Lucene search
+L

35 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Python-Django

In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True, as well as the truncatewordshtml template filter, are vulnerable to a denial-of-service attack via a crafted regular expression. NOTE: This issue persists due to an...

5.3CVSS6.8AI score0.01854EPSS
Exploits0References2
nessus
nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2023-43665

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subje...

7.5CVSS6.5AI score0.01225EPSS
Exploits0References2
openvas
openvas
added 2024/05/27 12:0 a.m.18 views

Fedora: Security Advisory for python-django3 (FEDORA-2024-84fbbbb914)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.02978EPSS
Exploits0References2
nessus
nessus
added 2024/04/28 12:0 a.m.31 views

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5758)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5758 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

7.5CVSS6.9AI score0.01273EPSS
Exploits0References9
nessus
nessus
added 2024/04/20 12:0 a.m.36 views

Fedora 38 : python-django3 (2024-84fbbbb914)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-84fbbbb914 advisory. Security fixes for - CVE-2024-27351 Potential regular expression DOS in django.utils.text.Truncator.words - CVE-2024-24680 denial-of-service in...

7.5CVSS6.8AI score0.02978EPSS
Exploits0References6
nessus
nessus
added 2024/04/18 12:0 a.m.130 views

RHEL 8 : RHUI 4.8 Release - Security Updates, Bug Fixes, and Enhancements (Moderate) (RHSA-2024:1878)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1878 advisory. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and content...

7.5CVSS6.7AI score0.76875EPSS
Exploits22References35
osv
osv
added 2024/03/15 12:0 a.m.9 views

CVE-2024-27351

In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True and the truncatewordshtml template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because ...

5.3CVSS6.4AI score0.01854EPSS
Exploits0References15
alpinelinux
alpinelinux
added 2024/03/15 12:0 a.m.74 views

CVE-2024-27351

In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words method with html=True and the truncatewordshtml template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because ...

5.3CVSS7.3AI score0.01854EPSS
Exploits0
openvas
openvas
added 2024/03/04 12:0 a.m.25 views

openSUSE: Security Advisory for python (openSUSE-SU-2023:0390-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.01225EPSS
Exploits0References2
openvas
openvas
added 2024/03/04 12:0 a.m.27 views

openSUSE: Security Advisory for python (openSUSE-SU-2023:0310-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.01225EPSS
Exploits0References2
nessus
nessus
added 2023/12/05 12:0 a.m.34 views

openSUSE 15 Security Update : python-Django1 (openSUSE-SU-2023:0389-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0389-1 advisory. - In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True...

7.5CVSS7.2AI score0.03502EPSS
Exploits0References4
nessus
nessus
added 2023/12/05 12:0 a.m.36 views

openSUSE 15 Security Update : python-Django1 (openSUSE-SU-2023:0390-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0390-1 advisory. - In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True...

7.5CVSS7.2AI score0.03502EPSS
Exploits0References4
osv
osv
added 2023/12/04 5:1 p.m.6 views

OPENSUSE-SU-2023:0389-1 Security update for python-Django1

This update for python-Django1 fixes the following issues: - CVE-2023-43665: Fixed Denial-of-service vulnerability in django.utils.text.Truncator boo1215978...

7.5CVSS7.5AI score0.01225EPSS
Exploits0References3
opensuse
opensuse
added 2023/12/04 12:0 a.m.8 views

Security update for python-Django1 (moderate)

openSUSE Security Update: Security update for python-Django1 Announcement ID: openSUSE-SU-2023:0390-1 Rating: moderate References: 1215978 Cross-References: CVE-2023-43665 CVSS scores: CVE-2023-43665 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-43665 SUSE: 5.3...

5.3CVSS6.7AI score0.01225EPSS
Exploits0References1
opensuse
opensuse
added 2023/12/04 12:0 a.m.4 views

Security update for python-Django1 (moderate)

openSUSE Security Update: Security update for python-Django1 Announcement ID: openSUSE-SU-2023:0389-1 Rating: moderate References: 1215978 Cross-References: CVE-2023-43665 CVSS scores: CVE-2023-43665 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-43665 SUSE: 5.3...

5.3CVSS6.7AI score0.01225EPSS
Exploits0References1
osv
osv
added 2023/11/13 1:22 p.m.7 views

SUSE-SU-2023:4426-1 Security update for python-Django1

This update for python-Django1 fixes the following issues: - CVE-2023-43665: Fixed a denial of service in django.utils.text.Truncator bsc1215978...

7.5CVSS7.3AI score0.01225EPSS
Exploits0References3
nessus
nessus
added 2023/11/07 12:0 a.m.35 views

Fedora 39 : python-django (2023-a67af7d8f4)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a67af7d8f4 advisory. Security fix for CVE-2023-41164 and CVE-2023-43665 Tenable has extracted the preceding description block directly from the Fedora security advisory...

7.5CVSS6.8AI score0.01273EPSS
Exploits0References3
vulnersosv
vulnersosv
added 2023/11/03 6:36 a.m.5 views

aolab-aopy (>=0.6.3 <=0.9.3), aolab-bmi3d (>=1.0.0 <=1.2.4) +20 more potentially affected by CVE-2023-43665 via django (>=4.1.0 <=4.1.11)

django PYPI version =4.1.0, =0.6.3, =1.0.0, =0.0.3, =0.0.1, =0.1.0, =0.2.6, =4.0.0, =2022.6.1, =1.0.0, =4.1.0, =4.1.11 and more Source cves: CVE-2023-43665 Source advisory: OSV:GHSA-H8GC-PGJ2-VJM3...

7.5CVSS6.6AI score0.01225EPSS
Exploits0
vulnersosv
vulnersosv
added 2023/11/03 6:36 a.m.6 views

admin-tool-button (>=1.0.1a0 <=1.0.5a0), aedttest (=0.0.2) +125 more potentially affected by CVE-2023-43665 via django (>=3.2.0 <=3.2.21)

django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.0.1, =1.0.6, =6.2.0, =0.2.0, =0.1.0, =21.1.1, =21.1.0, =22.0.0.dev13, =22.0.0.dev14 and more Source cves: CVE-2023-43665 Source advisory: OSV:GHSA-H8GC-PGJ2-VJM3...

7.5CVSS6.7AI score0.01225EPSS
Exploits0
vulnersosv
vulnersosv
added 2023/11/03 5:15 a.m.4 views

aolab-aopy (>=0.6.3 <=0.9.3), aolab-bmi3d (>=1.0.0 <=1.2.4) +20 more potentially affected by CVE-2023-43665 via django (>=4.1.0 <=4.1.11)

django PYPI version =4.1.0, =0.6.3, =1.0.0, =0.0.3, =0.0.1, =0.1.0, =0.2.6, =4.0.0, =2022.6.1, =1.0.0, =4.1.0, =4.1.11 and more Source cves: CVE-2023-43665 Source advisory: OSV:PYSEC-2023-226...

7.5CVSS6.6AI score0.01225EPSS
Exploits0
Rows per page
Query Builder