21 matches found
TencentOS Server 4: python-django (TSSA-2024:0158)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0158 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
SUSE CVE-2021-45115
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user...
Debian DLA-3177-1 : python-django - LTS security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3177 advisory. It was discovered that there were multiple vulnerabilies in Django, a popular Python-based development framework: CVE-2022-28346: An issue was discovered in Djang...
[SECURITY] [] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3177-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb November 04, 2022 https://wiki.debian.org/LTS -...
[SECURITY] [] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3177-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb November 04, 2022 https://wiki.debian.org/LTS -...
Moderate: Red Hat Security Advisory: Satellite 6.11 Release
An update is now available for Red Hat Satellite 6.11 Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: libsolv: Heap-based buff...
Security fix for the ALT Linux 10 package python3-module-django version 3.2.11-alt1
3.2.11-alt1 built Jan. 24, 2022 Alexey Shabalin in task 293890 Jan. 18, 2022 Alexey Shabalin - new version 3.2.11 - Fixes for the following security vulnerabilities: + CVE-2021-45115 Prevented DoS vector in UserAttributeSimilarityValidator. + CVE-2021-45116 Fixed potential information disclosure ...
aimmo (>=0.61.9 <=1.3.3b690), ambition-edc (>=0.3.68 <=0.3.72) +71 more potentially affected by CVE-2021-45115 via django (>=2.2.0 <=2.2.25)
django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2021-45115 Source advisory: OSV:GHSA-53QW-Q765-4FWW...
ae-django-utils (=0.3.1), apollo-sdk (>=0.2.0 <=0.2.11) +32 more potentially affected by CVE-2021-45115 via django (>=4.0.0 <=4.0.0rc1)
django PYPI version =4.0.0, =0.2.0, =0.6.1, =2.16.1, =0.1.5, =1.0.7, =0.9.0, =0.4.0, =0.1.0, =0.1.1 and more Source cves: CVE-2021-45115 Source advisory: OSV:GHSA-53QW-Q765-4FWW...
Updated python-django packages fix security vulnerability
UserAttributeSimilarityValidator incurred significant overhead evaluating submitted password that were artificially large in relative to the comparison values. On the assumption that access to user registration was unrestricted this provided a potential vector for a denial-of-service attack...
Django < 2.2.26, 3.x < 3.2.11, 4.x < 4.0.1 Multiple Vulnerabilities - Linux
Django is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Django < 2.2.26, 3.x < 3.2.11, 4.x < 4.0.1 Multiple Vulnerabilities - Windows
Django is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Ubuntu: Security Advisory (USN-5204-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-45115
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user...
CVE-2021-45115
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user...
admin-tool-button (>=1.0.1a0 <=1.0.5a0), apis-ampel (=0.1.0) +51 more potentially affected by CVE-2021-45115 via django (>=3.2.0 <=3.2.10)
django PYPI version =3.2.0, =1.0.1a0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =22.0.0.dev30 - autoreduce-utils =0.1.0 - common-framework =2021.4.1 - directory-validators =9.0.0 - django-admin-taggit-ui =0.1.0.dev0 - django-blocklist =1.0.0 - django-brazilian-zipcode =0.1.0 -...
ae-django-utils (=0.3.1), apollo-sdk (>=0.2.0 <=0.2.11) +32 more potentially affected by CVE-2021-45115 via django (>=4.0.0 <=4.0.0rc1)
django PYPI version =4.0.0, =0.2.0, =0.6.1, =2.16.1, =0.1.5, =1.0.7, =0.9.0, =0.4.0, =0.1.0, =0.1.1 and more Source cves: CVE-2021-45115 Source advisory: OSV:PYSEC-2022-1...
aimmo (>=0.61.9 <=1.3.3b690), ambition-edc (>=0.3.68 <=0.3.72) +71 more potentially affected by CVE-2021-45115 via django (>=2.2.0 <=2.2.25)
django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2021-45115 Source advisory: OSV:PYSEC-2022-1...
FreeBSD : Django -- multiple vulnerabilities (d3e023fb-6e88-11ec-b948-080027240888)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d3e023fb-6e88-11ec-b948-080027240888 advisory. - An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1...
CVE-2021-45115
CVE-2021-45115 affects Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. The issue is in UserAttributeSimilarityValidator, which incurs significant CPU overhead when validating passwords that are artificially large relative to comparison values, potentially enabling a denial-of-s...