Lucene search
+L

4 matches found

Ubuntu
Ubuntu
added 2025/06/17 8:34 a.m.4 views

USN-7555-3: Django vulnerability

USN-7555-1 fixed a vulnerability in Django. This update provides an additional fix for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Django incorrectly handled certain unescaped request paths. An attacker could possibly use this issue to perform a log injection...

5.5AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/06/05 3:30 a.m.16 views

Django Improper Output Neutralization for Logs vulnerability

An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2.22. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are...

5.3CVSS7.2AI score0.00629EPSS
Exploits0References11Affected Software1
CVE
CVE
added 2025/06/05 12:0 a.m.220 views

CVE-2025-48432

CVE-2025-48432 affects Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, allowing remote attackers to craft URLs that may inject/forge log output when logs are viewed or processed externally. Impact is log injection/ fo...

5.3CVSS4.7AI score0.00629EPSS
Exploits0References8Affected Software1
Ubuntu
Ubuntu
added 2025/06/04 5:3 p.m.4 views

USN-7555-1: Django vulnerability

It was discovered that Django incorrectly handled certain unescaped request paths. An attacker could possibly use this issue to perform a log injection...

5.3CVSS7.5AI score0.00629EPSS
Exploits0
Rows per page
Query Builder