Lucene search
Ubuntu.comUB:CVE-2022-41323HistoryOct 04, 2022 - 12:00 a.m.
CVE-2022-41323
2022-10-0400:00:00
ubuntu.com
ubuntu.com
79
denial of service
internationalized urls
regular expression
security vulnerability
unix
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.005 Low
EPSS
Percentile
75.7%
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2,
internationalized URLs were subject to a potential denial of service attack
via the locale parameter, which is treated as a regular expression.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 20.04 | noarch | python-django | < 2:2.2.12-1ubuntu0.14 | UNKNOWN |
| ubuntu | 22.04 | noarch | python-django | < 2:3.2.12-2ubuntu1.3 | UNKNOWN |
| ubuntu | 22.10 | noarch | python-django | < 3.2.15-1ubuntu1 | UNKNOWN |
Related
hackerone
hackerone
osv
osv
Django denial-of-service vulnerability in internationalized URLs
2022-10-16 12:00:23
PYSEC-2022-304
2022-10-16 06:15:00
BIT-django-2022-41323
2024-03-06 10:52:25
cnvd
cnvd
Django denial of service vulnerability
2022-10-11 00:00:00
nvd
nvd
CVE-2022-41323
2022-10-16 06:15:09
openvas
openvas
Ubuntu: Security Advisory (USN-5653-1)
2022-10-05 00:00:00
Mageia: Security Advisory (MGASA-2023-0026)
2023-03-28 00:00:00
openSUSE: Security Advisory for python (openSUSE-SU-2023:0057-1)
2024-03-04 00:00:00
redhatcve
redhatcve
CVE-2022-41323
2022-10-19 12:17:57
nessus
nessus
freebsd
freebsd
Django -- multiple vulnerabilities
2022-09-23 00:00:00
altlinux
altlinux
ubuntu
ubuntu
Django vulnerability
2022-10-04 00:00:00
cve
cve
CVE-2022-41323
2022-10-16 06:15:09
prion
prion
Code injection
2022-10-16 06:15:00
cvelist
cvelist
CVE-2022-41323
2022-10-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-10-18 02:26:30
github
github
Django denial-of-service vulnerability in internationalized URLs
2022-10-16 12:00:23
alpinelinux
alpinelinux
CVE-2022-41323
2022-10-16 06:15:09
debiancve
debiancve
CVE-2022-41323
2022-10-16 06:15:09
redhat
redhat
(RHSA-2023:0742) Low: RHUI 4.3.0 release - Security Fixes, Bug Fixes, and Enhancements Update
2023-02-13 11:53:09
(RHSA-2023:2097) Important: Satellite 6.13 Release
2023-05-03 13:09:51
mageia
mageia
Updated python-django packages fix security vulnerability
2023-02-07 03:06:39
fedora
fedora
[SECURITY] Fedora 37 Update: python-django3-3.2.18-1.fc37
2023-03-05 01:38:46
[SECURITY] Fedora 36 Update: python-django3-3.2.18-1.fc36
2023-03-05 00:54:12
[SECURITY] Fedora 38 Update: python-django3-3.2.18-1.fc38
2023-03-11 03:40:03
debian
debian
[SECURITY] [DSA 5254-1] python-django security update
2022-10-15 16:00:48
rocky
rocky
Satellite 6.13 Release
2023-05-05 15:39:58
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.005 Low
EPSS
Percentile
75.7%
Related for UB:CVE-2022-41323