Количество 750
Количество 750
GHSA-q5qw-4364-5hhm
Django Vulnerable to HTTP Response Splitting Attack
GHSA-q2jf-h9jm-m7p4
Django contains Uncontrolled Resource Consumption via cached header
GHSA-pw27-w7w4-9qc7
Django XSS Vulnerability
GHSA-pv4p-cwwg-4rph
Django SQL injection vulnerability
GHSA-pjc8-j97x-hp3p
** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the admin panel in Django 0.96 allows remote attackers to change passwords of arbitrary users via a request to admin/auth/user/1/password/. NOTE: this issue has been disputed by Debian, since product documentation includes a recommendation for a CSRF protection module that is included with the product. However, CVE considers this an issue because the default configuration does not use this module.
GHSA-pgxh-wfw4-jx2v
Django denial of service via empty session record creation
GHSA-p99v-5w3c-jqq9
Django Access Control Bypass possibly leading to SSRF, RFI, and LFI attacks
GHSA-p6m5-h7pp-v2x5
Django Regex Algorithmic Complexity Causes Denial of Service
GHSA-p64x-8rxx-wf6q
Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection
GHSA-p3fp-8748-vqfq
Django vulnerable to Allocation of Resources Without Limits or Throttling
GHSA-mwv2-398h-v489
Django Improper Access Control
GHSA-mv8g-fhh6-6267
Django user with hardcoded password created when running tests on Oracle
GHSA-m9g8-fxxm-xg86
Django SQL injection in HasKey(lhs, rhs) on Oracle
GHSA-jrh2-hc4r-7jwx
Directory-traversal in Django
GHSA-jhjg-w2cp-5j44
Django DoS in django.views.static.serve
GHSA-jh75-99hh-qvx9
Django memory consumption vulnerability
GHSA-jh3w-4vvf-mjgr
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator
GHSA-j3j3-jrfh-cm2w
Django Denial-of-service possibility with strip_tags
GHSA-hvmf-r92r-27hr
Django allows unintended model editing
GHSA-hpr9-3m2g-3j9p
Django vulnerable to SQL injection in column aliases
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-q5qw-4364-5hhm Django Vulnerable to HTTP Response Splitting Attack | CVSS3: 7.5 | 2% Низкий | больше 3 лет назад |
| GHSA-q2jf-h9jm-m7p4 Django contains Uncontrolled Resource Consumption via cached header | CVSS3: 7.5 | 1% Низкий | почти 3 года назад |
| GHSA-pw27-w7w4-9qc7 Django XSS Vulnerability | CVSS3: 7.4 | 1% Низкий | больше 3 лет назад |
| GHSA-pv4p-cwwg-4rph Django SQL injection vulnerability | CVSS3: 9.1 | 0% Низкий | больше 1 года назад |
| GHSA-pjc8-j97x-hp3p ** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the admin panel in Django 0.96 allows remote attackers to change passwords of arbitrary users via a request to admin/auth/user/1/password/. NOTE: this issue has been disputed by Debian, since product documentation includes a recommendation for a CSRF protection module that is included with the product. However, CVE considers this an issue because the default configuration does not use this module. | 0% Низкий | больше 3 лет назад | |
| GHSA-pgxh-wfw4-jx2v Django denial of service via empty session record creation | CVSS3: 7.5 | 5% Низкий | больше 3 лет назад |
| GHSA-p99v-5w3c-jqq9 Django Access Control Bypass possibly leading to SSRF, RFI, and LFI attacks | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
| GHSA-p6m5-h7pp-v2x5 Django Regex Algorithmic Complexity Causes Denial of Service | CVSS3: 7.5 | 6% Низкий | больше 3 лет назад |
| GHSA-p64x-8rxx-wf6q Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection | CVSS3: 9.8 | 93% Критический | больше 3 лет назад |
| GHSA-p3fp-8748-vqfq Django vulnerable to Allocation of Resources Without Limits or Throttling | CVSS3: 5 | 1% Низкий | 10 месяцев назад |
| GHSA-mwv2-398h-v489 Django Improper Access Control | 1% Низкий | больше 3 лет назад | |
| GHSA-mv8g-fhh6-6267 Django user with hardcoded password created when running tests on Oracle | CVSS3: 9.8 | 2% Низкий | больше 3 лет назад |
| GHSA-m9g8-fxxm-xg86 Django SQL injection in HasKey(lhs, rhs) on Oracle | CVSS3: 9.8 | 1% Низкий | около 1 года назад |
| GHSA-jrh2-hc4r-7jwx Directory-traversal in Django | CVSS3: 5.3 | 0% Низкий | почти 4 года назад |
| GHSA-jhjg-w2cp-5j44 Django DoS in django.views.static.serve | CVSS3: 7.5 | 9% Низкий | больше 3 лет назад |
| GHSA-jh75-99hh-qvx9 Django memory consumption vulnerability | CVSS3: 5.3 | 1% Низкий | больше 1 года назад |
| GHSA-jh3w-4vvf-mjgr Django has regular expression denial of service vulnerability in EmailValidator/URLValidator | CVSS3: 7.5 | 10% Низкий | больше 2 лет назад |
| GHSA-j3j3-jrfh-cm2w Django Denial-of-service possibility with strip_tags | CVSS3: 7.5 | 2% Низкий | больше 3 лет назад |
| GHSA-hvmf-r92r-27hr Django allows unintended model editing | CVSS3: 6.5 | 0% Низкий | около 6 лет назад |
| GHSA-hpr9-3m2g-3j9p Django vulnerable to SQL injection in column aliases | CVSS3: 7.1 | 0% Низкий | 3 месяца назад |
Уязвимостей на страницу