Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 4: python-django (TSSA-2024:0158)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0158 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.8CVSS7.4AI score0.73274EPSS
Exploits5References9
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.28 views

openSUSE: Security Advisory for python (openSUSE-SU-2022:10103-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.00657EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/04/29 12:0 a.m.33 views

Fedora: Security Advisory for python-django (FEDORA-2023-a53ab7c969)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.73274EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2023/04/29 12:0 a.m.39 views

Fedora: Security Advisory for python-django (FEDORA-2023-8fed428c5e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.73274EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2023/04/28 12:0 a.m.52 views

Fedora 37 : python-django (2023-8fed428c5e)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-8fed428c5e advisory. Security fix for: - CVE-2023-24580 - CVE-2023-23969 - CVE-2022-41323 - CVE-2022-36359 - CVE-2022-34265 - CVE-2022-28346 - CVE-2022-28347...

9.8CVSS7.1AI score0.73274EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2023/04/28 12:0 a.m.45 views

Fedora 38 : python-django (2023-a53ab7c969)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a53ab7c969 advisory. Security fix for: - CVE-2023-24580 - CVE-2023-23969 - CVE-2022-41323 - CVE-2022-36359 - CVE-2022-34265 - CVE-2022-28346 - CVE-2022-28347...

9.8CVSS7.1AI score0.73274EPSS
Exploits6References8
Debian
Debian
added 2022/10/15 4:0 p.m.77 views

[SECURITY] [DSA 5254-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5254-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 15, 2022 https://www.debian.org/security/faq -...

9.8CVSS9.3AI score0.73274EPSS
Exploits7
ALT Linux
ALT Linux
added 2022/08/30 12:0 a.m.107 views

Security fix for the ALT Linux 10 package python3-module-django version 3.2.15-alt1

3.2.15-alt1 built Aug. 30, 2022 Alexey Shabalin in task 305627 Aug. 22, 2022 Alexey Shabalin - new version 3.2.15 - Fixes for the following security vulnerabilities: + CVE-2022-34265 Potential SQL injection via Trunckind and Extractlookupname arguments. + CVE-2022-36359 Potential reflected file...

7.5CVSS9.9AI score0.73274EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2022/08/28 12:0 a.m.37 views

openSUSE 15 Security Update : python-Django (openSUSE-SU-2022:10103-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2022:10103-1 advisory. - An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a...

8.8CVSS8AI score0.00657EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2022/08/27 12:0 a.m.44 views

Security update for python-Django (important)

openSUSE Security Update: Security update for python-Django Announcement ID: openSUSE-SU-2022:10103-1 Rating: important References: 1201923 Cross-References: CVE-2022-36359 CVSS scores: CVE-2022-36359 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-36359 SUSE: 7.3...

7.3CVSS7AI score0.00657EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/08/11 2:49 p.m.4 views

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +228 more potentially affected by CVE-2022-36359 +1 more via django (>=4.0.0 <=4.0.6)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =3.1.1, =3.6.4, =0.10.0, =1.1.2, =0.2.0, =0.6.1, =0.6.10 and more Source cves: CVE-2022-36359, CVE-2022-45442 Source advisory: OSV:GHSA-8X94-HMJH-97HQ...

8.8CVSS6.8AI score0.00657EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/08/11 2:49 p.m.4 views

a3m (=0.1.0), aa-fleet (>=1.0.0 <=1.1.0) +1477 more potentially affected by CVE-2022-36359 +1 more via django (>=1.10.0 <=3.2.14)

django PYPI version =1.10.0, =1.0.0, =1.4.0, =1.0.1a0, =1.1.12, =0.1.0a0, =0.1.0a0, =1.2.0a1, =1.3.0 and more Source cves: CVE-2022-36359, CVE-2022-45442 Source advisory: OSV:GHSA-8X94-HMJH-97HQ...

8.8CVSS6.8AI score0.00657EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/08/05 12:0 a.m.43 views

FreeBSD : Django -- multiple vulnerabilities (3b47104f-1461-11ed-a0c5-080027240888)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3b47104f-1461-11ed-a0c5-080027240888 advisory. - An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before...

8.8CVSS8.1AI score0.00657EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/08/05 12:0 a.m.65 views

Ubuntu 20.04 LTS / 22.04 LTS : Django vulnerability (USN-5549-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5549-1 advisory. It was discovered that Django incorrectly handled certain FileResponse. An attacker could possibly use this issue to expose sensitive information or...

8.8CVSS8.1AI score0.00657EPSS
Exploits0References2
Circl
Circl
added 2022/08/03 6:18 p.m.10 views

CVE-2022-36359

creationtimestamp| type| source ---|---|--- 2022-08-03 18:18:42+00:00| seen| https://t.me/cibsecurity/47490 2025-03-04 05:49:27+00:00| seen| https://gist.github.com/saburi-pp/237b36513b29209ae31133136478b20e...

8.8CVSS7.6AI score0.00657EPSS
Exploits0References2
NVD
NVD
added 2022/08/03 2:15 p.m.18 views

CVE-2022-36359

An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input...

8.8CVSS0.00657EPSS
Exploits0References8
vulnersOsv
vulnersOsv
added 2022/08/03 2:15 p.m.5 views

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +228 more potentially affected by CVE-2022-36359 via django (>=4.0.0 <=4.0.6)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =3.1.1, =3.6.4, =0.10.0, =1.1.2, =0.2.0, =0.6.1, =0.6.10 and more Source cves: CVE-2022-36359 Source advisory: OSV:PYSEC-2022-245...

8.8CVSS7.1AI score0.00657EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/08/03 2:15 p.m.4 views

admin-tool-button (>=1.0.1a0 <=1.0.5a0), aimmo (>=2.0.0 <=2.4.3) +91 more potentially affected by CVE-2022-36359 via django (>=3.2.0 <=3.2.14)

django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =6.0.0, =6.0.0, =1.1.0, =21.3.0, =21.4.0 and more Source cves: CVE-2022-36359 Source advisory: OSV:PYSEC-2022-245...

8.8CVSS7AI score0.00657EPSS
Exploits0
OSV
OSV
added 2022/08/03 12:0 a.m.33 views

CVE-2022-36359

An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input...

8.8CVSS8.5AI score0.00657EPSS
Exploits0References10
CVE
CVE
added 2022/08/03 12:0 a.m.157 views

CVE-2022-36359

The vulnerability CVE-2022-36359 affects the Django HTTP FileResponse class, with Django 3.2 before 3.2.15 and 4.0 before 4.0.7 vulnerable to a reflected file download (RFD) attack. The attack can occur when the filename is derived from user-supplied input, as it sets the Content-Disposition head...

8.8CVSS8.3AI score0.00657EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder