Django — свободный фреймворк для веб-приложений на языке Python, использующий шаблон проектирования MVC
Релизный цикл, информация об уязвимостях
График релизов
Количество 678
CVE-2023-41164
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
BDU:2023-09108
Уязвимость компонента django.utils.encoding.uri_to_iri() программной платформы для веб-приложений Django, позволяющая нарушителю вызвать отказ в обслуживании
openSUSE-SU-2023:0177-1
Security update for python-Django1
openSUSE-SU-2023:0176-1
Security update for python-Django1
openSUSE-SU-2023:0174-1
Security update for python-Django
GHSA-jh3w-4vvf-mjgr
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator
CVE-2023-36053
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.
CVE-2023-36053
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, Em ...
CVE-2023-36053
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.
CVE-2023-36053
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2023-41164 In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters. | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | BDU:2023-09108 Уязвимость компонента django.utils.encoding.uri_to_iri() программной платформы для веб-приложений Django, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | почти 2 года назад |
 | openSUSE-SU-2023:0177-1 Security update for python-Django1 | 2% Низкий | около 2 лет назад | |
| openSUSE-SU-2023:0176-1 Security update for python-Django1 | 2% Низкий | около 2 лет назад | |
| openSUSE-SU-2023:0174-1 Security update for python-Django | 2% Низкий | около 2 лет назад | |
| GHSA-jh3w-4vvf-mjgr Django has regular expression denial of service vulnerability in EmailValidator/URLValidator | CVSS3: 7.5 | 2% Низкий | около 2 лет назад |
 | CVE-2023-36053 In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs. | CVSS3: 7.5 | 2% Низкий | около 2 лет назад |
| CVE-2023-36053 In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, Em ... | CVSS3: 7.5 | 2% Низкий | около 2 лет назад |
 | CVE-2023-36053 In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs. | CVSS3: 7.5 | 2% Низкий | около 2 лет назад |
| CVE-2023-36053 In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs. | CVSS3: 7.5 | 2% Низкий | около 2 лет назад |
Уязвимостей на страницу