|
Django
|
4.2.1
|
<4.2.15 ,
>=5.0a1,<5.0.8
|
show Django has a potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget. The urlize and urlizetrunc functions, along with AdminURLFieldWidget, are vulnerable to denial-of-service attacks when handling inputs with a very large number of Unicode characters. |
|
Django
|
4.2.1
|
<4.2.17 ,
>=5.0a1,<5.0.10 ,
>=5.1a1,<5.1.4
|
show Affected versions of Django are vulnerable to a potential denial-of-service (DoS) attack in the `django.utils.html.strip_tags()` method. The vulnerability occurs when the `strip_tags()` method or the `striptags` template filter processes inputs containing large sequences of nested, incomplete HTML entities. |
|
Django
|
4.2.1
|
<4.2.14 ,
>=5.0a1,<5.0.7
|
show Affected versions of Django are affected by a directory-traversal vulnerability in the Storage.save() method. Derived classes of the django.core.files.storage.Storage base class that overrides the generate_filename() method without replicating the file path validations existing in the parent class could allow for directory traversal via certain inputs when calling save(). This could enable an attacker to manipulate file paths and access unintended directories. |
|
Django
|
4.2.1
|
<4.2.16 ,
>=5.0a1,<5.0.9 ,
>=5.1a1,<5.1.1
|
show A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses. |
|
Django
|
4.2.1
|
<3.2.23 ,
>=4.0a1,<4.1.13 ,
>=4.2a1,<4.2.7
|
show Django 4.2.7, 4.1.13 and 3.2.23 include a fix for CVE-2023-46695: Potential denial of service vulnerability in UsernameField on Windows.
https://www.djangoproject.com/weblog/2023/nov/01/security-releases |
|
Django
|
4.2.1
|
>=4.2a1,<4.2.25 ,
>=5.1a1,<5.1.13 ,
>=5.2a1,<5.2.7
|
show Affected versions of the Django package are vulnerable to SQL Injection due to insufficient neutralization of user-controlled column alias names provided via dictionary expansion. The QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() methods accept **kwargs whose keys are used as column aliases, and on MySQL and MariaDB, those identifiers are not safely quoted, permitting crafted input to be incorporated into the generated SQL. |
|
Django
|
4.2.1
|
<4.2.14 ,
>=5.0a1,<5.0.7
|
show Affected versions of Django are potentially vulnerable to denial-of-service via the get_supported_language_variant() method. This method was susceptible to a denial-of-service attack when used with very long strings containing specific characters. Exploiting this vulnerability could cause significant delays or crashes in the affected application, potentially leading to service disruption. |
|
Django
|
4.2.1
|
>=5.1a1,<5.1.5 ,
>=5.0a1,<5.0.11 ,
>=4.2a1,<4.2.18
|
show Affected versions of Django are vulnerable to a potential denial-of-service attack due to improper IPv6 validation. The lack of upper limit enforcement for input strings in clean_ipv6_address, is_valid_ipv6_address, and the django.forms.GenericIPAddressField form field allowed attackers to exploit overly long inputs, causing resource exhaustion. The vulnerability is addressed by defining a max_length of 39 characters for affected form fields. The django.db.models.GenericIPAddressField model field was not impacted. Users should upgrade promptly. |
|
Django
|
4.2.1
|
<4.2.26 ,
>=5.1a1,<5.1.14 ,
>=5.2a1,<5.2.8
|
show CVE-2025-64458: Affected versions of the Django package are vulnerable to Denial of Service (DoS) due to slow Unicode NFKC normalization on Windows being applied to untrusted inputs. The django.contrib.auth.views.LoginView and django.contrib.auth.views.LogoutView, and django.views.i18n.set_language normalize user-controlled strings using Python’s NFKC algorithm, which is unusually slow on Windows for huge Unicode sequences and can be triggered to consume excessive CPU. |
|
Django
|
4.2.1
|
<4.2.26 ,
>=5.1a1,<5.1.14 ,
>=5.2a1,<5.2.8
|
