Lucene search
UbuntuUSN-5868-1HistoryFeb 14, 2023 - 12:00 a.m.
Django vulnerability
2023-02-1400:00:00
ubuntu.com
35
django
vulnerability
file upload
denial of service
ubuntu
packages
python
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.8%
Releases
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 ESM
Packages
- python-django - High-level Python web development framework
Details
Jakob Ackermann discovered that Django incorrectly handled certain file
uploads. A remote attacker could possibly use this issue to cause Django to
consume resources, leading to a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 22.10 | noarch | python3-django | < 3:3.2.15-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 22.10 | noarch | python-django-doc | < 3:3.2.15-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 22.04 | noarch | python3-django | < 2:3.2.12-2ubuntu1.5 | UNKNOWN |
| Ubuntu | 22.04 | noarch | python-django-doc | < 2:3.2.12-2ubuntu1.5 | UNKNOWN |
| Ubuntu | 20.04 | noarch | python3-django | < 2:2.2.12-1ubuntu0.16 | UNKNOWN |
| Ubuntu | 20.04 | noarch | python-django-doc | < 2:2.2.12-1ubuntu0.16 | UNKNOWN |
| Ubuntu | 18.04 | noarch | python3-django | < 1:1.11.11-1ubuntu1.20 | UNKNOWN |
| Ubuntu | 18.04 | noarch | python-django | < 1:1.11.11-1ubuntu1.20 | UNKNOWN |
| Ubuntu | 18.04 | noarch | python-django-common | < 1:1.11.11-1ubuntu1.20 | UNKNOWN |
| Ubuntu | 18.04 | noarch | python-django-doc | < 1:1.11.11-1ubuntu1.20 | UNKNOWN |
References
Related
redhatcve
redhatcve
CVE-2023-24580
2023-02-15 07:32:10
veracode
veracode
Denial Of Service (DoS)
2023-02-15 03:04:41
cvelist
cvelist
CVE-2023-24580
2023-02-15 00:00:00
nvd
nvd
CVE-2023-24580
2023-02-15 01:15:10
CVE-2022-24580
2023-05-29 20:15:09
freebsd
freebsd
Django -- multiple vulnerabilities
2023-02-01 00:00:00
osv
osv
python-django - security update
2023-02-20 00:00:00
CVE-2023-24580
2023-02-15 01:15:10
Resource exhaustion in Django
2023-02-15 03:30:47
alpinelinux
alpinelinux
CVE-2023-24580
2023-02-15 01:15:10
debian
debian
[SECURITY] [DLA 3329-1] python-django security update
2023-02-20 21:02:30
[SECURITY] [DSA 5465-1] python-django security update
2023-08-03 20:45:41
openvas
openvas
Debian: Security Advisory (DLA-3329-1)
2023-02-21 00:00:00
openSUSE: Security Advisory for python (openSUSE-SU-2023:0075-1)
2024-03-04 00:00:00
hackerone
hackerone
debiancve
debiancve
CVE-2023-24580
2023-02-15 01:15:10
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Django vulnerability (USN-5868-1)
2023-02-15 00:00:00
openSUSE 15 Security Update : python-Django (openSUSE-SU-2023:0075-1)
2023-03-15 00:00:00
Debian DLA-3329-1 : python-django - LTS security update
2023-02-20 00:00:00
prion
prion
Design/Logic Flaw
2023-02-15 01:15:00
ubuntucve
ubuntucve
CVE-2023-24580
2023-02-14 00:00:00
cve
cve
CVE-2023-24580
2023-02-15 01:15:10
CVE-2022-24580
2023-05-29 20:15:09
github
github
Resource exhaustion in Django
2023-02-15 03:30:47
mageia
mageia
Updated python-django packages fix security vulnerability
2023-05-16 22:17:40
redhat
redhat
(RHSA-2023:4692) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
2023-08-21 17:00:46
(RHSA-2023:2101) Moderate: RHUI 4.4.0 release - Security Fixes, Bug Fixes, and Enhancements Update
2023-05-03 14:52:25
(RHSA-2023:2097) Important: Satellite 6.13 Release
2023-05-03 13:09:51
altlinux
altlinux
fedora
fedora
[SECURITY] Fedora 36 Update: python-django3-3.2.18-1.fc36
2023-03-05 00:54:12
[SECURITY] Fedora 37 Update: python-django3-3.2.18-1.fc37
2023-03-05 01:38:46
[SECURITY] Fedora 38 Update: python-django3-3.2.18-1.fc38
2023-03-11 03:40:03
ibm
ibm
rocky
rocky
Satellite 6.13 Release
2023-05-05 15:39:58
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
60.8%
Related for USN-5868-1