Lucene search

K
ubuntuUbuntuUSN-6378-1
HistorySep 18, 2023 - 12:00 a.m.

Django vulnerability

2023-09-1800:00:00
ubuntu.com
17
django
uris
vulnerability
ubuntu
python-django
denial of service
unicode characters

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.8%

Releases

  • Ubuntu 23.04
  • Ubuntu 22.04 LTS
  • Ubuntu 20.04 LTS

Packages

  • python-django - High-level Python web development framework

Details

It was discovered that Django incorrectly handled certain URIs with a very
large number of Unicode characters. A remote attacker could possibly use
this issue to cause Django to consume resources or crash, leading to a
denial of service.

OSVersionArchitecturePackageVersionFilename
Ubuntu23.04noarchpython3-django< 3:3.2.18-1ubuntu0.4UNKNOWN
Ubuntu23.04noarchpython-django-doc< 3:3.2.18-1ubuntu0.4UNKNOWN
Ubuntu22.04noarchpython3-django< 2:3.2.12-2ubuntu1.8UNKNOWN
Ubuntu22.04noarchpython-django-doc< 2:3.2.12-2ubuntu1.8UNKNOWN
Ubuntu20.04noarchpython3-django< 2:2.2.12-1ubuntu0.19UNKNOWN
Ubuntu20.04noarchpython-django-doc< 2:2.2.12-1ubuntu0.19UNKNOWN

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.8%