show CVE-2025-64459: Affected versions of the Django package are vulnerable to SQL Injection due to improper input validation, allowing the internal _connector keyword argument to be accepted from untrusted dictionaries via expansion. The .filter(), .exclude(), and .get() methods on QuerySet, as well as the Q class, resolve **kwargs and will treat a supplied _connector value as the logical connector without constraining it to the expected set (AND/OR), permitting attacker-controlled tokens to influence SQL predicate construction. |
|
Django
|
4.2.1
|
<3.2.25 ,
>=4.0a1,<4.2.11 ,
>=5.0a1,<5.0.3
|
show Affected versions of Django are vulnerable to potential regular expression denial-of-service (REDoS). django.utils.text.Truncator.words() method (with html=True) and truncatewords_html template filter were subject to a potential regular expression denial-of-service attack using a suitably crafted string (follow up to CVE-2019-14232 and CVE-2023-43665). |
|
Django
|
4.2.1
|
<4.2.14 ,
>=5.0a1,<5.0.7
|
show Affected versions of Django are affected by a potential denial-of-service vulnerability in the django.utils.html.urlize() function. The urlize and urlizetrunc template filters were susceptible to a denial-of-service attack via certain inputs containing many brackets. An attacker could exploit this vulnerability to cause significant delays or crashes in the affected application. |
|
Django
|
4.2.1
|
<4.2.16 ,
>=5.0a1,<5.0.9 ,
>=5.1a1,<5.1.1
|
show A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters. |
|
Django
|
4.2.1
|
>=5.2a1,<5.2.2 ,
>=5.0a1,<5.1.10 ,
<4.2.22
|
show An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are viewed in terminals or processed by external systems. |
|
Django
|
4.2.1
|
<4.2.21 ,
>=5.2a1,<5.2.1 ,
>=5.1.0a1,<5.1.9
|
show An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.strip_tags() function is vulnerable to a potential denial-of-service (slow performance) when processing inputs containing large sequences of incomplete HTML tags. The template filter striptags is also vulnerable, because it is built on top of strip_tags(). |
|
Django
|
4.2.1
|
<4.2.15 ,
>=5.0a1,<5.0.8
|
show Django addresses a memory exhaustion issue in django.utils.numberformat.floatformat(). When floatformat receives a string representation of a number in scientific notation with a large exponent, it could lead to excessive memory consumption. To prevent this, decimals with more than 200 digits are now returned as-is. |
|
Django
|
4.2.1
|
<4.2.17 ,
>=5.0a1,<5.0.10 ,
>=5.1a1,<5.1.4
|
show Django affected versions are vulnerable to a potential SQL injection in the HasKey(lhs, rhs) lookup on Oracle databases. The vulnerability arises when untrusted data is directly used as the lhs value in the django.db.models.fields.json.HasKey lookup. However, applications using the jsonfield.has_key lookup with the __ syntax remain unaffected by this issue. |
|
Django
|
4.2.1
|
>=4.0a1,<4.1.10 ,
>=4.2a1,<4.2.3 ,
<3.2.20
|
show Affected versions of Django are vulnerable to a potential ReDoS (regular expression denial of service) in EmailValidator and URLValidator via a very large number of domain name labels of emails and URLs. |
|
Django
|
4.2.1
|
<4.2.24 ,
>=5.0a1,<5.1.12 ,
>=5.2a1,<5.2.6
|
show Affected versions of the Django package are vulnerable to SQL Injection due to insufficient input sanitization in FilteredRelation column aliases. The FilteredRelation class fails to properly validate or escape column alias names when they are provided through dictionary expansion as keyword arguments to QuerySet.annotate() or QuerySet.alias() methods, allowing malicious SQL code to be injected directly into the generated database queries. |
|
Django
|
4.2.1
|
<4.2.14 ,
>=5.0a1,<5.0.7
|
show Affected versions of Django are affected by a username enumeration vulnerability caused by timing differences in the django.contrib.auth.backends.ModelBackend.authenticate() method. This method allowed remote attackers to enumerate users through a timing attack involving login requests for users with unusable passwords. The timing difference in the authentication process exposed whether a username was valid or not, potentially aiding attackers in gaining unauthorized access. |
|
Django
|
4.2.1
|
<3.2.24 ,
>=4.0a1,<4.2.10 ,
>=5.0a1,<5.0.2
|
