CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2023-36053 – python-django: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator
https://notcve.org/view.php?id=CVE-2023-36053
03 Jul 2023 — In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs. A regular expression denial of service vulnerability has been found in Django. Email and URL validators are vulnerable to this flaw when processing a very large number of domain name labels of emails and URLs. Red Hat Ansible Automation Platform provides an enterpris... • https://docs.djangoproject.com/en/4.2/releases/security • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-31047 – python-django: Potential bypass of validation when uploading multiple files using one form field
https://notcve.org/view.php?id=CVE-2023-31047
03 May 2023 — In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's "Uploading multiple files" documentation suggested otherwise. A bypass of validation flaw was found in python-django. When uploading multiple files using one form field, an attacker could upload multiple fi... • https://docs.djangoproject.com/en/4.2/releases/security • CWE-20: Improper Input Validation CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 12%CPEs: 4EXPL: 0CVE-2023-24580 – python-django: Potential denial-of-service vulnerability in file uploads
https://notcve.org/view.php?id=CVE-2023-24580
14 Feb 2023 — An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack. A memory exhaustion flaw was found in the python-django package. This issue occurs when passing certain inputs, leading to a system crash and denial of service. Red Hat Ansible Automati... • http://www.openwall.com/lists/oss-security/2023/02/14/1 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2023-23969 – python-django: Potential denial-of-service via Accept-Language headers
https://notcve.org/view.php?id=CVE-2023-23969
01 Feb 2023 — In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. A flaw was found in python-django. The parsed values of the Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial of service vector via excessive memory usage i... • https://docs.djangoproject.com/en/4.1/releases/security • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 6%CPEs: 3EXPL: 0CVE-2022-41323 – python-django: Potential denial-of-service vulnerability in internationalized URLs
https://notcve.org/view.php?id=CVE-2022-41323
04 Oct 2022 — In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression. En Django versiones 3.2 anteriores a 3.2.16, 4.0 anteriores a 4.0.8, y 4.1 anteriores a 4.1.2, las URLs internacionalizadas estaban sujetas a un potencial ataque de denegación de servicio por medio del parámetro locale, que es tratado como una expresión regular A denial of service flaw was discover... • https://docs.djangoproject.com/en/4.0/releases/security • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-36359 – Debian Security Advisory 5254-1
https://notcve.org/view.php?id=CVE-2022-36359
03 Aug 2022 — An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input. Se ha detectado un problema en la clase HTTP FileResponse en Django versiones 3.2 anteriores a 3.2.15 y 4.0 anteriores a 4.0.7. Una aplicación es vulnerable a un ataque de descarga de archivos reflejada (RFD) que establece... • http://www.openwall.com/lists/oss-security/2022/08/03/1 • CWE-494: Download of Code Without Integrity Check •
CVSS: 9.8EPSS: 92%CPEs: 2EXPL: 4CVE-2022-34265 – python-django: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments
https://notcve.org/view.php?id=CVE-2022-34265
04 Jul 2022 — An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected. Se ha detectado un problema en Django versiones 3.2 anteriores a 3.2.14 y 4.0 anteriores a 4.0.6. Las funciones de base de datos Trunc() y Extract() están sujetas a inyección SQL si son usados datos no confiables... • https://github.com/aeyesec/CVE-2022-34265 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 5CVE-2022-28346 – Django: SQL injection in QuerySet.annotate(),aggregate() and extra()
https://notcve.org/view.php?id=CVE-2022-28346
11 Apr 2022 — An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. Se ha detectado un problema en Django versiones 2.2 anteriores a 2.2.28, 3.2 anteriores a 3.2.13 y 4.0 anteriores a 4.0.4. Los métodos QuerySet.annotate(), aggregate() y extra() están sujetos a inyección SQL en los alias de columna por medi... • https://github.com/DeEpinGh0st/CVE-2022-28346 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28347 – Django: SQL injection via QuerySet.explain(options) on PostgreSQL
https://notcve.org/view.php?id=CVE-2022-28347
11 Apr 2022 — A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name. Se ha detectado un problema de inyección SQL en la función QuerySet.explain() en Django versiones 2.2 anteriores a 2.2.28, 3.2 anteriores a 3.2.13 y 4.0 anteriores a 4.0.4. Esto ocurre al pasar un diccionario diseñado (con expansió... • http://www.openwall.com/lists/oss-security/2022/04/11/1 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 2CVE-2022-22818 – django: Possible XSS via '{% debug %}' template tag
https://notcve.org/view.php?id=CVE-2022-22818
03 Feb 2022 — The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS. La etiqueta de plantilla {% debug %} en Django versiones 2.2 anteriores a 2.2.27, 3.2 anteriores a 3.2.12 y 4.0 anteriores a 4.0.2, no codifica correctamente el contexto actual. Esto puede conllevar a un ataque de tipo XSS A flaw was found in Django. The ``{% debug %}`` template tag did not properly encode the current context, posing a Cross-si... • https://github.com/Prikalel/django-xss-example • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •