Lucene search
+L

6 matches found

Tenable Nessus
Tenable Nessus
added 2022/07/22 12:0 a.m.53 views

Debian DSA-5186-1 : djangorestframework - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dsa-5186 advisory. Two cross-site scripting vulnerabilities were discovered in the Django Rest Framework, a toolkit to build web APIs. For the oldstable distribution buster, this problem has...

6.1CVSS5.8AI score0.01286EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/04/16 12:0 a.m.21 views

openSUSE: Security Advisory for python-djangorestframework (openSUSE-SU-2021:0322-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.4AI score0.01286EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2021/03/19 9:32 p.m.9 views

alcali (>=2018.3.1 <=3000.1.0), atlantisbot-api (>=0.1.0 <=0.1.1) +131 more potentially affected by CVE-2020-25626 via djangorestframework (>=2.3.13 <=3.11.1)

djangorestframework PYPI version =2.3.13, =2018.3.1, =0.1.0, =3.5.34, =0.0.1, =0.0.1, =5.2.1, =0.3.1, =1.0.1, =0.0.1, =0.4.0, =0.0.1, =0.3.0b2, =0.7.0 and more Source cves: CVE-2020-25626 Source advisory: OSV:GHSA-FX83-3PH3-9J2Q...

6.1CVSS6.3AI score0.01286EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/02/25 12:0 a.m.37 views

openSUSE Security Update : python-djangorestframework (openSUSE-2021-322)

This update for python-djangorestframework fixes the following issues : Update to 3.11.2 - Security: Drop urlizequotedlinks template tag in favour of Django's built-in urlize. Removes a XSS vulnerability for some kinds of content in the browsable API. boo1177205, CVE-2020-25626 - update Django fo...

6.1CVSS6.1AI score0.01286EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/02/22 12:0 a.m.36 views

Security update for python-djangorestframework (important)

openSUSE Security Update: Security update for python-djangorestframework Announcement ID: openSUSE-SU-2021:0322-1 Rating: important References: 1177205 Cross-References: CVE-2020-25626 CVSS scores: CVE-2020-25626 NVD : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2020-25626 SUSE: 7.1...

7.1CVSS6AI score0.01286EPSS
Exploits0References1
CVE
CVE
added 2020/09/30 7:24 p.m.225 views

CVE-2020-25626

CVE-2020-25626 affects Django REST Framework (DRF) with versions prior to 3.12.0 and prior to 3.11.2. The flaw is an improper escape of certain user-controlled strings in the browseable API viewer, allowing injection of script tags (XSS). Impact is limited to cases where attackers can influence t...

6.1CVSS5.8AI score0.01286EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder