Package | Installed | Affected | Info |
---|---|---|---|
Django | 4.2.1 | <3.2.24 , >=4.0a1,<4.2.10 , >=5.0a1,<5.0.2 |
show Affected versions of Django are vulnerable to potential denial-of-service in intcomma template filter when used with very long strings. |
Django | 4.2.1 | <3.2.25 , >=4.0a1,<4.2.11 , >=5.0a1,<5.0.3 |
show Affected versions of Django are vulnerable to potential regular expression denial-of-service (REDoS). django.utils.text.Truncator.words() method (with html=True) and truncatewords_html template filter were subject to a potential regular expression denial-of-service attack using a suitably crafted string (follow up to CVE-2019-14232 and CVE-2023-43665). |
Django | 4.2.1 | <3.2.23 , >=4.0a1,<4.1.13 , >=4.2a1,<4.2.7 |
show Django 4.2.7, 4.1.13 and 3.2.23 include a fix for CVE-2023-46695: Potential denial of service vulnerability in UsernameField on Windows. https://www.djangoproject.com/weblog/2023/nov/01/security-releases |
Django | 4.2.1 | >=4.0a1,<4.1.10 , >=4.2a1,<4.2.3 , <3.2.20 |
show Affected versions of Django are vulnerable to a potential ReDoS (regular expression denial of service) in EmailValidator and URLValidator via a very large number of domain name labels of emails and URLs. |
Django | 4.2.1 | <3.2.22 , >=4.0a1,<4.1.12 , >=4.2a1,<4.2.6 |
show Affected versions of Django are vulnerable to Denial-of-Service via django.utils.text.Truncator. The django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232. |
Django | 4.2.1 | <3.2.21 , >=4.0a1,<4.1.11 , >=4.2a1,<4.2.5 |
show Affected versions of Django are vulnerable to potential Denial of Service via certain inputs with a very large number of Unicode characters in django.utils.encoding.uri_to_iri(). |
https://pyup.io/repos/github/agconti/cookiecutter-django-rest/python-3-shield.svg
[![Python 3](https://pyup.io/repos/github/agconti/cookiecutter-django-rest/python-3-shield.svg)](https://pyup.io/repos/github/agconti/cookiecutter-django-rest/)
.. image:: https://pyup.io/repos/github/agconti/cookiecutter-django-rest/python-3-shield.svg :target: https://pyup.io/repos/github/agconti/cookiecutter-django-rest/ :alt: Python 3
<a href="https://pyup.io/repos/github/agconti/cookiecutter-django-rest/"><img src="https://pyup.io/repos/github/agconti/cookiecutter-django-rest/shield.svg" alt="Python 3" /></a>
!https://pyup.io/repos/github/agconti/cookiecutter-django-rest/python-3-shield.svg(Python 3)!:https://pyup.io/repos/github/agconti/cookiecutter-django-rest/
{<img src="https://pyup.io/repos/github/agconti/cookiecutter-django-rest/python-3-shield.svg" alt="Python 3" />}[https://pyup.io/repos/github/agconti/cookiecutter-django-rest/]
https://pyup.io/repos/github/agconti/cookiecutter-django-rest/shield.svg
[![Updates](https://pyup.io/repos/github/agconti/cookiecutter-django-rest/shield.svg)](https://pyup.io/repos/github/agconti/cookiecutter-django-rest/)
.. image:: https://pyup.io/repos/github/agconti/cookiecutter-django-rest/shield.svg :target: https://pyup.io/repos/github/agconti/cookiecutter-django-rest/ :alt: Updates
<a href="https://pyup.io/repos/github/agconti/cookiecutter-django-rest/"><img src="https://pyup.io/repos/github/agconti/cookiecutter-django-rest/shield.svg" alt="Updates" /></a>
!https://pyup.io/repos/github/agconti/cookiecutter-django-rest/shield.svg(Updates)!:https://pyup.io/repos/github/agconti/cookiecutter-django-rest/
{<img src="https://pyup.io/repos/github/agconti/cookiecutter-django-rest/shield.svg" alt="Updates" />}[https://pyup.io/repos/github/agconti/cookiecutter-django-rest/]