Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.5 views

Fedora 42 : python-django4.2 (2026-ca3d81129a)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ca3d81129a advisory. - Fixes CVE-2025-13473: Username enumeration through timing difference in modwsgi authentication handler - Fixes CVE-2025-14550: Potential...

8.5CVSS6AI score0.09436EPSS
Exploits2References7
OSV
OSV
added 2026/02/13 1:15 p.m.13 views

OESA-2026-1343 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django versions before 6.0.2, before 5.2.11, and before 4.2.28. The django.contrib.auth.handlers.modwsgi.checkpassword function for authentication via modwsg...

8.5CVSS6.9AI score0.09436EPSS
Exploits2References7
SUSE Linux
SUSE Linux
added 2026/02/11 9:38 a.m.8 views

Security update for python-Django

This update for python-Django fixes the following issues: CVE-2025-14550: Fixed potential denial-of-service via repeated headers when using ASGIbsc1257403 CVE-2026-1312: Fixed potential SQL injection via QuerySet.orderby and FilteredRelation bsc1257408 CVE-2026-1287: Fixed potential SQL injection...

8.1CVSS5.8AI score0.09436EPSS
Exploits2References24
OSV
OSV
added 2026/02/11 9:38 a.m.3 views

SUSE-SU-2026:0440-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2025-14550: Fixed potential denial-of-service via repeated headers when using ASGIbsc1257403 - CVE-2026-1312: Fixed potential SQL injection via QuerySet.orderby and FilteredRelation bsc1257408 - CVE-2026-1287: Fixed potential SQL...

8.5CVSS5.9AI score0.09436EPSS
Exploits2References13
OSV
OSV
added 2026/02/07 1:45 p.m.5 views

OPENSUSE-SU-2026:20184-1 Security update for python-Django

This update for python-Django fixes the following issues: Changes in python-Django: - CVE-2026-1312: Fixed potential SQL injection via QuerySet.orderby and FilteredRelation bsc1257408. - CVE-2026-1287: Fixed potential SQL injection in column aliases via control characters bsc1257407. -...

8.5CVSS5.9AI score0.09436EPSS
Exploits2References12
OSV
OSV
added 2026/02/06 3:57 p.m.7 views

OESA-2026-1307 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django versions before 6.0.2, before 5.2.11, and before 4.2.28. The django.contrib.auth.handlers.modwsgi.checkpassword function for authentication via modwsg...

8.5CVSS6.9AI score0.09436EPSS
Exploits2References7
Mageia
Mageia
added 2026/02/06 5:11 a.m.26 views

Updated python-django packages fix security vulnerabilities

Username enumeration through timing difference in modwsgi authentication handler. CVE-2025-13473 Potential denial-of-service vulnerability via repeated headers when using ASGI. CVE-2025-14550 Potential SQL injection via raster lookups on PostGIS. CVE-2026-1207 Potential denial-of-service...

8.5CVSS5.6AI score0.09436EPSS
Exploits2References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/04 12:0 a.m.5 views

Security update for python-Django (important)

openSUSE Security Update: Security update for python-Django Announcement ID: openSUSE-SU-2026:0037-1 Rating: important References: 1257401 1257405 1257406 1257407 1257408 Cross-References: CVE-2025-13473 CVE-2026-1207 CVE-2026-1285 CVE-2026-1287 CVE-2026-1312 CVSS scores: CVE-2025-13473 SUSE: 7.5...

8.1CVSS5.7AI score0.09436EPSS
Exploits2References5
AlpineLinux
AlpineLinux
added 2026/02/03 2:35 p.m.5 views

CVE-2026-1285

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS5.5AI score0.00993EPSS
Exploits0
OSV
OSV
added 2023/11/03 5:15 a.m.5 views

PYSEC-2023-226

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

7.5CVSS6.8AI score0.01236EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2018/03/06 12:0 a.m.6 views

PT-2018-1903 · Django +1 · Django +1

Name of the Vulnerable Software and Affected Versions: Django versions 2.0 before 2.0.3 Django versions 1.11 before 1.11.11 Django versions 1.8 before 1.8.19 Description: The issue is related to a catastrophic backtracking vulnerability in a regular expression used by the...

9.8CVSS6.1AI score0.87218EPSS
Exploits29References133
Rows per page
Query Builder