Python Library Django 5.0.x < 5.0.14 / 5.1.x < 5.1.8 DoS

The detected version of the Django Python package, Django, is 5.0.x prior to 5.0.14 or 5.1.x prior to 5.1.8. It is, therefore, affected by a denial of service vulnerability as disclosed in Django's April 2nd 2025 security advisory. The NFKC normalization is slow on Windows. As a consequence,...

openSUSE 15 Security Update : python-django-ckeditor (openSUSE-SU-2025:0008-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2025:0008-1 advisory. - Update to 6.7.2 Deprecated the package. Added a new ckeditor/fixups.js script which disables the version check again if something slips through by...

CVE-2024-41991

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters...

CVE-2024-42005

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values and valueslist methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed arg...

Django Security Vulnerabilities

Django is a set of open source web application frameworks based on the Python language from the Django Foundation. The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django version 4.2 up to and including version 4.2.14 and...

Fedora 40 : python-django (2024-5c7fb64c74)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5c7fb64c74 advisory. Security fix for CVE-2024-24680 and CVE-2024-27351 Tenable has extracted the preceding description block directly from the Fedora security advisory...

Mageia: Security Advisory (MGASA-2024-0075)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2024-1229 python-django security update

Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service...

OESA-2024-1165 python-django security update

Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service...

SUSE CVE-2024-24680

An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings...