Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2025/09/23 6:4 p.m.10 views

django: Django Path Injection Vulnerability

A flaw was found in Django. The request.path component of HTTP requests is not properly escaped when included in internal response logging, allowing remote attackers to manipulate log output through crafted URLs. This vulnerability allows an attacker to inject arbitrary content into Django's...

5.3CVSS7.2AI score0.006EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/08/26 9:2 p.m.4 views

django: Django Path Injection Vulnerability

A flaw was found in Django. The request.path component of HTTP requests is not properly escaped when included in internal response logging, allowing remote attackers to manipulate log output through crafted URLs. This vulnerability allows an attacker to inject arbitrary content into Django's...

5.3CVSS7.2AI score0.006EPSS
Exploits0References8
OSV
OSV
added 2025/06/05 3:15 a.m.1 views

DEBIAN-CVE-2025-48432

An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are...

5.3CVSS7.7AI score0.006EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/06/05 12:0 a.m.3 views

Django 4.x < 4.2.22, 5.0.x < 5.1.10, 5.2.x < 5.2.2 Log Injection Vulnerability - Linux

Django is prone to a log injection vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if...

5.3CVSS7.8AI score0.006EPSS
Exploits0References1
Rows per page
Query Builder