Lucene search
K

24 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Python-Django

A vulnerability was discovered in versions prior to 6.0.0, 6.0.2, 5.2.0 prior to 5.2.1.1, and 4.2.0 prior to 4.2.2.8. The methods django.utils.text.Truncator.chars and Truncator.words with html=True, along with the template filters truncatecharshtml and truncatewordshtml, allow a remote attacker ...

7.5CVSS7AI score0.00993EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/07 5:9 p.m.18 views

Django: Django: Denial of Service via crafted HTML inputs

A flaw was found in Django. A remote attacker can exploit this vulnerability by providing crafted inputs containing a large number of unmatched HTML end tags to the django.utils.text.Truncator.chars and Truncator.words methods when html=True, or through the truncatecharshtml and truncatewordshtml...

7.5CVSS7.1AI score0.00993EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/06 4:36 p.m.3 views

Django: Django: Denial of Service via crafted HTML inputs

A flaw was found in Django. A remote attacker can exploit this vulnerability by providing crafted inputs containing a large number of unmatched HTML end tags to the django.utils.text.Truncator.chars and Truncator.words methods when html=True, or through the truncatecharshtml and truncatewordshtml...

7.5CVSS5.8AI score0.00993EPSS
Exploits0References7
OSV
OSV
added 2026/02/06 3:57 p.m.6 views

OESA-2026-1309 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django versions before 6.0.2, before 5.2.11, and before 4.2.28. The django.contrib.auth.handlers.modwsgi.checkpassword function for authentication via modwsg...

8.5CVSS6.9AI score0.09436EPSS
Exploits2References7
OSV
OSV
added 2026/02/05 8:38 a.m.4 views

BIT-DJANGO-2026-1285 Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS5.5AI score0.00993EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/02/05 12:27 a.m.4 views

SUSE CVE-2026-1285

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS5.4AI score0.00993EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/03 8:2 p.m.4 views

CVE-2026-1285

A flaw was found in Django. A remote attacker can exploit this vulnerability by providing crafted inputs containing a large number of unmatched HTML end tags to the django.utils.text.Truncator.chars and Truncator.words methods when html=True, or through the truncatecharshtml and truncatewordshtml...

7.5CVSS5.5AI score0.00993EPSS
Exploits0References6
Snyk
Snyk
added 2026/02/03 3:49 p.m.3 views

Inefficient Algorithmic Complexity

Overview Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity via the django.utils.text.Truncator.chars and Truncator.words methods when html=True, as well ...

7.5CVSS5.6AI score0.00993EPSS
Exploits0References2
OSV
OSV
added 2026/02/03 3:30 p.m.3 views

GHSA-4RRR-2H4V-F3J9 Django has Inefficient Algorithmic Complexity

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

6.9CVSS5.9AI score0.00993EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/02/03 3:30 p.m.5 views

Django has Inefficient Algorithmic Complexity

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS5.5AI score0.00993EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2026/02/03 3:16 p.m.6 views

CVE-2026-1285

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS0.00993EPSS
Exploits0References3
PyPA
PyPA
added 2026/02/03 3:16 p.m.8 views

PYSEC-2026-45

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28.django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS7.1AI score0.00993EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/03 3:16 p.m.6 views

PYSEC-2026-45

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS7.1AI score0.00993EPSS
Exploits0References4
OSV
OSV
added 2026/02/03 3:16 p.m.4 views

CVE-2026-1285

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS5.5AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/03 2:35 p.m.6 views

CVE-2026-1285

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

5.5AI score0.00993EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/02/03 2:35 p.m.54 views

CVE-2026-1285 Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

0.00993EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/02/03 2:35 p.m.5 views

CVE-2026-1285

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS5.5AI score0.00993EPSS
Exploits0
OSV
OSV
added 2026/02/03 2:0 p.m.3 views

UBUNTU-CVE-2026-1285

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS7.1AI score0.00993EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:4 a.m.4 views

SUSE CVE-2009-1234

Opera 9.64 allows remote attackers to cause a denial of service application crash via an XML document containing a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 9.52 is also affected...

4.3CVSS6.8AI score0.07199EPSS
Exploits1References4
OSV
OSV
added 2016/03/08 12:0 a.m.5 views

UBUNTU-CVE-2016-1960

Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free by leveraging mishandling of end tags, as demonstrated by...

8.8CVSS7.7AI score0.31046EPSS
Exploits8References5
Rows per page
Query Builder