It was discovered that Django incorrectly handled the Truncator function. A remote attacker could possibly use this issue to cause Django to...

9.8CVSS7.5AI score0.47694EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2019/08/09 1:15 p.m.5 views

django-aesfield (=3.0.0), django-autoconfig (=0.8.0) +11 more potentially affected by CVE-2019-14234 via django (>=2.1.0 <=2.1.10)

django PYPI version =2.1.0, =0.1.0, =0.1.0, =0.3.0, =1.7.3, =0.0.3, =1.1.0, =0.1.2, =1.0.0rc2, =0.1.0, =0.2.0.dev2 Source cves: CVE-2019-14234 Source advisory: OSV:PYSEC-2019-13...

9.8CVSS6.8AI score0.47694EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/08/09 1:15 p.m.4 views

admindjango-ckeditor-blog (=0.1.0), aileen (>=0.2.0.dev20181221 <=0.2.1) +43 more potentially affected by CVE-2019-14234 via django (>=1.11.0 <=1.11.22)

django PYPI version =1.11.0, =0.2.0.dev20181221, =0.0.19, =4.4.1, =1.0.0, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =1.0.1 - django-defender =0.5.0 and more Source cves: CVE-2019-14234 Source advisory: OSV:PYSEC-2019-13...

9.8CVSS6.8AI score0.47694EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/08/09 1:15 p.m.5 views

a3m (=0.1.0), aa-fleet (>=1.0.0 <=1.1.0) +654 more potentially affected by CVE-2019-14234 via django (>=2.2.0 <=2.2.3)

django PYPI version =2.2.0, =1.0.0, =1.1.12, =0.1.0a0, =0.1.0a0, =1.2.0a1, =2.0.0, =0.1.0, =1.1.0, =1.4.1, =1.6.0 - aiida-crystal17 =0.11.0 and more Source cves: CVE-2019-14234 Source advisory: OSV:PYSEC-2019-13...

9.8CVSS6.7AI score0.47694EPSS
Exploits0
CVE
CVE
added 2019/08/09 12:16 p.m.283 views

CVE-2019-14234

CVE-2019-14234 affects Django’s JSONField and HStoreField handling. The issue arises from an error in shallow key transformation that makes key/index lookups vulnerable to SQL injection when crafted via dictionaries passed to QuerySet.filter(), e.g., using special keys like a crafted name with OR...

9.8CVSS7.9AI score0.47694EPSS
Exploits0References9Affected Software1
ALT Linux
ALT Linux
added 2019/08/05 12:0 a.m.133 views

Security fix for the ALT Linux 9 package python3-module-django version 2.2.4-alt1

Aug. 5, 2019 Alexey Shabalin 2.2.4-alt1 - 2.2.4 - Fixes for the following security vulnerabilities: + CVE-2019-14232 Adjusted regex to avoid backtracking issues when truncating HTML + CVE-2019-14233 Prevented excessive HTMLParser recursion in striptags when handling incomplete HTML entities +...

7.5CVSS9.1AI score0.47694EPSS
Exploits0
ALT Linux
ALT Linux
added 2019/08/05 12:0 a.m.129 views

Security fix for the ALT Linux 10 package python3-module-django version 2.2.4-alt1

Aug. 5, 2019 Alexey Shabalin 2.2.4-alt1 - 2.2.4 - Fixes for the following security vulnerabilities: + CVE-2019-14232 Adjusted regex to avoid backtracking issues when truncating HTML + CVE-2019-14233 Prevented excessive HTMLParser recursion in striptags when handling incomplete HTML entities +...

7.5CVSS9.1AI score0.47694EPSS
Exploits0
ArchLinux
ArchLinux
added 2019/08/05 12:0 a.m.50 views

[ASA-201908-2] python-django: multiple issues

Arch Linux Security Advisory ASA-201908-2 ========================================= Severity: Medium Date : 2019-08-05 CVE-ID : CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235 Package : python-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1015...

9.8CVSS1.6AI score0.47694EPSS
Exploits0References10
Rows per page
Query Builder