18 matches found
Fedora 38 : python-django3 (2023-a74513bda8)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a74513bda8 advisory. Security fixes for CVE-2022-24580 and CVE-2023-41323 Tenable has extracted the preceding description block directly from the Fedora security advisor...
Fedora 36 : python-django3 (2023-3d775d93be)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3d775d93be advisory. Security fixes for CVE-2022-24580 and CVE-2023-41323 Tenable has extracted the preceding description block directly from the Fedora security advisor...
Fedora 37 : python-django3 (2023-bde7913e5a)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-bde7913e5a advisory. Security fixes for CVE-2022-24580 and CVE-2023-41323 Tenable has extracted the preceding description block directly from the Fedora security advisor...
openSUSE 15 Security Update : python-Django (openSUSE-SU-2023:0062-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0062-1 advisory. - An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs...
Debian dla-3329 : python-django - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3329 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3329-1 [email protected] https://www.debian.org/lts/security/...
Resource exhaustion in Django
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...
GHSA-2HRW-HX67-34X6 Resource exhaustion in Django
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...
CVE-2023-24580
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...
CVE-2023-24580
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...
DEBIAN-CVE-2023-24580
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...
Design/Logic Flaw
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...
PYSEC-2023-13
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...
CVE-2023-24580
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...
CVE-2023-24580
The CVE-2023-24580 issue affects Django’s Multipart Request Parser, impacting Django 3.2 up to 3.2.17, Django 4.0 up to 4.0.9, and Django 4.1 up to 4.1.6. Passing excessive multipart form parts can exhaust file descriptors or memory, enabling denial-of-service. Remediation is available: upgrade t...
CVE-2023-24580
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...
CVE-2023-24580
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...
CVE-2023-24580
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...
CVE-2023-24580
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...