Lucene search
+L

14 matches found

vulnersosv
vulnersosv
added 2026/06/03 4:23 p.m.6 views

11x-wagtail-blog (>=0.0.0 <=0.2.0), aldryn-django (>=5.0.2.0 <=5.1.5.0) +419 more potentially affected by CVE-2026-7666 via django (>=5.0.0 <=5.2.14)

django PYPI version =5.0.0, =0.0.0, =5.0.2.0, =0.0.15, =0.42.1, =1.0.0, =1.14.3, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.51 and more Source cves: CVE-2026-7666 Source advisory: SNYK:PYTHON-DJANGO-17151727...

3.1CVSS5.7AI score0.0015EPSS
Exploits0
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are vulnerable to a denial-of-service attack due to very large inputs containing a specific sequence of characters...

7.5CVSS6.6AI score0.01258EPSS
Exploits0References2
nessus
nessus
added 2026/01/07 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-000174)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000174 advisory. An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override...

4.3CVSS6.4AI score0.01EPSS
Exploits0References4
vulnersosv
vulnersosv
added 2025/12/02 3:41 p.m.7 views

11x-wagtail-blog (>=0.0.0 <=0.2.0), aldryn-django (>=5.0.2.0 <=5.0.11.0) +253 more potentially affected by CVE-2025-13372 via django (>=5.0.0 <=5.1.14)

django PYPI version =5.0.0, =0.0.0, =5.0.2.0, =0.0.15, =1.14.3, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =0.1.0, =0.2.5 and more Source cves: CVE-2025-13372 Source advisory: SNYK:PYTHON-DJANGO-14157810...

4.3CVSS6.9AI score0.00904EPSS
Exploits0
vulnersosv
vulnersosv
added 2025/01/14 7:15 p.m.3 views

aldryn-django (=5.0.10.0), artd-customer (>=0.0.20 <=0.0.23) +65 more potentially affected by CVE-2024-56374 via django (>=5.0.0 <=5.0.10)

django PYPI version =5.0.0, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =1.0.0, =6.0.0, =2.8.1, =0.3.0, =0.35.0 and more Source cves: CVE-2024-56374 Source advisory: OSV:PYSEC-2025-1...

7.5CVSS6.8AI score0.01854EPSS
Exploits0
susecve
susecve
added 2024/08/08 2:21 a.m.3 views

SUSE CVE-2024-41990

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...

7.5CVSS9.2AI score0.01258EPSS
Exploits0References7
susecve
susecve
added 2024/08/08 2:21 a.m.3 views

SUSE CVE-2024-42005

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values and valueslist methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed arg...

8.1CVSS9.5AI score0.01227EPSS
Exploits0References6
pypa
pypa
added 2024/08/07 3:15 p.m.6 views

PYSEC-2024-70

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values and valueslist methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed arg...

9.8CVSS8AI score0.01227EPSS
Exploits0References4Affected Software1
osv
osv
added 2024/08/06 1:0 p.m.9 views

UBUNTU-CVE-2024-41990

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...

7.5CVSS6.7AI score0.01258EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2024/08/06 12:0 a.m.5 views

PT-2024-5584

Name of the Vulnerable Software and Affected Versions Django versions 4.2 through 4.2.14 Django versions 5.0 through 5.0.7 Description The issue is related to SQL injection in the QuerySet.values and values list methods on models with a JSONField. This vulnerability can be exploited by passing a...

10CVSS6.8AI score0.01227EPSS
Exploits0References191
vulnersosv
vulnersosv
added 2024/07/10 6:33 a.m.5 views

11x-wagtail-blog (>=0.0.0 <=0.2.0), aldryn-django (>=5.0.2.0 <=5.0.11.0) +234 more potentially affected by CVE-2024-38875 via django (>=5.0.0 <=5.0.6)

django PYPI version =5.0.0, =0.0.0, =5.0.2.0, =0.0.15, =1.14.3, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =0.1.0, =0.2.5 and more Source cves: CVE-2024-38875 Source advisory: OSV:GHSA-QG2P-9JWR-MMQF...

7.5CVSS6.7AI score0.01187EPSS
Exploits0
ptsecurity
ptsecurity
added 2024/07/05 12:0 a.m.7 views

PT-2024-6068

Name of the Vulnerable Software and Affected Versions Django versions 4.2 through 4.2.13 Django versions 5.0 through 5.0.6 Description The issue is related to the get supported language variant function in Django, which can be subject to a potential denial-of-service attack when used with very lo...

8.7CVSS6.7AI score0.28637EPSS
Exploits0References177
ptsecurity
ptsecurity
added 2024/06/23 12:0 a.m.7 views

PT-2024-6224

Name of the Vulnerable Software and Affected Versions Django versions 4.2 through 4.2.13 Django versions 5.0 through 5.0.6 Description The issue allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password. This is due to the...

6.9CVSS6.7AI score0.00882EPSS
Exploits0References176
pypa
pypa
added 2024/02/06 10:16 p.m.7 views

PYSEC-2024-28

An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings...

7.5CVSS6.9AI score0.01606EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder