Astra Linux - уязвимость в python-django

A issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. The urlize and urlizetrunc functions were vulnerable to a potential denial-of-service attack due to certain inputs containing an extremely large number of brackets...

EUVD-2018-0040

Malware in sbrugna...

BIT-DJANGO-2024-38875

An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets...

python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()

A flaw was found in Django. Processing very large inputs with a specific sequence of characters with the urlize and urlizetrunc functions can cause a denial of service...

Internet Bug Bounty: CVE-2024-45230 - Potential denial-of-service in django.utils.html.urlize() (Another pattern)

CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize The django.utils.html.urlize and urlizetrunc functions were affected by a potential denial-of-service vulnerability. Very large inputs containing a specific sequence of characters could have resulted in reduced...

python-django: Potential denial-of-service in django.utils.html.urlize()

A vulnerability was found in the Django framework's urlize and urlizetrunc functions, where an attacker can input a certain string containing a large number of brackets, leads to a potential denial of service when the application attempts to process the excessive input...

Internet Bug Bounty: CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize()

CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize A vulnerability was reported in the Django web framework's urlize function, which could lead to a denial-of-service attack. The issue was caused by a slow pattern in the urlize function when processing a user input string...

python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget

A flaw was found in Django. 'urlize', 'urlizetrunc', and 'AdminURLFieldWidget' may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters...

python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()

A flaw was found in Django. Processing very large inputs with a specific sequence of characters with the urlize and urlizetrunc functions can cause a denial of service...

OESA-2024-1948 python-django security update

Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with ...

CVE-2024-38875

A vulnerability was found in the Django framework's urlize and urlizetrunc functions, where an attacker can input a certain string containing a large number of brackets, leads to a potential denial of service when the application attempts to process the excessive input. Mitigation Mitigation for...

UBUNTU-CVE-2024-38875

An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets...

PT-2024-6225

Name of the Vulnerable Software and Affected Versions: Django versions 4.2 through 4.2.13 Django versions 5.0 through 5.0.6 Description: The issue is related to a potential denial of service attack via certain inputs with a very large number of brackets in the urlize and urlizetrunc functions. Th...

Regular Expression Denial of Service (ReDoS)

Overview Jinja2 is a template engine written in pure Python. It provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. The ReDoS vulnerability ...

Security update for python-Jinja2 (moderate)

openSUSE Security Update: Security update for python-Jinja2 Announcement ID: openSUSE-SU-2019:0244-1 Rating: moderate References: 858239 Cross-References: CVE-2014-0012 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 An update that fixes one vulnerability is now...

CVE-2018-7536

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...

DEBIAN-CVE-2018-7536

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...

CVE-2018-7536

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...

Information Exposure

Overview django is a Python Web framework. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS attacks. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking in two regular expressions. The...

openSUSE Security Update : python-Jinja2 (openSUSE-2016-1159)

This update for python-Jinja2 fixes the following issues : Update to version 2.8 : - Added target parameter to urlize function. - Added support for followsymlinks to the file system loader. - The truncate filter now counts the length. - Added equalto filter that helps with select filters. - Chang...