Lucene search
K

18 matches found

Debian
Debian
added 2024/02/29 7:11 p.m.34 views

[SECURITY] [DLA 3744-1] python-django security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3744-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 29, 2024 https://wiki.debian.org/LTS -...

7.5CVSS7.5AI score0.05291EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2021-0356)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.44369EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2021/12/11 12:0 a.m.47 views

RHEL 8 : Red Hat OpenStack Platform 16.1 (python-django20) (RHSA-2021:5070)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5070 advisory. Security Fixes: Potential directory-traversal via archive.extract CVE-2021-3281 potential directory-traversal via uploaded files...

7.5CVSS6.7AI score0.07605EPSS
Exploits1References13
Mageia
Mageia
added 2021/07/16 8:25 a.m.67 views

Updated python-django package fixes security vulnerabilities

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability CVE-2021-28658. In Django 2.2 before 2.2.21, 3.1 before 3.1.9, an...

9.8CVSS1.7AI score0.44369EPSS
Exploits1References16
ALT Linux
ALT Linux
added 2021/07/13 12:0 a.m.135 views

Security fix for the ALT Linux 10 package python3-module-django version 2.2.24-alt1

July 13, 2021 Alexey Shabalin 2.2.24-alt1 - new version 2.2.24 - Fixes for the following security vulnerabilities: + CVE-2021-28658 Potential directory-traversal via uploaded files + CVE-2021-31542 Potential directory-traversal via uploaded files + CVE-2021-32052 Header injection possibility sinc...

5CVSS7AI score0.05291EPSS
Exploits0
ALT Linux
ALT Linux
added 2021/07/13 12:0 a.m.33 views

Security fix for the ALT Linux 9 package python3-module-django version 2.2.24-alt1

July 13, 2021 Alexey Shabalin 2.2.24-alt1 - new version 2.2.24 - Fixes for the following security vulnerabilities: + CVE-2021-28658 Potential directory-traversal via uploaded files + CVE-2021-31542 Potential directory-traversal via uploaded files + CVE-2021-32052 Header injection possibility sinc...

5CVSS7AI score0.05291EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/05/13 12:0 a.m.23 views

Fedora: Security Advisory for python-django (FEDORA-2021-01044b8a59)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.5AI score0.05291EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/10 12:0 a.m.35 views

Debian: Security Advisory (DLA-2622-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.8AI score0.03865EPSS
Exploits0References3
Debian
Debian
added 2021/04/09 11:47 a.m.81 views

[SECURITY] [DLA 2622-1] python-django security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2622-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb April 09, 2021 https://wiki.debian.org/LTS -...

5.3CVSS5.7AI score0.03865EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/04/08 6:11 p.m.5 views

atila-vue (>=0.1.3 <=0.1.3.5), contrail (>=0.3.0 <=1.0.2) +28 more potentially affected by CVE-2021-28658 via django (>=3.0.0 <=3.0.11)

django PYPI version =3.0.0, =0.1.3, =0.3.0, =0.1.1, =0.0.1, =0.0.1, =0.2.1, =0.8.0, =0.7.0, =0.10.0, =0.5.0, =0.6.4 and more Source cves: CVE-2021-28658 Source advisory: OSV:GHSA-XGXC-V2QG-CHMH...

5.3CVSS6.7AI score0.03865EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/04/07 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-4902-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.2AI score0.03865EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/07 12:0 a.m.19 views

Django 2.2 < 2.2.20, 3.0 < 3.0.14, 3.1 < 3.1.8 Directory Traversal Vulnerability - Windows

Django is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if...

5.3CVSS6.1AI score0.03865EPSS
Exploits0References1
OSV
OSV
added 2021/04/06 3:15 p.m.1 views

DEBIAN-CVE-2021-28658

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability...

5.3CVSS6.6AI score0.03865EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2021/04/06 3:15 p.m.6 views

atila-vue (>=0.1.3 <=0.1.3.5), contrail (>=0.3.0 <=1.0.2) +28 more potentially affected by CVE-2021-28658 via django (>=3.0.0 <=3.0.11)

django PYPI version =3.0.0, =0.1.3, =0.3.0, =0.1.1, =0.0.1, =0.0.1, =0.2.1, =0.8.0, =0.7.0, =0.10.0, =0.5.0, =0.6.4 and more Source cves: CVE-2021-28658 Source advisory: OSV:PYSEC-2021-6...

5.3CVSS6.7AI score0.03865EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/04/06 3:15 p.m.5 views

aether-sdk (>=1.3.4 <=1.3.8), alcali (=3003.1.0) +232 more potentially affected by CVE-2021-28658 via django (>=3.1.0 <=3.1.7)

django PYPI version =3.1.0, =1.3.4, =0.2.0, =0.16.12, =0.8.8, =0.5.0, =0.1.0, =1.0.0b3, =2.2.0, =0.0.1, =2.11.0, =2.12.6 and more Source cves: CVE-2021-28658 Source advisory: OSV:PYSEC-2021-6...

5.3CVSS6.6AI score0.03865EPSS
Exploits0
CVE
CVE
added 2021/04/06 2:51 p.m.188 views

CVE-2021-28658

Django vulnerability CVE-2021-28658 affects MultiPartParser in Django 2.2 (before 2.2.20), 3.0 (before 3.0.14), and 3.1 (before 3.1.8). A crafted filename in an uploaded file could trigger directory traversal; built-in upload handlers are not affected. Remediation: upgrade to the fixed releases (...

5.3CVSS5.5AI score0.03865EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2021/04/06 2:51 p.m.31 views

CVE-2021-28658

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability...

5.3CVSS6.4AI score0.03865EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/04/06 8:0 a.m.33 views

CVE-2021-28658

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability...

5.3CVSS6.8AI score0.03865EPSS
Exploits0References3
Rows per page
Query Builder