Lucene search
+L

27 matches found

debian
debian
added 2024/02/29 7:11 p.m.34 views

[SECURITY] [DLA 3744-1] python-django security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3744-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 29, 2024 https://wiki.debian.org/LTS -...

7.5CVSS7.5AI score0.05291EPSS
Exploits0
nessus
nessus
added 2022/09/15 12:0 a.m.45 views

RHEL 8 : Red Hat OpenStack Platform 16.2 (python-django20) (RHSA-2021:3490)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3490 advisory. Security Fixes: Potential directory-traversal via archive.extract CVE-2021-3281 Potential directory traversal via admindocs CVE-2021-33203...

7.5CVSS6.7AI score0.07605EPSS
Exploits1References10
openvas
openvas
added 2022/08/26 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-4975-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9CVSS6.4AI score0.02737EPSS
Exploits0References2
openvas
openvas
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2021-0356)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.44369EPSS
Exploits1References18
nessus
nessus
added 2021/12/11 12:0 a.m.47 views

RHEL 8 : Red Hat OpenStack Platform 16.1 (python-django20) (RHSA-2021:5070)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5070 advisory. Security Fixes: Potential directory-traversal via archive.extract CVE-2021-3281 potential directory-traversal via uploaded files...

7.5CVSS6.7AI score0.07605EPSS
Exploits1References13
redhat
redhat
added 2021/09/15 1:41 p.m.45 views

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-django20) security update

An update for python-django20 is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.6AI score0.07605EPSS
Exploits1References5
mageia
mageia
added 2021/07/16 8:25 a.m.67 views

Updated python-django package fixes security vulnerabilities

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability CVE-2021-28658. In Django 2.2 before 2.2.21, 3.1 before 3.1.9, an...

9.8CVSS1.7AI score0.44369EPSS
Exploits1References16
altlinux
altlinux
added 2021/07/13 12:0 a.m.135 views

Security fix for the ALT Linux 10 package python3-module-django version 2.2.24-alt1

July 13, 2021 Alexey Shabalin 2.2.24-alt1 - new version 2.2.24 - Fixes for the following security vulnerabilities: + CVE-2021-28658 Potential directory-traversal via uploaded files + CVE-2021-31542 Potential directory-traversal via uploaded files + CVE-2021-32052 Header injection possibility sinc...

5CVSS7AI score0.05291EPSS
Exploits0
altlinux
altlinux
added 2021/07/13 12:0 a.m.33 views

Security fix for the ALT Linux 9 package python3-module-django version 2.2.24-alt1

July 13, 2021 Alexey Shabalin 2.2.24-alt1 - new version 2.2.24 - Fixes for the following security vulnerabilities: + CVE-2021-28658 Potential directory-traversal via uploaded files + CVE-2021-31542 Potential directory-traversal via uploaded files + CVE-2021-32052 Header injection possibility sinc...

5CVSS7AI score0.05291EPSS
Exploits0
archlinux
archlinux
added 2021/06/15 12:0 a.m.162 views

[ASA-202106-41] python-django: multiple issues

Arch Linux Security Advisory ASA-202106-41 ========================================== Severity: Medium Date : 2021-06-15 CVE-ID : CVE-2021-33203 CVE-2021-33571 Package : python-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2026 Summary ======= The package...

7.5CVSS0.4AI score0.03058EPSS
Exploits0References7
vulnersosv
vulnersosv
added 2021/06/10 5:21 p.m.4 views

alcali (>=2018.3.4 <=3000.1.0), archivebox (>=0.4.6 <=0.4.21) +216 more potentially affected by CVE-2021-33203 via django (>=3.0.0 <=3.1.11)

django PYPI version =3.0.0, =2018.3.4, =0.4.6, =1.0.0, =0.1.0, =0.1.0, =0.1.3, =0.1.3, =0.18.0, =0.3.0, =2.8.0, =0.0.1, =0.0.32, =0.0.33 and more Source cves: CVE-2021-33203 Source advisory: OSV:GHSA-68W8-QJQ3-2GFM...

