72 matches found
Django 4.x < 4.2.18, 5.0.x < 5.0.11, 5.1.x < 5.1.5 DoS Vulnerability - Linux
Django is prone to a denial of service DoS vulnerability in IPv6 validation. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Internet Bug Bounty: CVE-2024-56374: Denial-of-service vulnerability in IPv6 validation
A denial-of-service vulnerability was discovered in Django's IPv6 validation. The lack of an upper bound limit enforcement in strings passed during IPv6 validation could lead to a potential denial-of-service attack. The vulnerable functions, cleanipv6address and isvalidipv6address, as well as the...
Internet Bug Bounty: CVE-2024-56374 Potential denial-of-service in IPv6 validation
CVE-2024-56374: Potential denial-of-service vulnerability in IPv6 validation A potential denial-of-service vulnerability was discovered in the IPv6 validation functions of Django. The lack of an upper bound limit on the length of input strings passed to the private functions cleanipv6address and...
CVE-2024-56374
A flaw was found in the Django framework. Lack of upper bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial of service attack. The undocumented and private functions cleanipv6address and isvalidipv6address were vulnerable, as was the...
Django has a potential denial-of-service vulnerability in IPv6 validation
An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...
PYSEC-2025-1
An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...
CVE-2024-56374
An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...
DEBIAN-CVE-2024-56374
An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...
PYSEC-2025-1
An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...
CVE-2024-56374
An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...
UBUNTU-CVE-2024-56374
An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...
CVE-2024-56374
An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...
CVE-2024-56374
CVE-2024-56374 affects Django versions 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. The issue is a lack of upper-bound enforcement when validating IPv6 strings, making the undocumented private functions clean_ipv6_address and is_valid_ipv6_address and the django.forms.GenericIPAddr...
CVE-2024-56374
An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...
python3:3.6.8 security update
An update is available for python3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language,...
RLSA-2024:10779 Moderate: python3:3.6.8 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
RockyLinux 8 : python3:3.6.8 (RLSA-2024:10779)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:10779 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 python: Improper validation of IPv6 and IPvFuture addresses...
SUSE SLES12: libpython2_7-1_0 / libpython2_7-1_0-32bit / python / python-32bit / etc (SUSE-SU-2024:4165-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:4165-1 advisory. - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from...
SUSE SLES15 / openSUSE 15 Security Update : python (SUSE-SU-2024:4151-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4151-1 advisory. - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from...
SUSE SLES12 Security Update : python36 (SUSE-SU-2024:4169-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:4169-1 advisory. - CVE-2024-11168: improper validation of IPv6 and IPvFuture addresses. bsc1233307 Bug fixes: - Remove -IVendor/ from python-config. bsc1231795 Tenable...