Lucene search
FreeBSD0EF3398E-DA21-11EE-B23A-080027A5B8E9HistoryFeb 25, 2024 - 12:00 a.m.
Django -- multiple vulnerabilities
2024-02-2500:00:00
vuxml.freebsd.org
10
django
vulnerabilities
cve-2024-27351
regex
denial-of-service
truncator.words()
unix
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
7.1 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.3%
Django reports:
CVE-2024-27351: Potential regular expression denial-of-service in
django.utils.text.Truncator.words().
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | py39-django32 | < 3.2.25 | UNKNOWN |
| FreeBSD | any | noarch | py310-django32 | < 3.2.25 | UNKNOWN |
| FreeBSD | any | noarch | py311-django32 | < 3.2.25 | UNKNOWN |
| FreeBSD | any | noarch | py39-django42 | < 4.2.11 | UNKNOWN |
| FreeBSD | any | noarch | py310-django42 | < 4.2.11 | UNKNOWN |
| FreeBSD | any | noarch | py311-django42 | < 4.2.11 | UNKNOWN |
| FreeBSD | any | noarch | py310-django50 | < 5.0.3 | UNKNOWN |
| FreeBSD | any | noarch | py311-django50 | < 5.0.3 | UNKNOWN |
Related
ubuntu
ubuntu
Django vulnerability
2024-03-04 00:00:00
Django vulnerability
2024-03-04 00:00:00
nessus
nessus
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Django vulnerability (USN-6674-1)
2024-03-05 00:00:00
openSUSE 15 Security Update : python-Django (SUSE-SU-2024:0902-1)
2024-03-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6674-1)
2024-03-05 00:00:00
Mageia: Security Advisory (MGASA-2024-0075)
2024-04-05 00:00:00
openSUSE: Security Advisory for python (openSUSE-SU-2024:0080-1)
2024-03-25 00:00:00
ibm
ibm
Security Bulletin: Django-3.2.24-py3-none-any.whl is vulnerable to CVE-2024-27351 used in IBM Maximo Application Suite - Edge Data Collector
2024-04-10 10:49:45
wolfi
wolfi
CVE-2024-27351 vulnerabilities
2024-07-05 21:08:40
cgr
cgr
CVE-2024-27351 vulnerabilities
2024-05-19 03:07:16
osv
osv
python-django vulnerability
2024-03-04 16:14:41
python-django vulnerability
2024-03-04 15:04:24
Regular expression denial-of-service in Django
2024-03-15 21:30:43
redhatcve
redhatcve
CVE-2024-27351
2024-03-04 09:32:01
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2024-03-22 04:01:57
mageia
mageia
Updated python-django package fixes a security vulnerability
2024-03-20 06:35:18
fedora
fedora
[SECURITY] Fedora 39 Update: python-django-4.2.11-2.fc39
2024-04-18 01:12:12
[SECURITY] Fedora 40 Update: python-django-4.2.11-2.fc40
2024-04-13 03:41:27
[SECURITY] Fedora 38 Update: python-django3-3.2.25-2.fc38
2024-04-20 02:14:46
ubuntucve
ubuntucve
CVE-2024-27351
2024-03-04 00:00:00
alpinelinux
alpinelinux
CVE-2024-27351
2024-03-15 20:15:09
nvd
nvd
CVE-2024-27351
2024-03-15 20:15:09
cve
cve
CVE-2024-27351
2024-03-15 20:15:09
debiancve
debiancve
CVE-2024-27351
2024-03-15 20:15:09
hackerone
hackerone
cvelist
cvelist
CVE-2024-27351
2024-03-15 00:00:00
github
github
Regular expression denial-of-service in Django
2024-03-15 21:30:43
redhat
redhat
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
7.1 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.3%
Related for 0EF3398E-DA21-11EE-B23A-080027A5B8E9