Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-006301)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006301 advisory. An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allo...

5.3CVSS7.1AI score0.006EPSS
Exploits0References4
Mageia
Mageia
added 2025/06/25 5:31 a.m.9 views

Updated python-django packages fix security vulnerability

Potential log injection via unescaped request path. CVE-2025-48432...

5.3CVSS7.7AI score0.006EPSS
Exploits0References5
OSV
OSV
added 2025/06/05 3:15 a.m.4 views

CVE-2025-48432

An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are...

5.3CVSS7.6AI score
Exploits0References8
SUSE CVE
SUSE CVE
added 2025/06/05 3:14 a.m.2 views

SUSE CVE-2025-48432

An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are...

6.8CVSS7.4AI score0.006EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/06/05 12:0 a.m.13 views

CVE-2025-48432

An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are...

5.3CVSS7.7AI score0.006EPSS
Exploits0
Rows per page
Query Builder