9 matches found
EUVD-2025-0219
Malicious code in bioql PyPI...
Class Pollution
Django-Unicorn is vulnerable to Class Pollution. The vulnerability is due to improper handling of component requests due to the setpropertyvalue function allowing remote users to manipulate its parameters, leading to arbitrary changes in the Python runtime, enabling XSS, DoS, and authentication...
CVE-2025-24370
Django-Unicorn adds modern reactive component functionality to Django templates. Affected versions of Django-Unicorn are vulnerable to python class pollution vulnerability. The vulnerability arises from the core functionality setpropertyvalue, which can be remotely triggered by users by crafting...
CVE-2025-24370 Django-Unicorn Class Pollution Vulnerability, Leading to XSS, DoS and Authentication Bypass
Django-Unicorn adds modern reactive component functionality to Django templates. Affected versions of Django-Unicorn are vulnerable to python class pollution vulnerability. The vulnerability arises from the core functionality setpropertyvalue, which can be remotely triggered by users by crafting...
CVE-2025-24370 Django-Unicorn Class Pollution Vulnerability, Leading to XSS, DoS and Authentication Bypass
Django-Unicorn adds modern reactive component functionality to Django templates. Affected versions of Django-Unicorn are vulnerable to python class pollution vulnerability. The vulnerability arises from the core functionality setpropertyvalue, which can be remotely triggered by users by crafting...
CVE-2025-24370
CVE-2025-24370 affects django-unicorn. The issue stems from the vulnerable set_property_value function, which can be remotely triggered via component requests (syncInput payload) to modify Python runtime state, enabling XSS, DoS, and authentication bypass across Django-Unicorn-based apps. Remedia...
GHSA-G9WF-5777-GQ43 Django-Unicorn Class Pollution Vulnerability, Leading to XSS, DoS and Authentication Bypass
Summary Django-Unicorn is vulnerable to python class pollution vulnerability, a new type of vulnerability categorized under CWE-915. The vulnerability arises from the core functionality setpropertyvalue, which can be remotely triggered by users by crafting appropriate component requests and feedi...
Django-Unicorn Class Pollution Vulnerability, Leading to XSS, DoS and Authentication Bypass
Summary Django-Unicorn is vulnerable to python class pollution vulnerability, a new type of vulnerability categorized under CWE-915. The vulnerability arises from the core functionality setpropertyvalue, which can be remotely triggered by users by crafting appropriate component requests and feedi...
simmate (>=0.14.0 <=0.17.0), tvsd (>=1.4.0 <=1.4.1) potentially affected by CVE-2025-24370 via django-unicorn (>=0.50.0 <=0.59.0)
django-unicorn PYPI version =0.50.0, =0.14.0, =1.4.0, =1.4.1 Source cves: CVE-2025-24370 Source advisory: OSV:GHSA-G9WF-5777-GQ43...