Lucene search
K

13 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/04/17 12:0 a.m.8 views

python311-Django-5.2.13-1.1 on GA media (moderate)

python311-Django-5.2.13-1.1 on GA media Announcement ID: openSUSE-SU-2026:10567-1 Rating: moderate Cross-References: CVE-2026-33033 CVE-2026-33034 CVE-2026-3902 CVE-2026-4277 CVE-2026-4292 CVSS scores: CVE-2026-33033 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-33033 SUSE : 6....

6.9CVSS5.8AI score0.00879EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/04/11 9:26 a.m.4 views

SUSE CVE-2026-3902

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGIRequest allows a remote attacker to spoof headers by exploiting an ambiguous mapping of two header variants with hyphens or with underscores to a single version with underscores. Earlier, unsupported Django...

5.3CVSS5.8AI score0.00436EPSS
Exploits0References5
Chainguard
Chainguard
added 2026/04/10 2:13 a.m.5 views

CVE-2026-3902 vulnerabilities

Vulnerabilities for packages: authentik, awx, authentik-fips, label-studio...

7.5CVSS7AI score0.00436EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 4:14 p.m.4 views

11x-wagtail-blog (>=0.0.0 <=0.2.0), aldryn-django (>=5.0.2.0 <=5.1.5.0) +399 more potentially affected by CVE-2026-3902 via django (>=5.0.0 <=5.2.12)

django PYPI version =5.0.0, =0.0.0, =5.0.2.0, =0.0.15, =0.42.1, =1.0.0, =1.14.3, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.51 and more Source cves: CVE-2026-3902 Source advisory: SNYK:PYTHON-DJANGO-15923569...

7.5CVSS7AI score0.00436EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 4:14 p.m.4 views

admin-auth0 (>=0.1.1 <=0.1.5), aldryn-django (>=4.2.10.0 <=4.2.18.0) +126 more potentially affected by CVE-2026-3902 via django (>=4.2.0 <=4.2.3)

django PYPI version =4.2.0, =0.1.1, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =0.0.9, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =4.17.1 and more Source cves: CVE-2026-3902 Source advisory: SNYK:PYTHON-DJANGO-15923569...

7.5CVSS5.8AI score0.00436EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 4:14 p.m.4 views

arches (=8.0.0a1), desktop-django-starter (=0.1.0) +33 more potentially affected by CVE-2026-3902 via django (>=6.0.0 <=6.0.3)

django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.2.0b1 and more Source cves: CVE-2026-3902 Source advisory: SNYK:PYTHON-DJANGO-15923569...

7.5CVSS5.4AI score0.00436EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 3:30 p.m.6 views

arches (=8.0.0a1), desktop-django-starter (=0.1.0) +33 more potentially affected by CVE-2026-3902 via django (>=6.0.0 <=6.0.3)

django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.2.0b1 and more Source cves: CVE-2026-3902 Source advisory: OSV:GHSA-MVFQ-GGXM-9MC5...

7.5CVSS5.4AI score0.00436EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 3:30 p.m.13 views

arthexis (>=0.2.6 <=0.8.0), cg-django-uaa (=2.1.9) +29 more potentially affected by CVE-2026-3902 via django (>=5.2.0 <=5.2.12)

django PYPI version =5.2.0, =0.2.6, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-3902 Source advisory: OSV:GHSA-MVFQ-GGXM-9MC5...

7.5CVSS7AI score0.00436EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 3:17 p.m.5 views

arches (=8.0.0a1), desktop-django-starter (=0.1.0) +33 more potentially affected by CVE-2026-3902 via django (>=6.0.0 <=6.0.3)

django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.2.0b1 and more Source cves: CVE-2026-3902 Source advisory: OSV:PYSEC-2026-51...

7.5CVSS5.4AI score0.00436EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 3:17 p.m.6 views

admin-auth0 (>=0.1.1 <=0.1.5), aldryn-django (>=4.2.10.0 <=4.2.18.0) +126 more potentially affected by CVE-2026-3902 via django (>=4.2.0 <=4.2.3)

django PYPI version =4.2.0, =0.1.1, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =0.0.9, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =4.17.1 and more Source cves: CVE-2026-3902 Source advisory: OSV:PYSEC-2026-51...

7.5CVSS5.8AI score0.00436EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/07 3:17 p.m.6 views

arthexis (>=0.2.6 <=0.8.0), cg-django-uaa (=2.1.9) +29 more potentially affected by CVE-2026-3902 via django (>=5.2.0 <=5.2.12)

django PYPI version =5.2.0, =0.2.6, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-3902 Source advisory: OSV:PYSEC-2026-51...

7.5CVSS7AI score0.00436EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/07 2:22 p.m.18 views

CVE-2026-3902 ASGI header spoofing via underscore/hyphen conflation

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGIRequest allows a remote attacker to spoof headers by exploiting an ambiguous mapping of two header variants with hyphens or with underscores to a single version with underscores. Earlier, unsupported Django...

0.00436EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-3902

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGIRequest allows a remote attacker to spoof headers by exploiting an...

7.5CVSS5.5AI score0.00436EPSS
Exploits0References2
Rows per page
Query Builder