CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22199 – Django Template Engine Vulnerable to XSS
https://notcve.org/view.php?id=CVE-2024-22199
11 Jan 2024 — This package provides universal methods to use multiple template engines with the Fiber web framework using the Views interface. This vulnerability specifically impacts web applications that render user-supplied data through this template engine, potentially leading to the execution of malicious scripts in users' browsers when visiting affected web pages. The vulnerability has been addressed, the template engine now defaults to having autoescape set to `true`, effectively mitigating the risk of XSS attacks.... • https://github.com/gofiber/template/commit/28cff3ac4d4c117ab25b5396954676d624b6cb46 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-116: Improper Encoding or Escaping of Output •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2021-33203 – django: Potential directory traversal via ``admindocs``
https://notcve.org/view.php?id=CVE-2021-33203
03 Jun 2021 — Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admindocs templates have been customized by application developers to also show file contents, then not only the existence but also the file contents would have been exposed. In other words, there is directory traversal outside of the template ... • https://docs.djangoproject.com/en/3.2/releases/security • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 24%CPEs: 11EXPL: 0CVE-2020-9402 – django: potential SQL injection via "tolerance" parameter in GIS functions and aggregates on Oracle
https://notcve.org/view.php?id=CVE-2020-9402
04 Mar 2020 — Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL. Django versiones 1.11 anteriores a 1.11.29, versiones 2.2 anteriores a 2.2.11 y versiones 3.0 anteriores a 3.0.4, permite una Inyección SQL si datos no confiables son usados como un pará... • https://docs.djangoproject.com/en/3.0/releases/security • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 7CVE-2020-7471 – Ubuntu Security Notice USN-4264-1
https://notcve.org/view.php?id=CVE-2020-7471
03 Feb 2020 — Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL. Django versiones 1.11 anteriores a 1.11.28, versiones 2.2 anteriores a 2.2.10 y versiones 3.0 anter... • https://github.com/Saferman/CVE-2020-7471 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 38%CPEs: 7EXPL: 5CVE-2019-19844 – Django < 3.0 < 2.2 < 1.11 - Account Hijack
https://notcve.org/view.php?id=CVE-2019-19844
18 Dec 2019 — Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.) Django versiones anteriores a 1.11.27, versiones 2.x anteriores a 2.2.9 y versiones 3.x ant... • https://packetstorm.news/files/id/155872 • CWE-640: Weak Password Recovery Mechanism for Forgotten Password •
CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 0CVE-2019-14232 – Django: backtracking in a regular expression in django.utils.text.Truncator leads to DoS
https://notcve.org/view.php?id=CVE-2019-14232
01 Aug 2019 — An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable. Se detectó un problema en Django versione... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2019-14233 – Django: the behavior of the underlying HTMLParser leading to DoS
https://notcve.org/view.php?id=CVE-2019-14233
01 Aug 2019 — An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities. Se detectó un problema en Django versiones 1.11.x anteriores a 1.11.23, versiones 2.1.x anteriores a 2.1.11 y versiones 2.2.x anteriores a 2.2.4. Debido al comportamiento del HTMLParser subyacente, django.utils.html.... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2019-14235 – Django: Potential memory exhaustion in django.utils.encoding.uri_to_iri()
https://notcve.org/view.php?id=CVE-2019-14235
01 Aug 2019 — An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences. Se detectó un problema en Django versiones 1.11.x anteriores a 1.11.23, versiones 2.1.x anteriores a 2.1.11 y versiones 2.2.x anteriores a 2.2.4. Si pasaron ciertas entradas, django.utils.encoding.uri_to_iri podría conllevar a un uso de l... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2019-14234 – Django: SQL injection possibility in key and index lookups for JSONField/HStoreField
https://notcve.org/view.php?id=CVE-2019-14234
01 Aug 2019 — An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed t... • https://github.com/malvika-thakur/CVE-2019-14234 • CWE-20: Improper Input Validation CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2019-12781 – Django: Incorrect HTTP detection with reverse-proxy connecting via HTTPS
https://notcve.org/view.php?id=CVE-2019-12781
01 Jul 2019 — An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP. Se ha descubierto un problema en Django en versiones 1.11 anteriores a la 1.11.22, 2.1, anteriores a la 2.1.10, y 2.2 anteriores 2.2.3. Una petición HTTP no s... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html • CWE-319: Cleartext Transmission of Sensitive Information CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •