It was discovered that Django incorrectly accepted semicolons as query
parameters. A remote attacker could possibly use this issue to perform a
Web Cache Poisoning attack.

References

ubuntu.com/security/CVE-2021-23336

ubuntu.com/security/notices/USN-4742-1

nessus 59

redhatcve 1

openvas 51

cvelist 2

fedora 20

debiancve 1

debian 5

cve 3

alpinelinux 1

nvd 3

mageia 2

suse 1

veracode 1

osv 15

cbl_mariner 3

ubuntu 1

archlinux 3

ubuntucve 1

photon 5

prion 3

altlinux 2

amazon 6

gentoo 1

almalinux 2

github 1

oraclelinux 2

redhat 3

sonarsource 1

nessus

Fedora 32 : mingw-python3 (2021-309bc2e727)

2021-03-15 00:00:00

SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2021:0768-1)

2021-03-12 00:00:00

Fedora 33 : mingw-python3 (2021-b76ede8f4d)

2021-03-15 00:00:00

redhatcve

CVE-2021-23336

2021-02-15 20:05:02

openvas

Fedora: Security Advisory for python39 (FEDORA-2021-7c1bb32d13)

2021-03-01 00:00:00

Fedora: Security Advisory for python-django (FEDORA-2021-e22bb0e548)

2021-03-20 00:00:00

Python < 3.6.13, 3.7.x < 3.7.10, 3.8.x < 3.8.8, 3.9.x < 3.9.2 Web Cache Poisoning Vulnerability - Windows

2021-02-23 00:00:00

cvelist

CVE-2021-23336 Web Cache Poisoning

2021-02-15 00:00:00

CVE-2021-28359 Apache Airflow Reflected XSS via Origin Query Argument in URL

2021-05-02 07:55:12

fedora

[SECURITY] Fedora 34 Update: python-django-3.1.7-1.fc34

2021-03-19 20:27:58

[SECURITY] Fedora 33 Update: mingw-python3-3.9.2-1.fc33

2021-03-15 01:19:58

[SECURITY] Fedora 34 Update: mingw-python3-3.9.2-2.fc34

2021-03-19 20:28:38

debiancve

CVE-2021-23336

2021-02-15 13:15:12

debian

[SECURITY] [DLA 2569-1] python-django security update

2021-02-19 16:24:07

[SECURITY] [DLA 2628-1] python2.7 security update

2021-04-17 19:31:24

[SECURITY] [DLA 2619-1] python3.5 security update

2021-04-05 16:08:19

cve

CVE-2021-23336

2021-02-15 13:15:12

CVE-2020-28476

2021-01-18 12:15:13

CVE-2021-28359

2021-05-02 08:15:06

alpinelinux

CVE-2021-23336

2021-02-15 13:15:12

nvd

CVE-2021-23336

2021-02-15 13:15:12

CVE-2020-28476

2021-01-18 12:15:13

CVE-2021-28359

2021-05-02 08:15:06

mageia

Updated python and python3 packages fix security vulnerability

2021-04-02 13:16:21

Updated python-django package fixes a security vulnerability

2021-03-15 00:20:42

suse

Security update for python (moderate)

2021-03-17 00:00:00

veracode

Web Cache Poisoning

2021-02-20 06:44:58

osv

python-django - security update

2021-02-19 00:00:00

BIT-python-2021-23336

2024-03-06 11:07:00

CVE-2021-23336

2021-02-15 13:15:12

cbl_mariner

CVE-2021-23336 affecting package python3 3.7.9-4

2021-07-08 21:56:42

CVE-2021-23336 affecting package python2 for versions less than 2.7.18-8

2022-04-09 06:51:57

CVE-2021-23336 affecting package python2 2.7.18-14

2021-04-06 23:50:12

ubuntu

Django vulnerability

2021-02-22 00:00:00

archlinux

[ASA-202102-28] python-django: url request injection

2021-02-20 00:00:00

[ASA-202102-37] python: multiple issues

2021-02-27 00:00:00

[ASA-202103-27] python2: multiple issues

2021-03-25 00:00:00

ubuntucve

CVE-2021-23336

2021-02-15 00:00:00

photon

Important Photon OS Security Update - PHSA-2021-0204

2021-03-05 00:00:00

Moderate Photon OS Security Update - PHSA-2021-3.0-0204

2021-03-05 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0327

2021-03-11 00:00:00

prion

Design/Logic Flaw

2021-02-15 13:15:00

Design/Logic Flaw

2021-01-18 12:15:00

Design/Logic Flaw

2021-05-02 08:15:00

altlinux

Security fix for the ALT Linux 9 package python3-module-django version 2.2.19-alt1

2021-04-12 00:00:00

Security fix for the ALT Linux 10 package python3-module-django version 2.2.19-alt1

2021-02-24 00:00:00

amazon

Medium: python36

2021-05-14 16:53:00

Low: python34

2021-05-20 21:12:00

Medium: python3

2021-05-20 16:15:00

gentoo

Python: Multiple vulnerabilities

2021-04-30 00:00:00

almalinux

Moderate: python3 security update

2021-05-18 05:42:46

Moderate: python27:2.7 security update

2021-11-09 08:24:39

github

Cross-site Scripting in Apache Airflow

2021-06-18 18:43:42

oraclelinux

python3 security update

2021-05-25 00:00:00

python27:2.7 security update

2021-11-16 00:00:00

redhat

(RHSA-2021:1633) Moderate: python3 security update

2021-05-18 05:42:46

(RHSA-2021:4151) Moderate: python27:2.7 security update

2021-11-09 08:24:39

(RHSA-2021:3252) Moderate: python27 security update

2021-08-24 07:29:51

sonarsource

10 Unknown Security Pitfalls for Python

2021-11-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.0%

JSON

Related for OSV:USN-4742-1