Lucene search
UbuntuUSN-5653-1HistoryOct 04, 2022 - 12:00 a.m.
Django vulnerability
2022-10-0400:00:00
ubuntu.com
28
django
ubuntu
vulnerability
internationalized urls
denial of service
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.7
Confidence
High
EPSS
0.005
Percentile
75.7%
Releases
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Packages
- python-django - High-level Python web development framework
Details
Benjamin Balder Bach discovered that Django incorrectly handled certain
internationalized URLs. A remote attacker could possibly use this issue to
cause Django to crash, resulting in a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 22.04 | noarch | python3-django | < 2:3.2.12-2ubuntu1.3 | UNKNOWN |
| Ubuntu | 22.04 | noarch | python-django-doc | < 2:3.2.12-2ubuntu1.3 | UNKNOWN |
| Ubuntu | 20.04 | noarch | python3-django | < 2:2.2.12-1ubuntu0.14 | UNKNOWN |
| Ubuntu | 20.04 | noarch | python-django-doc | < 2:2.2.12-1ubuntu0.14 | UNKNOWN |
References
Related
hackerone
hackerone
osv
osv
Django denial-of-service vulnerability in internationalized URLs
2022-10-16 12:00:23
PYSEC-2022-304
2022-10-16 06:15:00
BIT-django-2022-41323
2024-03-06 10:52:25
cnvd
cnvd
Django denial of service vulnerability
2022-10-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5653-1)
2022-10-05 00:00:00
Mageia: Security Advisory (MGASA-2023-0026)
2023-03-28 00:00:00
openSUSE: Security Advisory for python (openSUSE-SU-2023:0057-1)
2024-03-04 00:00:00
redhatcve
redhatcve
CVE-2022-41323
2022-10-19 12:17:57
nessus
nessus
nvd
nvd
CVE-2022-41323
2022-10-16 06:15:09
prion
prion
Code injection
2022-10-16 06:15:00
cvelist
cvelist
CVE-2022-41323
2022-10-16 00:00:00
altlinux
altlinux
freebsd
freebsd
Django -- multiple vulnerabilities
2022-09-23 00:00:00
cve
cve
CVE-2022-41323
2022-10-16 06:15:09
debiancve
debiancve
CVE-2022-41323
2022-10-16 06:15:09
ubuntucve
ubuntucve
CVE-2022-41323
2022-10-04 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-10-18 02:26:30
alpinelinux
alpinelinux
CVE-2022-41323
2022-10-16 06:15:09
github
github
Django denial-of-service vulnerability in internationalized URLs
2022-10-16 12:00:23
redhat
redhat
(RHSA-2023:0742) Low: RHUI 4.3.0 release - Security Fixes, Bug Fixes, and Enhancements Update
2023-02-13 11:53:09
(RHSA-2023:2097) Important: Satellite 6.13 Release
2023-05-03 13:09:51
mageia
mageia
Updated python-django packages fix security vulnerability
2023-02-07 03:06:39
fedora
fedora
[SECURITY] Fedora 37 Update: python-django3-3.2.18-1.fc37
2023-03-05 01:38:46
[SECURITY] Fedora 36 Update: python-django3-3.2.18-1.fc36
2023-03-05 00:54:12
[SECURITY] Fedora 38 Update: python-django3-3.2.18-1.fc38
2023-03-11 03:40:03
debian
debian
[SECURITY] [DSA 5254-1] python-django security update
2022-10-15 16:00:48
rocky
rocky
Satellite 6.13 Release
2023-05-05 15:39:58
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.7
Confidence
High
EPSS
0.005
Percentile
75.7%
Related for USN-5653-1