Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-017339)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017339 advisory. An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize and urlizetrunc template filters are subject to a potential...

7.5CVSS6.9AI score0.02254EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/02/12 12:11 a.m.3 views

python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()

A flaw was found in Django. Processing very large inputs with a specific sequence of characters with the urlize and urlizetrunc functions can cause a denial of service...

7.5CVSS7.1AI score0.01222EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/02/12 12:11 a.m.1 views

python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget

A flaw was found in Django. 'urlize', 'urlizetrunc', and 'AdminURLFieldWidget' may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters...

7.5CVSS7AI score0.0091EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/05 5:49 p.m.2 views

python-django: Potential denial-of-service in django.utils.html.urlize()

A vulnerability was found in the Django framework's urlize and urlizetrunc functions, where an attacker can input a certain string containing a large number of brackets, leads to a potential denial of service when the application attempts to process the excessive input...

7.5CVSS7AI score0.00304EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/10/28 1:27 p.m.0 views

python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()

A flaw was found in Python's Django urlize and urlizetrunc functions. Excessive input with a specific sequence of characters may lead to denial of service...

7.5CVSS7.1AI score0.02254EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/10/10 8:31 p.m.0 views

python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget

A flaw was found in Django. 'urlize', 'urlizetrunc', and 'AdminURLFieldWidget' may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters...

7.5CVSS7AI score0.0091EPSS
Exploits0References5
PyPA
PyPA
added 2024/10/08 4:15 p.m.5 views

PYSEC-2024-102

An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...

7.5CVSS6.9AI score0.02254EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2024/09/05 2:13 p.m.1 views

python-django: Potential denial-of-service in django.utils.html.urlize()

A vulnerability was found in the Django framework's urlize and urlizetrunc functions, where an attacker can input a certain string containing a large number of brackets, leads to a potential denial of service when the application attempts to process the excessive input...

7.5CVSS7AI score0.00304EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2024/08/07 3:30 p.m.19 views

Django vulnerable to a denial-of-service attack

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...

7.5CVSS6.5AI score0.01222EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2024/08/07 3:15 p.m.22 views

CVE-2024-41990

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...

7.5CVSS6.5AI score
Exploits0References4
OSV
OSV
added 2024/08/07 3:15 p.m.1 views

DEBIAN-CVE-2024-41990

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...

7.5CVSS6.7AI score0.01222EPSS
Exploits0References1
PyPA
PyPA
added 2024/08/07 3:15 p.m.4 views

PYSEC-2024-68

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...

7.5CVSS7AI score0.01222EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/07/10 6:33 a.m.0 views

GHSA-QG2P-9JWR-MMQF Django vulnerable to Denial of Service

An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets...

8.7CVSS6.8AI score0.00304EPSS
Exploits0References9
OSV
OSV
added 2024/07/10 5:15 a.m.0 views

PYSEC-2024-56

An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets...

7.5CVSS6.4AI score0.00304EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/07/10 3:25 a.m.1 views

SUSE CVE-2024-38875

An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets...

7.5CVSS7.6AI score0.00304EPSS
Exploits0References6
Hacker One
Hacker One
added 2024/07/09 4:15 p.m.69 views

Internet Bug Bounty: CVE-2024-38875: Denial-Of-Service through uncontrolled resource consumption caused by poor time complexity of strip_punctuation .

The vulnerability CVE-2024-38875 was discovered in the strippunctuation function used by the urlize and urlizetrunc filters. The function had a poor time complexity of On^2 in the worst case, which could lead to uncontrolled resource consumption when processing input with a large number of openin...

7.5CVSS6AI score0.00304EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2019/02/04 11:51 p.m.2 views

django: Catastrophic backtracking in regular expressions via 'urlize' and 'urlizetrunc'

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...

5.3CVSS7.2AI score0.01372EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/01/16 5:53 p.m.2 views

django: Catastrophic backtracking in regular expressions via 'urlize' and 'urlizetrunc'

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...

5.3CVSS7.2AI score0.01372EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2019/01/04 5:50 p.m.43 views

Django denial-of-service possibility in urlize and urlizetrunc template filters

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...

5.3CVSS5.8AI score0.01372EPSS
Exploits0References15Affected Software1
OSV
OSV
added 2019/01/04 5:50 p.m.0 views

GHSA-R28V-MW67-M5P9 Django denial-of-service possibility in urlize and urlizetrunc template filters

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...

6.9CVSS6.8AI score0.01372EPSS
Exploits0References16
Rows per page
Query Builder