98 matches found
EUVD-2015-0010
Malware in sbrugna...
EUVD-2021-0065
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2023-36053
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS regular expression denial o...
BIT-DJANGO-2021-32052
In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 with Python 3.9.5+, URLValidator does not prohibit newlines and tabs unless the URLField form field is used. If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffecte...
BIT-DJANGO-2021-33571
In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validateipv4address, and validateipv46address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. validateipv4address and...
BIT-DJANGO-2023-36053
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS regular expression denial of service attack via a very large number of domain name labels of emails and URLs...
MGASA-2023-0330 Updated python-django package fixes security vulnerability
It was discovered that python-django EmailValidator and URLValidator were subject to potential regular expression denial of service attack via a very large number of domain name labels of emails and URLs CVE-2023-36053...
Updated python-django package fixes security vulnerability
It was discovered that python-django EmailValidator and URLValidator were subject to potential regular expression denial of service attack via a very large number of domain name labels of emails and URLs CVE-2023-36053...
ROS-20230911-10
Vulnerability of EmailValidator and URLValidator components of Django web application software platform is related to the use of regular expression with inefficient computational complexity when processing domain name labels in emails and URLs. domain name labels in emails and URLs. Exploitation ...
SUSE-SU-2023:3202-1 Security update for python-Django1
This update for python-Django1 fixes the following issues: - CVE-2023-36053: Fixed regular expression denial of service vulnerability in EmailValidator/URLValidator bsc1212742...
SUSE-SU-2023:3167-1 Security update for python-Django
This update for python-Django fixes the following issues: - CVE-2023-36053: Fixed potential regular expression denial of service vulnerability in EmailValidator/URLValidator bsc1212742...
[SECURITY] [DLA 3500-1] python-django security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3500-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb July 19, 2023 https://wiki.debian.org/LTS -...
OPENSUSE-SU-2023:0176-1 Security update for python-Django1
This update of python-Django1 fixes the following issue: - CVE-2023-36053: Fixed potential regular expression denial of service vulnerability in EmailValidator/URLValidator boo1212742...
Security update for python-Django1 (important)
openSUSE Security Update: Security update for python-Django1 Announcement ID: openSUSE-SU-2023:0177-1 Rating: important References: 1212742 Cross-References: CVE-2023-36053 CVSS scores: CVE-2023-36053 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-36053 SUSE: 5.9...
Regular Expression Denial Of Service (ReDoS)
django is vulnerable to Regular Expression Denial of Service ReDoS. A remote attacker is able to cause denial of service conditions through the EmailValidator or URLValidator functions via submitting a large number of domain name labels of emails and URLs...
Django 3.2.x < 3.2.20, 4.1.x < 4.1.10, 4.2.x < 4.2.3 ReDoS Vulnerability - Linux
Django is prone to a regular expression denial of service ReDoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2023-36053
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS regular expression denial of service attack via a very large number of domain name labels of emails and URLs...
UBUNTU-CVE-2023-36053
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS regular expression denial of service attack via a very large number of domain name labels of emails and URLs...
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS regular expression denial of service attack via a very large number of domain name labels of emails and URLs...
CVE-2023-36053
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS regular expression denial of service attack via a very large number of domain name labels of emails and URLs...