35 matches found
Astra Linux – Vulnerability in Python-Django
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True, as well as the truncatewordshtml template filter, are vulnerable to a denial-of-service attack via a crafted regular expression. NOTE: This issue persists due to an...
Linux Distros Unpatched Vulnerability : CVE-2023-43665
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subje...
Fedora: Security Advisory for python-django3 (FEDORA-2024-84fbbbb914)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5758)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5758 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...
Fedora 38 : python-django3 (2024-84fbbbb914)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-84fbbbb914 advisory. Security fixes for - CVE-2024-27351 Potential regular expression DOS in django.utils.text.Truncator.words - CVE-2024-24680 denial-of-service in...
RHEL 8 : RHUI 4.8 Release - Security Updates, Bug Fixes, and Enhancements (Moderate) (RHSA-2024:1878)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1878 advisory. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and content...
CVE-2024-27351
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True and the truncatewordshtml template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because ...
CVE-2024-27351
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True and the truncatewordshtml template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because ...
openSUSE: Security Advisory for python (openSUSE-SU-2023:0390-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for python (openSUSE-SU-2023:0310-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : python-Django1 (openSUSE-SU-2023:0389-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0389-1 advisory. - In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True...
openSUSE 15 Security Update : python-Django1 (openSUSE-SU-2023:0390-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0390-1 advisory. - In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True...
OPENSUSE-SU-2023:0389-1 Security update for python-Django1
This update for python-Django1 fixes the following issues: - CVE-2023-43665: Fixed Denial-of-service vulnerability in django.utils.text.Truncator boo1215978...
Security update for python-Django1 (moderate)
openSUSE Security Update: Security update for python-Django1 Announcement ID: openSUSE-SU-2023:0390-1 Rating: moderate References: 1215978 Cross-References: CVE-2023-43665 CVSS scores: CVE-2023-43665 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-43665 SUSE: 5.3...
Security update for python-Django1 (moderate)
openSUSE Security Update: Security update for python-Django1 Announcement ID: openSUSE-SU-2023:0389-1 Rating: moderate References: 1215978 Cross-References: CVE-2023-43665 CVSS scores: CVE-2023-43665 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-43665 SUSE: 5.3...
SUSE-SU-2023:4426-1 Security update for python-Django1
This update for python-Django1 fixes the following issues: - CVE-2023-43665: Fixed a denial of service in django.utils.text.Truncator bsc1215978...
Fedora 39 : python-django (2023-a67af7d8f4)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a67af7d8f4 advisory. Security fix for CVE-2023-41164 and CVE-2023-43665 Tenable has extracted the preceding description block directly from the Fedora security advisory...
aolab-aopy (>=0.6.3 <=0.9.3), aolab-bmi3d (>=1.0.0 <=1.2.4) +20 more potentially affected by CVE-2023-43665 via django (>=4.1.0 <=4.1.11)
django PYPI version =4.1.0, =0.6.3, =1.0.0, =0.0.3, =0.0.1, =0.1.0, =0.2.6, =4.0.0, =2022.6.1, =1.0.0, =4.1.0, =4.1.11 and more Source cves: CVE-2023-43665 Source advisory: OSV:GHSA-H8GC-PGJ2-VJM3...
admin-tool-button (>=1.0.1a0 <=1.0.5a0), aedttest (=0.0.2) +125 more potentially affected by CVE-2023-43665 via django (>=3.2.0 <=3.2.21)
django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.0.1, =1.0.6, =6.2.0, =0.2.0, =0.1.0, =21.1.1, =21.1.0, =22.0.0.dev13, =22.0.0.dev14 and more Source cves: CVE-2023-43665 Source advisory: OSV:GHSA-H8GC-PGJ2-VJM3...
aolab-aopy (>=0.6.3 <=0.9.3), aolab-bmi3d (>=1.0.0 <=1.2.4) +20 more potentially affected by CVE-2023-43665 via django (>=4.1.0 <=4.1.11)
django PYPI version =4.1.0, =0.6.3, =1.0.0, =0.0.3, =0.0.1, =0.1.0, =0.2.6, =4.0.0, =2022.6.1, =1.0.0, =4.1.0, =4.1.11 and more Source cves: CVE-2023-43665 Source advisory: OSV:PYSEC-2023-226...