Lucene search
K

1909 matches found

RedhatCVE
RedhatCVE
added 2023/02/01 9:37 p.m.26 views

CVE-2023-23969

A flaw was found in python-django. The parsed values of the Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial of service vector via excessive memory usage if large header values are sent...

7.5CVSS7.2AI score0.47102EPSS
Exploits0References9
OSV
OSV
added 2023/02/01 9:30 p.m.2 views

GHSA-Q2JF-H9JM-M7P4 Django contains Uncontrolled Resource Consumption via cached header

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

8.7CVSS6.8AI score0.47102EPSS
Exploits0References13
Github Security Blog
Github Security Blog
added 2023/02/01 9:30 p.m.33 views

Django contains Uncontrolled Resource Consumption via cached header

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS7.4AI score0.47102EPSS
Exploits0References13Affected Software1
OSV
OSV
added 2023/02/01 7:15 p.m.23 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS7.3AI score
Exploits0References7
PyPA
PyPA
added 2023/02/01 7:15 p.m.5 views

PYSEC-2023-12

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS6.8AI score0.47102EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/02/01 6:15 p.m.4 views

CVE-2023-22664

On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in version 1.6.0, when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note:...

7.5CVSS7.1AI score
Exploits0References1
OSV
OSV
added 2023/02/01 6:15 p.m.6 views

CVE-2023-23552

On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.0 before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP Advanced WAF or BIG-IP ASM security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource...

7.5CVSS7.1AI score0.01545EPSS
Exploits0References1
CVE
CVE
added 2023/02/01 5:56 p.m.62 views

CVE-2023-22664

This CVE concerns F5 BIG-IP: when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, an undisclosed request can cause memory resource utilization to spike, potentially degrading performance or DoS. Affected versions include BIG-IP 17.0.x before 17.0.0.2,...

7.5CVSS7.7AI score0.00626EPSS
Exploits0References1Affected Software12
UbuntuCve
UbuntuCve
added 2023/02/01 10:0 a.m.35 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS6.8AI score0.47102EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/02/01 12:0 a.m.3 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.4AI score0.47102EPSS
Exploits0References7
CVE
CVE
added 2023/02/01 12:0 a.m.237 views

CVE-2023-23969

CVE-2023-23969 affects Django: parsing of Accept-Language headers is cached, enabling potential DoS via memory exhaustion if a very large header is received. Affected versions are Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6. Mitigation is to upgrade to fixed releases (3.2.17+...

7.5CVSS7.3AI score0.47102EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2023/02/01 12:0 a.m.47 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.7AI score0.47102EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2023/02/01 12:0 a.m.49 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS7.5AI score0.47102EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/02/01 12:0 a.m.35 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS7AI score0.47102EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/02/01 12:0 a.m.6 views

PT-2023-1350 · Django +6 · Django +6

Name of the Vulnerable Software and Affected Versions: Django versions 3.2 through 3.2.16 Django versions 4.0 through 4.0.8 Django versions 4.1 through 4.1.5 Description: The issue is related to the handling of the Accept-Language header in Django, which can lead to excessive memory usage and a...

9.8CVSS6.2AI score0.87218EPSS
Exploits29References153
Tenable Nessus
Tenable Nessus
added 2023/02/01 12:0 a.m.34 views

Debian dla-3306 : python-django - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3306 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3306-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS7AI score0.47102EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/01/18 12:0 a.m.7 views

PT-2023-18702 · Ruby +5 · Ruby +5

Name of the Vulnerable Software and Affected Versions: Active Support versions prior to 6.1.7.1 Active Support versions prior to 7.0.4.1 Description: The issue is related to insufficient input validation in the Inflector.underscore method, which can lead to a regular expression based DoS...

9.8CVSS6AI score0.04808EPSS
Exploits10References92
Github Security Blog
Github Security Blog
added 2022/12/28 12:30 a.m.44 views

yaml package for Go can consume excessive amounts of CPU or memory

Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory...

7.5CVSS7.6AI score0.017EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2022/12/27 10:15 p.m.0 views

DEBIAN-CVE-2022-3064

Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory...

7.5CVSS6.3AI score0.017EPSS
Exploits0References1
Prion
Prion
added 2022/12/27 10:15 p.m.34 views

Design/Logic Flaw

Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory...

5CVSS7.4AI score0.017EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder