Lucene search
+L

19 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-39330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they overrid...

4.3CVSS6.3AI score0.01EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.18 views

openSUSE Security Advisory (SUSE-SU-2024:2577-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.28637EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/11/06 12:0 a.m.25 views

RHEL 8 / 9 : Satellite 6.16.0 (Critical) (RHSA-2024:8906)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8906 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessit...

9.8CVSS6.9AI score0.28637EPSS
Exploits4References277
RedHat Linux
RedHat Linux
added 2024/11/05 5:49 p.m.285 views

Critical: Red Hat Security Advisory: Satellite 6.16.0 release

A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.8CVSS6.8AI score0.28637EPSS
Exploits4References262
OpenVAS
OpenVAS
added 2024/08/06 12:0 a.m.26 views

Fedora: Security Advisory (FEDORA-2024-a7eef0ca7b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.6AI score0.28637EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/08/06 12:0 a.m.25 views

Fedora: Security Advisory (FEDORA-2024-d05d37ead7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.6AI score0.28637EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/08/06 12:0 a.m.21 views

Fedora: Security Advisory (FEDORA-2024-82547e3e16)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.6AI score0.28637EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/08/06 12:0 a.m.20 views

Fedora: Security Advisory (FEDORA-2024-7dac82a14e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.6AI score0.28637EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/07/24 12:0 a.m.22 views

openSUSE Security Advisory (SUSE-SU-2024:2545-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.47102EPSS
Exploits0References8
OSV
OSV
added 2024/07/17 11:58 a.m.33 views

SUSE-SU-2024:2545-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2024-38875: Fixed potential denial-of-service attack via certain inputs with a very large number of brackets bsc1227590 - CVE-2024-39329: Fixed username enumeration through timing difference for users with unusable passwords bsc12275...

7.5CVSS6.3AI score0.47102EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2024/07/16 2:37 p.m.22 views

CVE-2024-39330

A vulnerability was found in Python-Django in the Derived classes of the django.core.files.storage.Storage base class that overrides the generatefilename without replicating the file path validations existing in the parent class. This flaw allows potential directory traversal via certain inputs...

4.3CVSS7.3AI score0.01EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/07/12 12:0 a.m.35 views

Django 4.x < 4.2.14, 5.x < 5.0.7 Multiple Vulnerabilities - Windows

Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...

7.5CVSS7.7AI score0.28637EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/07/12 12:0 a.m.118 views

Django 4.x < 4.2.14, 5.x < 5.0.7 Multiple Vulnerabilities - Linux

Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...

7.5CVSS7.7AI score0.28637EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2024/07/10 6:33 a.m.5 views

aldryn-django (=4.2.10.0), am-report (=0.1.5) +81 more potentially affected by CVE-2024-39330 via django (>=4.2.0 <=4.2.13)

django PYPI version =4.2.0, =7.5.1, =0.0.1, =0.4.0, =5.2.0, =0.5.1, =0.12.2, =3.1.0, =7.2.2, =39.1.0, =39.1.4 and more Source cves: CVE-2024-39330 Source advisory: OSV:GHSA-9JMF-237G-QF46...

4.3CVSS6.4AI score0.01EPSS
Exploits0
NVD
NVD
added 2024/07/10 5:15 a.m.25 views

CVE-2024-39330

An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generatefilename without replicating the file-path validations from the parent class, potentially allow directory traversal via certain...

4.3CVSS0.01EPSS
Exploits0References4
Wolfi
Wolfi
added 2024/07/10 5:15 a.m.23 views

CVE-2024-39330 vulnerabilities

Vulnerabilities for packages: py3-django...

4.3CVSS7.1AI score0.01EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/07/10 5:15 a.m.4 views

aldryn-django (=4.2.10.0), am-report (=0.1.5) +81 more potentially affected by CVE-2024-39330 via django (>=4.2.0 <=4.2.13)

django PYPI version =4.2.0, =7.5.1, =0.0.1, =0.4.0, =5.2.0, =0.5.1, =0.12.2, =3.1.0, =7.2.2, =39.1.0, =39.1.4 and more Source cves: CVE-2024-39330 Source advisory: OSV:PYSEC-2024-58...

4.3CVSS6.4AI score0.01EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/07/10 5:15 a.m.3 views

11x-wagtail-blog (>=0.0.0 <=0.2.0), aldryn-django (>=5.0.2.0 <=5.0.11.0) +234 more potentially affected by CVE-2024-39330 via django (>=5.0.0 <=5.0.6)

django PYPI version =5.0.0, =0.0.0, =5.0.2.0, =0.0.15, =1.14.3, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =0.1.0, =0.2.5 and more Source cves: CVE-2024-39330 Source advisory: OSV:PYSEC-2024-58...

4.3CVSS6.6AI score0.01EPSS
Exploits0
Ubuntu
Ubuntu
added 2024/07/09 5:5 p.m.42 views

USN-6888-1: Django vulnerabilities

Elias Myllymäki discovered that Django incorrectly handled certain inputs with a large number of brackets. A remote attacker could possibly use this issue to cause Django to consume resources or stop responding, resulting in a denial of service. CVE-2024-38875 It was discovered that Django...

7.5CVSS6.7AI score0.28637EPSS
Exploits0
Rows per page
Query Builder