Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2025/05/06 8:31 p.m.4 views

django: potential denial-of-service vulnerability in IPv6 validation

A flaw was found in the Django framework. Lack of upper bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial of service attack. The undocumented and private functions cleanipv6address and isvalidipv6address were vulnerable, as was the...

7.5CVSS7.1AI score0.01854EPSS
Exploits0References8
OSV
OSV
added 2025/03/10 8:13 a.m.13 views

BIT-DJANGO-2024-56374

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS7AI score0.01854EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/01/28 7:20 p.m.3 views

django: potential denial-of-service vulnerability in IPv6 validation

A flaw was found in the Django framework. Lack of upper bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial of service attack. The undocumented and private functions cleanipv6address and isvalidipv6address were vulnerable, as was the...

7.5CVSS7.1AI score0.01854EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2014/04/30 7:1 p.m.4 views

python-django: MySQL typecasting

The 1 FilePathField, 2 GenericIPAddressField, and 3 IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, relate...

10CVSS5.9AI score0.04753EPSS
Exploits0References4
PyPA
PyPA
added 2014/04/23 3:55 p.m.8 views

PYSEC-2014-3

The 1 FilePathField, 2 GenericIPAddressField, and 3 IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, relate...

10CVSS7.2AI score0.04753EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder