Lucene search
Gentoo FoundationMGASA-2023-0026HistoryFeb 07, 2023 - 3:06 a.m.
Updated python-django packages fix security vulnerability
2023-02-0703:06:39
Gentoo Foundation
advisories.mageia.org
28
python
django
security
vulnerability
packages
fix
denial of service
internationalized urls
cve-2022-41323
cve-2023-23969
accept-language headers
unix
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.009 Low
EPSS
Percentile
82.6%
Internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression. (CVE-2022-41323) Potential denial-of-service via Accept-Language headers (CVE-2023-23969)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 8 | noarch | python-django | < 3.2.17-1 | python-django-3.2.17-1.mga8 |
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0026)
2023-03-28 00:00:00
openSUSE: Security Advisory for python (openSUSE-SU-2023:0057-1)
2024-03-04 00:00:00
Ubuntu: Security Advisory (USN-5653-1)
2022-10-05 00:00:00
nessus
nessus
openSUSE 15 Security Update : python-Django (openSUSE-SU-2023:0057-1)
2023-02-22 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Django vulnerability (USN-5653-1)
2022-10-05 00:00:00
Debian DLA-3306-1 : python-django - LTS security update
2023-02-01 00:00:00
hackerone
hackerone
osv
osv
Django denial-of-service vulnerability in internationalized URLs
2022-10-16 12:00:23
PYSEC-2022-304
2022-10-16 06:15:00
BIT-django-2022-41323
2024-03-06 10:52:25
cnvd
cnvd
Django denial of service vulnerability
2022-10-11 00:00:00
nvd
nvd
CVE-2022-41323
2022-10-16 06:15:09
CVE-2023-23969
2023-02-01 19:15:08
redhatcve
redhatcve
CVE-2022-41323
2022-10-19 12:17:57
CVE-2023-23969
2023-02-01 21:37:28
cve
cve
CVE-2022-41323
2022-10-16 06:15:09
CVE-2023-23969
2023-02-01 19:15:08
ubuntu
ubuntu
Django vulnerability
2022-10-04 00:00:00
Django vulnerability
2023-02-01 00:00:00
Django vulnerability
2023-02-01 00:00:00
freebsd
freebsd
Django -- multiple vulnerabilities
2022-09-23 00:00:00
Django -- multiple vulnerabilities
2023-02-01 00:00:00
altlinux
altlinux
prion
prion
Code injection
2022-10-16 06:15:00
Code injection
2023-02-01 19:15:00
cvelist
cvelist
CVE-2022-41323
2022-10-16 00:00:00
CVE-2023-23969
2023-02-01 00:00:00
debian
debian
[SECURITY] [DLA 3306-1] python-django security update
2023-02-01 22:00:04
[SECURITY] [DSA 5465-1] python-django security update
2023-08-03 20:45:41
[SECURITY] [DSA 5254-1] python-django security update
2022-10-15 16:00:48
ubuntucve
ubuntucve
CVE-2023-23969
2023-02-01 00:00:00
CVE-2022-41323
2022-10-04 00:00:00
github
github
Django contains Uncontrolled Resource Consumption via cached header
2023-02-01 21:30:23
Django denial-of-service vulnerability in internationalized URLs
2022-10-16 12:00:23
veracode
veracode
Denial Of Service (DoS)
2022-10-18 02:26:30
Denial Of Service (DoS)
2023-02-03 21:03:14
alpinelinux
alpinelinux
CVE-2022-41323
2022-10-16 06:15:09
CVE-2023-23969
2023-02-01 19:15:08
debiancve
debiancve
CVE-2022-41323
2022-10-16 06:15:09
CVE-2023-23969
2023-02-01 19:15:08
redhat
redhat
fedora
fedora
[SECURITY] Fedora 38 Update: python-django-4.0.10-1.fc38
2023-04-28 02:37:47
[SECURITY] Fedora 37 Update: python-django-4.0.10-1.fc37
2023-04-28 02:04:16
[SECURITY] Fedora 36 Update: python-django3-3.2.18-1.fc36
2023-03-05 00:54:12
rocky
rocky
Satellite 6.13 Release
2023-05-05 15:39:58
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.009 Low
EPSS
Percentile
82.6%
Related for MGASA-2023-0026