4.9CVSS6.7AI score0.02737EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/06/10 5:21 p.m.4 views

acclaim-badges (=0.1.0), adarnauth-esi (>=1.4.0 <=1.4.2) +719 more potentially affected by CVE-2021-33203 via django (>=1.10.0 <=2.2.22)

django PYPI version =1.10.0, =1.4.0, =0.2.0.dev20181221, =0.0.0.post0.dev128, =1.0.2, =1.1.1, =1.0.13, =3.0.4, =1.1.1, =1.0.7, =1.0.8 and more Source cves: CVE-2021-33203 Source advisory: OSV:GHSA-68W8-QJQ3-2GFM...

4.9CVSS6.5AI score0.02737EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/06/10 5:21 p.m.4 views

aa-structuretimers (=1.2.2), admin-tool-button (>=1.0.1a0 <=1.0.5a0) +1094 more potentially affected by CVE-2021-33203 via django (>=3.2.0 <=3.2.3)

django PYPI version =3.2.0, =1.0.1a0, =1.4.2, =5.10.1, =2022.9.19, =2.0.0, =0.0.1, =1.0.0, =1.0.6, =3.2.17.0, =1.0.0a4.dev0, =2023.1.0.dev0 and more Source cves: CVE-2021-33203 Source advisory: OSV:GHSA-68W8-QJQ3-2GFM...

4.9CVSS6.6AI score0.02737EPSS
Exploits0
openvas
openvas
added 2021/06/09 12:0 a.m.30 views

Django < 2.2.24, 3.0 < 3.1.12, 3.2 < 3.2.4 Multiple Vulnerabilities - Linux

Django is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.4AI score0.03058EPSS
Exploits0References1
openvas
openvas
added 2021/06/09 12:0 a.m.32 views

Django < 2.2.24, 3.0 < 3.1.12, 3.2 < 3.2.4 Multiple Vulnerabilities - Windows

Django is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.4AI score0.03058EPSS
Exploits0References1
osv
osv
added 2021/06/08 6:15 p.m.32 views

CVE-2021-33203

Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if and only if the default admindocs templates have been...

4.9CVSS6AI score
Exploits0References5
vulnersosv
vulnersosv
added 2021/06/08 6:15 p.m.3 views

aa-structuretimers (=1.2.2), admin-tool-button (>=1.0.1a0 <=1.0.5a0) +1094 more potentially affected by CVE-2021-33203 via django (>=3.2.0 <=3.2.3)

django PYPI version =3.2.0, =1.0.1a0, =1.4.2, =5.10.1, =2022.9.19, =2.0.0, =0.0.1, =1.0.0, =1.0.6, =3.2.17.0, =1.0.0a4.dev0, =2023.1.0.dev0 and more Source cves: CVE-2021-33203 Source advisory: OSV:PYSEC-2021-98...

4.9CVSS6.6AI score0.02737EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/06/08 6:15 p.m.4 views

alcali (>=2018.3.4 <=3000.1.0), archivebox (>=0.4.6 <=0.4.21) +216 more potentially affected by CVE-2021-33203 via django (>=3.0.0 <=3.1.11)

django PYPI version =3.0.0, =2018.3.4, =0.4.6, =1.0.0, =0.1.0, =0.1.0, =0.1.3, =0.1.3, =0.18.0, =0.3.0, =2.8.0, =0.0.1, =0.0.32, =0.0.33 and more Source cves: CVE-2021-33203 Source advisory: OSV:PYSEC-2021-98...

4.9CVSS6.7AI score0.02737EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/06/08 6:15 p.m.4 views

acclaim-badges (=0.1.0), adarnauth-esi (>=1.4.0 <=1.4.2) +719 more potentially affected by CVE-2021-33203 via django (>=1.10.0 <=2.2.22)

django PYPI version =1.10.0, =1.4.0, =0.2.0.dev20181221, =0.0.0.post0.dev128, =1.0.2, =1.1.1, =1.0.13, =3.0.4, =1.1.1, =1.0.7, =1.0.8 and more Source cves: CVE-2021-33203 Source advisory: OSV:PYSEC-2021-98...

4.9CVSS6.5AI score0.02737EPSS
Exploits0
cve
cve
added 2021/06/08 5:52 p.m.239 views

CVE-2021-33203

CVE-2021-33203 affects Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4. A directory traversal flaw via django.contrib.admindocs allows staff using the admindocs TemplateDetailView to check the existence of arbitrary files, and, if default admindocs templates were customized to dis...

4.9CVSS6.2AI score0.02737EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder