Lucene search
K

4 matches found

OSV
OSV
added 2024/02/23 11:6 a.m.3 views

OESA-2024-1164 python-django security update

Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service...

7.5CVSS7AI score0.01606EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/04/13 12:0 a.m.45 views

SQL Injection in Django

A SQL injection issue was discovered in QuerySet.explain in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary with dictionary expansion as the options argument, and placing the injection payload in an option name...

9.8CVSS9.5AI score0.02919EPSS
Exploits0References14Affected Software1
OSV
OSV
added 2022/01/05 12:15 a.m.1 views

DEBIAN-CVE-2021-45452

Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it...

5.3CVSS6.5AI score0.02388EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2021/05/05 3:15 p.m.2 views

admin-tool-button (>=1.0.1a0 <=1.0.5a0), apis-ampel (=0.1.0) +44 more potentially affected by CVE-2021-31542 via django (>=3.2.0 <=3.2.0rc1)

django PYPI version =3.2.0, =1.0.1a0, =0.2.0, =0.14.0, =0.13.0, =0.8.0, =0.9.16 and more Source cves: CVE-2021-31542 Source advisory: OSV:PYSEC-2021-7...

7.5CVSS7AI score0.05291EPSS
Exploits0
Rows per page
Query Builder