Lucene search
K

20 matches found

Debian
Debian
added 2024/02/29 7:11 p.m.34 views

[SECURITY] [DLA 3744-1] python-django security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3744-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 29, 2024 https://wiki.debian.org/LTS -...

7.5CVSS7.5AI score0.05291EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/09/15 12:0 a.m.45 views

RHEL 8 : Red Hat OpenStack Platform 16.2 (python-django20) (RHSA-2021:3490)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3490 advisory. Security Fixes: Potential directory-traversal via archive.extract CVE-2021-3281 Potential directory traversal via admindocs CVE-2021-33203...

7.5CVSS6.7AI score0.07605EPSS
Exploits1References10
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2021-0356)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.44369EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2021/12/11 12:0 a.m.47 views

RHEL 8 : Red Hat OpenStack Platform 16.1 (python-django20) (RHSA-2021:5070)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5070 advisory. Security Fixes: Potential directory-traversal via archive.extract CVE-2021-3281 potential directory-traversal via uploaded files...

7.5CVSS6.7AI score0.07605EPSS
Exploits1References13
RedHat Linux
RedHat Linux
added 2021/09/15 1:41 p.m.45 views

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-django20) security update

An update for python-django20 is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.6AI score0.07605EPSS
Exploits1References5
Mageia
Mageia
added 2021/07/16 8:25 a.m.67 views

Updated python-django package fixes security vulnerabilities

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability CVE-2021-28658. In Django 2.2 before 2.2.21, 3.1 before 3.1.9, an...

9.8CVSS1.7AI score0.44369EPSS
Exploits1References16
ALT Linux
ALT Linux
added 2021/07/13 12:0 a.m.135 views

Security fix for the ALT Linux 10 package python3-module-django version 2.2.24-alt1

July 13, 2021 Alexey Shabalin 2.2.24-alt1 - new version 2.2.24 - Fixes for the following security vulnerabilities: + CVE-2021-28658 Potential directory-traversal via uploaded files + CVE-2021-31542 Potential directory-traversal via uploaded files + CVE-2021-32052 Header injection possibility sinc...

5CVSS7AI score0.05291EPSS
Exploits0
ALT Linux
ALT Linux
added 2021/07/13 12:0 a.m.33 views

Security fix for the ALT Linux 9 package python3-module-django version 2.2.24-alt1

July 13, 2021 Alexey Shabalin 2.2.24-alt1 - new version 2.2.24 - Fixes for the following security vulnerabilities: + CVE-2021-28658 Potential directory-traversal via uploaded files + CVE-2021-31542 Potential directory-traversal via uploaded files + CVE-2021-32052 Header injection possibility sinc...

5CVSS7AI score0.05291EPSS
Exploits0
ArchLinux
ArchLinux
added 2021/06/15 12:0 a.m.162 views

[ASA-202106-41] python-django: multiple issues

Arch Linux Security Advisory ASA-202106-41 ========================================== Severity: Medium Date : 2021-06-15 CVE-ID : CVE-2021-33203 CVE-2021-33571 Package : python-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2026 Summary ======= The package...

7.5CVSS0.4AI score0.03058EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2021/06/10 5:21 p.m.3 views

aa-structuretimers (=1.2.2), admin-tool-button (>=1.0.1a0 <=1.0.5a0) +1094 more potentially affected by CVE-2021-33571 via django (>=3.2.0 <=3.2.3)

django PYPI version =3.2.0, =1.0.1a0, =1.4.2, =5.10.1, =2022.9.19, =2.0.0, =0.0.1, =1.0.0, =1.0.6, =3.2.17.0, =1.0.0a4.dev0, =2023.1.0.dev0 and more Source cves: CVE-2021-33571 Source advisory: OSV:GHSA-P99V-5W3C-JQQ9...

7.5CVSS7.1AI score0.03058EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/06/10 5:21 p.m.6 views

aimmo (>=0.61.9 <=0.69.10b450), ambition-edc (>=0.3.68 <=0.3.72) +65 more potentially affected by CVE-2021-33571 via django (>=2.2.0 <=2.2.22)

django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2021-33571 Source advisory: OSV:GHSA-P99V-5W3C-JQQ9...

7.5CVSS7AI score0.03058EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.32 views

Django < 2.2.24, 3.0 < 3.1.12, 3.2 < 3.2.4 Multiple Vulnerabilities - Windows

Django is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.4AI score0.03058EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

Django < 2.2.24, 3.0 < 3.1.12, 3.2 < 3.2.4 Multiple Vulnerabilities - Linux

Django is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.4AI score0.03058EPSS
Exploits0References1
OSV
OSV
added 2021/06/08 6:15 p.m.32 views

CVE-2021-33571

In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validateipv4address, and validateipv46address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. validateipv4address and...

7.5CVSS7.5AI score
Exploits0References8
vulnersOsv
vulnersOsv
added 2021/06/08 6:15 p.m.10 views

aa-structuretimers (=1.2.2), admin-tool-button (>=1.0.1a0 <=1.0.5a0) +1094 more potentially affected by CVE-2021-33571 via django (>=3.2.0 <=3.2.3)

django PYPI version =3.2.0, =1.0.1a0, =1.4.2, =5.10.1, =2022.9.19, =2.0.0, =0.0.1, =1.0.0, =1.0.6, =3.2.17.0, =1.0.0a4.dev0, =2023.1.0.dev0 and more Source cves: CVE-2021-33571 Source advisory: OSV:PYSEC-2021-99...

7.5CVSS7.1AI score0.03058EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/06/08 6:15 p.m.4 views

aimmo (>=0.61.9 <=0.69.10b450), ambition-edc (>=0.3.68 <=0.3.72) +65 more potentially affected by CVE-2021-33571 via django (>=2.2.0 <=2.2.22)

django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2021-33571 Source advisory: OSV:PYSEC-2021-99...

7.5CVSS7AI score0.03058EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/06/08 6:15 p.m.5 views

alcali (>=2018.3.4 <=3000.1.0), archivebox (>=0.4.6 <=0.4.21) +216 more potentially affected by CVE-2021-33571 via django (>=3.0.0 <=3.1.11)

django PYPI version =3.0.0, =2018.3.4, =0.4.6, =1.0.0, =0.1.0, =0.1.0, =0.1.3, =0.1.3, =0.18.0, =0.3.0, =2.8.0, =0.0.1, =0.0.32, =0.0.33 and more Source cves: CVE-2021-33571 Source advisory: OSV:PYSEC-2021-99...

7.5CVSS7AI score0.03058EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/06/07 12:0 a.m.45 views

Debian DLA-2676-1 : python-django security update

Two issues were discovered in Django, the Python-based web development framework : - CVE-2021-33203: Potential directory traversal via admindocs Staff members could use the admindocs TemplateDetailView view to check the existence of arbitrary files. Additionally, if and only if the default...

7.5CVSS6.7AI score0.03058EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/06/06 12:0 a.m.30 views

Debian: Security Advisory (DLA-2676-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.03058EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/06/02 9:0 a.m.37 views

CVE-2021-33571

In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validateipv4address, and validateipv46address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. validateipv4address and...

7.5CVSS7.1AI score0.03058EPSS
Exploits0References3
Rows per page
Query Builder