show Affected versions of Django are vulnerable to potential denial-of-service in intcomma template filter when used with very long strings. |
|
Django
|
4.2.1
|
<3.2.21 ,
>=4.0a1,<4.1.11 ,
>=4.2a1,<4.2.5
|
show Affected versions of Django are vulnerable to potential Denial of Service via certain inputs with a very large number of Unicode characters in django.utils.encoding.uri_to_iri(). |
|
Django
|
4.2.1
|
<4.2.15 ,
>=5.0a1,<5.0.8
|
show Affected versions of Django has a potential SQL injection vulnerability in the QuerySet.values() and QuerySet.values_list() methods. When used on models with a JSONField, these methods are susceptible to SQL injection through column aliases if a crafted JSON object key is passed as an argument. |
|
Django
|
4.2.1
|
>=5.0,<5.0.8 ,
>=4.2,<4.2.15
|
show Affected versions of the Django package are vulnerable to Denial of Service due to uncontrolled memory consumption in the floatformat template filter. The floatformat filter fails to handle string representations of numbers in scientific notation with large exponents efficiently, causing excessive memory allocation when rendering such inputs. An attacker can exploit this by supplying a template with a floatformat filter applied to a specially crafted scientific notation number, leading to memory exhaustion and service unavailability. |
|
Django
|
4.2.1
|
<3.2.22 ,
>=4.0a1,<4.1.12 ,
>=4.2a1,<4.2.6
|
show Affected versions of Django are vulnerable to Denial-of-Service via django.utils.text.Truncator. The django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232. |
|
Django
|
4.2.1
|
>=4.2a1,<4.2.25 ,
>=5.1a1,<5.1.13 ,
>=5.2a1,<5.2.7
|
show Affected versions of the Django package are vulnerable to Path Traversal due to improper validation of archive member paths during extraction. The django.utils.archive.extract() function—used by the startapp --template and startproject --template commands—checked path prefixes instead of using canonicalised paths, allowing archive entries whose names share a prefix with the destination to resolve outside the intended directory. |
|
Django
|
4.2.1
|
>=4.2a1,< 4.2.20 ,
>=5.0a1,< 5.0.13 ,
>=5.1a1,< 5.1.7
|
show Affected versions of Django are vulnerable to a potential denial-of-service in django.utils.text.wrap(). The django.utils.text.wrap() and wordwrap template filter were subject to a potential denial-of-service attack when used with very long strings. |
|
gunicorn
|
20.1.0
|
<22.0.0
|
show Affected versions of the gunicorn package are vulnerable to HTTP Request/Response Smuggling due to improper validation of the Transfer-Encoding header that enables a TE.CL desynchronisation condition. Gunicorn’s HTTP parser does not consistently enforce RFC semantics when parsing conflicting or unsupported request framing—such as messages containing both Transfer-Encoding and Content-Length—so the backend may fall back to Content-Length while an intermediary treats the message as chunked. |
|
gunicorn
|
20.1.0
|
<22.0.0
|
show Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn's handling of Transfer-Encoding headers, where it incorrectly processes requests with multiple, conflicting Transfer-Encoding headers, treating them as chunked regardless of the final encoding specified. This vulnerability allows for a range of attacks including cache poisoning, session manipulation, and data exposure. |
|
gunicorn
|
20.1.0
|
<21.2.0
|
show A time-based vulnerability in Gunicorn affected versions allows an attacker to disrupt service by manipulating the system clock, causing premature worker timeouts and potential denial-of-service (DoS) conditions. The issue stems from the use of time.time() in the worker timeout logic, which can be exploited if an attacker gains the ability to change the system time. |
|
djangorestframework
|
3.14.0
|
<3.15.2
|
show Affected versions of the package djangorestframework are vulnerable to Cross-site Scripting (XSS) via the break_long_headers template filter due to improper input sanitization before splitting and joining with <br> tags. |
Update psycopg2-binary from 2.9.6 to 2.9.9
