Lucene search
K

13 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.3 views

SUSE CVE-2020-9402

Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escapi...

7.6CVSS9.2AI score0.22513EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/04/21 1:15 p.m.242 views

Moderate: Red Hat Security Advisory: Satellite 6.9 Release

An update is now available for Red Hat Satellite 6.9 for RHEL 7. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: foreman:...

9.8CVSS7AI score0.45732EPSS
Exploits9References326
OpenVAS
OpenVAS
added 2020/06/23 12:0 a.m.29 views

Fedora: Security Advisory for python-django (FEDORA-2020-c2639662af)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.6AI score0.65336EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2020/06/23 12:0 a.m.33 views

Fedora: Security Advisory for python-django (FEDORA-2020-2e7d30f7aa)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.3AI score0.65336EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2020/06/22 12:0 a.m.46 views

Fedora 31 : python-django (2020-2e7d30f7aa)

Security fix for CVE-2020-7471. - Security fix for CVE-2020-9402. - Security fix for CVE-2020-13254. - Security fix for CVE-2020-13596. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...

9.8CVSS6.9AI score0.65336EPSS
Exploits9References5
Tenable Nessus
Tenable Nessus
added 2020/06/22 12:0 a.m.31 views

Fedora 32 : python-django (2020-c2639662af)

Security fix for CVE-2020-7471. - Security fix for CVE-2020-9402. - Security fix for CVE-2020-13254. - Security fix for CVE-2020-13596. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...

9.8CVSS6.9AI score0.65336EPSS
Exploits9References5
Debian
Debian
added 2020/06/18 8:51 a.m.108 views

[SECURITY] [DSA 4705-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4705-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 18, 2020 https://www.debian.org/security/faq -...

8.8CVSS8.1AI score0.22513EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/05/01 12:0 a.m.79 views

GLSA-202004-17 : Django: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202004-17 Django: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Django. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, by sending specially crafted input,...

9.8CVSS6.7AI score0.65336EPSS
Exploits15References10
ALT Linux
ALT Linux
added 2020/04/12 12:0 a.m.35 views

Security fix for the ALT Linux 9 package python3-module-django version 2.2.12-alt1

April 12, 2020 Alexey Shabalin 2.2.12-alt1 - 2.2.12 - Fixes for the following security vulnerabilities: + CVE-2019-19118 Privilege escalation in the Django admin. + CVE-2019-19844 Potential account hijack via password reset form + CVE-2020-7471 Potential SQL injection via StringAggdelimiter +...

7.5CVSS9.2AI score0.65336EPSS
Exploits15
vulnersOsv
vulnersOsv
added 2020/03/05 3:15 p.m.5 views

ambition-edc (>=0.3.68 <=0.3.72), caluma (>=5.2.1 <=5.3.1) +28 more potentially affected by CVE-2020-9402 via django (>=2.2.0 <=2.2.10)

django PYPI version =2.2.0, =0.3.68, =5.2.1, =0.1.0, =0.0.1, =0.0.1, =0.0.1, =0.0.26 - django-smorest =0.1.3 - djangorestframework-simplejwt-captcha =1.1.4 - djpub =0.0.1 and more Source cves: CVE-2020-9402 Source advisory: OSV:PYSEC-2020-345...

8.8CVSS6.4AI score0.22513EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2020/03/05 3:15 p.m.8 views

ambition-edc (>=0.3.68 <=0.3.72), caluma (>=5.2.1 <=5.3.1) +28 more potentially affected by CVE-2020-9402 via django (>=2.2.0 <=2.2.10)

django PYPI version =2.2.0, =0.3.68, =5.2.1, =0.1.0, =0.0.1, =0.0.1, =0.0.1, =0.0.26 - django-smorest =0.1.3 - djangorestframework-simplejwt-captcha =1.1.4 - djpub =0.0.1 and more Source cves: CVE-2020-9402 Source advisory: OSV:PYSEC-2020-36...

8.8CVSS6.7AI score0.22513EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2020/03/05 3:15 p.m.5 views

admindjango-ckeditor-blog (=0.1.0), aiida-core (=1.0.0) +53 more potentially affected by CVE-2020-9402 via django (>=1.11.0 <=1.11.28)

django PYPI version =1.11.0, =0.2.0.dev20181221, =0.28.0, =3.1.4, =2.19.0, =0.0.19, =4.4.1, =1.0.0, =0.6.0, =0.7.2 and more Source cves: CVE-2020-9402 Source advisory: OSV:PYSEC-2020-36...

8.8CVSS6.7AI score0.22513EPSS
Exploits0
CVE
CVE
added 2020/03/05 2:49 p.m.226 views

CVE-2020-9402

CVE-2020-9402 affects Django: SQL injection via a tolerance parameter in GIS functions/aggregates when using Oracle. Affected versions are Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4. The root cause is improper escaping allowing crafted tolerance to inject SQL. Remediation...

8.8CVSS8.7AI score0.22513EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder