Lucene search
K

72 matches found

OpenVAS
OpenVAS
added 2025/01/16 12:0 a.m.5 views

Django 4.x < 4.2.18, 5.0.x < 5.0.11, 5.1.x < 5.1.5 DoS Vulnerability - Linux

Django is prone to a denial of service DoS vulnerability in IPv6 validation. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.5AI score0.01854EPSS
Exploits0References1
Hacker One
Hacker One
added 2025/01/15 6:3 a.m.4 views

Internet Bug Bounty: CVE-2024-56374: Denial-of-service vulnerability in IPv6 validation

A denial-of-service vulnerability was discovered in Django's IPv6 validation. The lack of an upper bound limit enforcement in strings passed during IPv6 validation could lead to a potential denial-of-service attack. The vulnerable functions, cleanipv6address and isvalidipv6address, as well as the...

9.8CVSS5.8AI score0.01854EPSS
Exploits0
Hacker One
Hacker One
added 2025/01/15 4:48 a.m.1081 views

Internet Bug Bounty: CVE-2024-56374 Potential denial-of-service in IPv6 validation

CVE-2024-56374: Potential denial-of-service vulnerability in IPv6 validation A potential denial-of-service vulnerability was discovered in the IPv6 validation functions of Django. The lack of an upper bound limit on the length of input strings passed to the private functions cleanipv6address and...

7.5CVSS6.6AI score0.01854EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/01/14 11:20 p.m.10 views

CVE-2024-56374

A flaw was found in the Django framework. Lack of upper bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial of service attack. The undocumented and private functions cleanipv6address and isvalidipv6address were vulnerable, as was the...

5.8CVSS5.4AI score0.01854EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2025/01/14 9:31 p.m.6 views

Django has a potential denial-of-service vulnerability in IPv6 validation

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS6.7AI score0.01854EPSS
Exploits0References12Affected Software1
PyPA
PyPA
added 2025/01/14 7:15 p.m.10 views

PYSEC-2025-1

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS6.9AI score0.01854EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/01/14 7:15 p.m.5 views

CVE-2024-56374

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS0.01854EPSS
Exploits0References5
OSV
OSV
added 2025/01/14 7:15 p.m.2 views

DEBIAN-CVE-2024-56374

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS6.5AI score0.01854EPSS
Exploits0References1
OSV
OSV
added 2025/01/14 7:15 p.m.3 views

PYSEC-2025-1

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS6.5AI score0.01854EPSS
Exploits0References5
OSV
OSV
added 2025/01/14 7:15 p.m.12 views

CVE-2024-56374

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS5.5AI score
Exploits0References5
OSV
OSV
added 2025/01/14 2:0 p.m.4 views

UBUNTU-CVE-2024-56374

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS7.1AI score0.01854EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/14 12:0 a.m.49 views

CVE-2024-56374

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

5.8CVSS0.01854EPSS
Exploits0References3
CVE
CVE
added 2025/01/14 12:0 a.m.317 views

CVE-2024-56374

CVE-2024-56374 affects Django versions 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. The issue is a lack of upper-bound enforcement when validating IPv6 strings, making the undocumented private functions clean_ipv6_address and is_valid_ipv6_address and the django.forms.GenericIPAddr...

7.5CVSS6.8AI score0.01854EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2025/01/14 12:0 a.m.5 views

CVE-2024-56374

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

7.5CVSS7.2AI score0.01854EPSS
Exploits0
Rockylinux
Rockylinux
added 2024/12/19 4:17 a.m.15 views

python3:3.6.8 security update

An update is available for python3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language,...

7.8CVSS6.7AI score0.0067EPSS
Exploits0
OSV
OSV
added 2024/12/19 4:17 a.m.29 views

RLSA-2024:10779 Moderate: python3:3.6.8 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.8CVSS6.8AI score0.0067EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/12/19 12:0 a.m.15 views

RockyLinux 8 : python3:3.6.8 (RLSA-2024:10779)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:10779 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 python: Improper validation of IPv6 and IPvFuture addresses...

7.8CVSS6.8AI score0.0067EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.11 views

SUSE SLES12: libpython2_7-1_0 / libpython2_7-1_0-32bit / python / python-32bit / etc (SUSE-SU-2024:4165-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:4165-1 advisory. - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from...

6.3CVSS6.7AI score0.0067EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.15 views

SUSE SLES15 / openSUSE 15 Security Update : python (SUSE-SU-2024:4151-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4151-1 advisory. - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307 Other fixes: - Add ipaddress module from...

6.3CVSS6.6AI score0.0067EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.12 views

SUSE SLES12 Security Update : python36 (SUSE-SU-2024:4169-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:4169-1 advisory. - CVE-2024-11168: improper validation of IPv6 and IPvFuture addresses. bsc1233307 Bug fixes: - Remove -IVendor/ from python-config. bsc1231795 Tenable...

6.3CVSS6.6AI score0.0067EPSS
Exploits0References5
Rows per page
Query Builder