VYPR

rpm package

suse/python-Django1&distro=SUSE Package Hub 15 SP5

pkg:rpm/suse/python-Django1&distro=SUSE%20Package%20Hub%2015%20SP5

Vulnerabilities (3)

  • CVE-2024-27351Mar 15, 2024
    affected < 1.11.29-bp155.4.9.1fixed 1.11.29-bp155.4.9.1

    In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this

  • CVE-2023-43665Nov 3, 2023
    affected < 1.11.29-bp155.4.6.1fixed 1.11.29-bp155.4.6.1

    In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML tex

  • CVE-2023-36053Jul 3, 2023
    affected < 1.11.29-bp155.4.3.1fixed 1.11.29-bp155.4.3.1

    In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.