rpm package
suse/python-Django1&distro=SUSE Package Hub 15 SP5
pkg:rpm/suse/python-Django1&distro=SUSE%20Package%20Hub%2015%20SP5
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-27351 | — | < 1.11.29-bp155.4.9.1 | 1.11.29-bp155.4.9.1 | Mar 15, 2024 | In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this | ||
| CVE-2023-43665 | — | < 1.11.29-bp155.4.6.1 | 1.11.29-bp155.4.6.1 | Nov 3, 2023 | In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML tex | ||
| CVE-2023-36053 | — | < 1.11.29-bp155.4.3.1 | 1.11.29-bp155.4.3.1 | Jul 3, 2023 | In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs. |
- CVE-2024-27351Mar 15, 2024affected < 1.11.29-bp155.4.9.1fixed 1.11.29-bp155.4.9.1
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this
- CVE-2023-43665Nov 3, 2023affected < 1.11.29-bp155.4.6.1fixed 1.11.29-bp155.4.6.1
In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML tex
- CVE-2023-36053Jul 3, 2023affected < 1.11.29-bp155.4.3.1fixed 1.11.29-bp155.4.3.1
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.