CVSS: 7.8EPSS: 15%CPEs: 3EXPL: 0CVE-2022-41323 – python-django: Potential denial-of-service vulnerability in internationalized URLs
https://notcve.org/view.php?id=CVE-2022-41323
04 Oct 2022 — In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression. En Django versiones 3.2 anteriores a 3.2.16, 4.0 anteriores a 4.0.8, y 4.1 anteriores a 4.1.2, las URLs internacionalizadas estaban sujetas a un potencial ataque de denegación de servicio por medio del parámetro locale, que es tratado como una expresión regular A denial of service flaw was discover... • https://docs.djangoproject.com/en/4.0/releases/security • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-36359 – Debian Security Advisory 5254-1
https://notcve.org/view.php?id=CVE-2022-36359
03 Aug 2022 — An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input. Se ha detectado un problema en la clase HTTP FileResponse en Django versiones 3.2 anteriores a 3.2.15 y 4.0 anteriores a 4.0.7. Una aplicación es vulnerable a un ataque de descarga de archivos reflejada (RFD) que establece... • http://www.openwall.com/lists/oss-security/2022/08/03/1 • CWE-494: Download of Code Without Integrity Check •
CVSS: 9.8EPSS: 93%CPEs: 2EXPL: 4CVE-2022-34265 – python-django: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments
https://notcve.org/view.php?id=CVE-2022-34265
04 Jul 2022 — An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected. Se ha detectado un problema en Django versiones 3.2 anteriores a 3.2.14 y 4.0 anteriores a 4.0.6. Las funciones de base de datos Trunc() y Extract() están sujetas a inyección SQL si son usados datos no confiables... • https://github.com/aeyesec/CVE-2022-34265 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 5CVE-2022-28346 – Django: SQL injection in QuerySet.annotate(),aggregate() and extra()
https://notcve.org/view.php?id=CVE-2022-28346
11 Apr 2022 — An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. Se ha detectado un problema en Django versiones 2.2 anteriores a 2.2.28, 3.2 anteriores a 3.2.13 y 4.0 anteriores a 4.0.4. Los métodos QuerySet.annotate(), aggregate() y extra() están sujetos a inyección SQL en los alias de columna por medi... • https://github.com/DeEpinGh0st/CVE-2022-28346 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28347 – Django: SQL injection via QuerySet.explain(options) on PostgreSQL
https://notcve.org/view.php?id=CVE-2022-28347
11 Apr 2022 — A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name. Se ha detectado un problema de inyección SQL en la función QuerySet.explain() en Django versiones 2.2 anteriores a 2.2.28, 3.2 anteriores a 3.2.13 y 4.0 anteriores a 4.0.4. Esto ocurre al pasar un diccionario diseñado (con expansió... • http://www.openwall.com/lists/oss-security/2022/04/11/1 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-23833 – django: Denial-of-service possibility in file uploads
https://notcve.org/view.php?id=CVE-2022-23833
03 Feb 2022 — An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files. Se ha detectado un problema en MultiPartParser en Django versiones 2.2 anteriores a 2.2.27, 3.2 anteriores a 3.2.12 y 4.0 anteriores a 4.0.2. Pasar determinadas entradas a formularios multiparte podía resultar en un bucle infinito cuando eran analizados los archivos A flaw was found in Django. The issue... • https://docs.djangoproject.com/en/4.0/releases/security • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 2CVE-2022-22818 – django: Possible XSS via '{% debug %}' template tag
https://notcve.org/view.php?id=CVE-2022-22818
03 Feb 2022 — The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS. La etiqueta de plantilla {% debug %} en Django versiones 2.2 anteriores a 2.2.27, 3.2 anteriores a 3.2.12 y 4.0 anteriores a 4.0.2, no codifica correctamente el contexto actual. Esto puede conllevar a un ataque de tipo XSS A flaw was found in Django. The ``{% debug %}`` template tag did not properly encode the current context, posing a Cross-si... • https://github.com/Prikalel/django-xss-example • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-45115 – django: Denial-of-service possibility in UserAttributeSimilarityValidator
https://notcve.org/view.php?id=CVE-2021-45115
04 Jan 2022 — An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack. Se ha detectado un problema en Django versiones 2.2 anteriores a 2.2.26, 3.2 anteriores a 3.2.11 y 4.0 anteriores a 4.0.1.... • https://docs.djangoproject.com/en/4.0/releases/security • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-45116 – django: Potential information disclosure in dictsort template filter
https://notcve.org/view.php?id=CVE-2021-45116
04 Jan 2022 — An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key. Se ha detectado un problema en Django versiones 2.2 anteriores a 2.2.26, 3.2 anteriores a 3.2.11 y 4.0 anteriores a 4.0.1. Debido al aprovechamiento de la lógica de resolución de variables del le... • https://docs.djangoproject.com/en/4.0/releases/security • CWE-20: Improper Input Validation CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0CVE-2021-45452 – django: Potential directory-traversal via Storage.save()
https://notcve.org/view.php?id=CVE-2021-45452
04 Jan 2022 — Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it. El archivo Storage.save en Django versiones 2.2 anteriores a 2.2.26, 3.2 anteriores a 3.2.11 y 4.0 anteriores a 4.0.1, permite un salto de directorio si le es pasado directamente nombres de archivos diseñados. A directory-traversal flaw was found in Django's Storage.save() method, where a network attacker could possibly traverse restricted paths using s... • https://docs.djangoproject.com/en/4.0/releases/security • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •