Lucene search
+L

179 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:21 a.m.3 views

SUSE CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS6.9AI score0.47102EPSS
Exploits0References7
OSV
OSV
added 2023/02/01 9:30 p.m.10 views

GHSA-Q2JF-H9JM-M7P4 Django contains Uncontrolled Resource Consumption via cached header

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

8.7CVSS6.8AI score0.47102EPSS
Exploits0References13
OSV
OSV
added 2023/02/01 7:15 p.m.2 views

DEBIAN-CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS6.8AI score0.47102EPSS
Exploits0References1
OSV
OSV
added 2023/02/01 7:15 p.m.2 views

PYSEC-2023-12

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS6.8AI score0.47102EPSS
Exploits0References4
OSV
OSV
added 2023/02/01 3:22 p.m.7 views

USN-5837-2 python-django vulnerability

USN-5837-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Nick Pope discovered that Django incorrectly handled certain Accept-Language headers. A remote attacker could possibly use this issue to cause Django to consu...

7.5CVSS6.9AI score0.47102EPSS
Exploits0References2
OSV
OSV
added 2023/02/01 10:0 a.m.3 views

UBUNTU-CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS6.8AI score0.47102EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/02/01 12:0 a.m.18 views

Django 安全漏洞

Django is the Django Foundation's set of open source Web application framework based on the Python language . The framework includes an object-oriented mapper, view system, template system and so on. A security vulnerability exists in Django version 3.2 up to and including version 3.2.17, version...

7.5CVSS6.8AI score0.47102EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2023/02/01 12:0 a.m.7 views

PT-2023-1350

Name of the Vulnerable Software and Affected Versions Django versions 3.2 through 3.2.16 Django versions 4.0 through 4.0.8 Django versions 4.1 through 4.1.5 Description The issue is related to the handling of the Accept-Language header in Django, which can lead to excessive memory usage and a...

8.7CVSS6.7AI score0.47102EPSS
Exploits0References173
OSV
OSV
added 2022/10/14 3:15 p.m.6 views

AZL-33575 CVE-2022-32149 affecting package containerized-data-importer for versions less than 1.55.0-20

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS6.7AI score0.01428EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.8 views

AZL-33598 CVE-2022-32149 affecting package keda for versions less than 2.4.0-23

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS6.7AI score0.01428EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.7 views

AZL-43963 CVE-2022-32149 affecting package containernetworking-plugins 1.1.1-17

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS6.7AI score0.01428EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.7 views

AZL-34903 CVE-2022-32149 affecting package kubevirt for versions less than 1.2.0-1

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS6.7AI score0.01428EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.9 views

AZL-45108 CVE-2022-32149 affecting package buildah for versions less than 1.41.4-2

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS6.7AI score0.01428EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.10 views

AZL-34839 CVE-2022-32149 affecting package keda for versions less than 2.14.0-1

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS6.7AI score0.01428EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.7 views

AZL-35041 CVE-2022-32149 affecting package node-problem-detector for versions less than 0.8.15-1

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS6.7AI score0.01428EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.7 views

AZL-33608 CVE-2022-32149 affecting package libcontainers-common for versions less than 20210626-6

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS6.7AI score0.01428EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.4 views

DEBIAN-CVE-2022-32149

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS6.9AI score0.01428EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.11 views

AZL-39609 CVE-2022-32149 affecting package cri-o for versions less than 1.22.3-8

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS6.9AI score0.01428EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.7 views

AZL-33583 CVE-2022-32149 affecting package gh for versions less than 2.13.0-22

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS6.7AI score0.01428EPSS
Exploits0References1
OSV
OSV
added 2022/10/14 3:15 p.m.9 views

AZL-33628 CVE-2022-32149 affecting package node-problem-detector for versions less than 0.8.17-2

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

7.5CVSS6.7AI score0.01428EPSS
Exploits0References1
Rows per page
Query Builder