20 matches found
Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.15-py3-none-any.whl CVE-2024-45231
Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.15-py3-none-any.whl CVE-2024-45231. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-45231 DESCRIPTION: Django could allow a remote attacker to obtai...
Security Bulletin: Denial of service, SQL injection, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service
Summary IBM Storage Defender – Resiliency Service is vulnerable to denial of service, SQL injection, and others. The vulnerabilities have been addressed. CVE-2023-52425, CVE-2024-53908, CVE-2024-53907, CVE-2023-52426, CVE-2022-29162, CVE-2023-25809, CVE-2023-27561, CVE-2023-28642, CVE-2024-21626,...
python310-Django-5.1.4-1.1 on GA media (moderate)
python310-Django-5.1.4-1.1 on GA media Announcement ID: openSUSE-SU-2024:14568-1 Rating: moderate Cross-References: CVE-2024-53907 CVE-2024-53908 CVSS scores: CVE-2024-53907 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-53908 SUSE : 9.1...
openSUSE Security Advisory (SUSE-SU-2024:4285-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
python310-Django4-4.2.17-1.1 on GA media (moderate)
python310-Django4-4.2.17-1.1 on GA media Announcement ID: openSUSE-SU-2024:14565-1 Rating: moderate Cross-References: CVE-2024-53907 CVE-2024-53908 CVSS scores: CVE-2024-53907 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-53908 SUSE : 9.1...
Django 4.x < 4.2.17, 5.0.x < 5.0.10, 5.1.x < 5.1.4 Multiple Vulnerabilities - Windows
Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...
Django 4.x < 4.2.17, 5.0.x < 5.0.10, 5.1.x < 5.1.4 Multiple Vulnerabilities - Linux
Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...
artd-customer (>=0.0.20 <=0.0.23), artd-location (>=0.0.13 <=0.0.21) +62 more potentially affected by CVE-2024-53908 via django (>=5.0.0 <=5.0.1)
django PYPI version =5.0.0, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =1.0.0, =6.0.0, =2.8.1, =0.3.0, =24.1.1, =24.2.0 and more Source cves: CVE-2024-53908 Source advisory: OSV:GHSA-M9G8-FXXM-XG86...
aldryn-django (=4.2.10.0), alertwise (=1.0.0) +93 more potentially affected by CVE-2024-53908 via django (>=4.2.0 <=4.2.16)
django PYPI version =4.2.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =0.4.0, =4.16.2, =4.8.0, =8.0.0, =5.2.0, =5.2.2 - cpu-utilization-monitoring =0.1.3 and more Source cves: CVE-2024-53908 Source advisory: OSV:GHSA-M9G8-FXXM-XG86...
artd-customer (>=0.0.20 <=0.0.23), artd-location (>=0.0.13 <=0.0.21) +62 more potentially affected by CVE-2024-53908 via django (>=5.0.0 <=5.0.1)
django PYPI version =5.0.0, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =1.0.0, =6.0.0, =2.8.1, =0.3.0, =24.1.1, =24.2.0 and more Source cves: CVE-2024-53908 Source advisory: OSV:PYSEC-2024-157...
CVE-2024-53908 vulnerabilities
Vulnerabilities for packages: awx, py3-django...
CVE-2024-53908 vulnerabilities
Vulnerabilities for packages: py3-django...
SUSE CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
CVE-2024-53908
Django vulnerability CVE-2024-53908 affects Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The issue arises from direct usage of the django.db.models.fields.json.HasKey lookup when an Oracle database is used, allowing SQL injection if untrusted data is supplied as the left-han...
CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
USN-7136-2 python-django vulnerability
USN-7136-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: jiangniao discovered that Django incorrectly handled the API to strip tags. A remote attacker could possibly use this issue to cause Djan...
CVE-2024-53908
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...
artd-customer (>=0.0.20 <=0.0.23), artd-location (>=0.0.13 <=0.0.21) +62 more potentially affected by CVE-2024-53908 via django (>=5.0.0 <=5.0.1)
django PYPI version =5.0.0, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =1.0.0, =6.0.0, =2.8.1, =0.3.0, =24.1.1, =24.2.0 and more Source cves: CVE-2024-53908 Source advisory: SNYK:PYTHON-DJANGO-8456316...
aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +490 more potentially affected by CVE-2024-53908 via django (>=4.0.0 <=4.2.16)
django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =65.10.0, =65.10.3 and more Source cves: CVE-2024-53908 Source advisory: SNYK:PYTHON-DJANGO-8456316...