Download
| Alert*
oval:org.secpod.oval:def:69899
Several vulnerabilities were discovered in python-django, a web development framework. They could lead to remote denial-of-service or SQL injection, oval:org.secpod.oval:def:2105209 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. oval:org.secpod.oval:def:705100 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:116976 Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. oval:org.secpod.oval:def:604498 Several vulnerabilities were discovered in python-django, a web development framework. They could lead to remote denial-of-service or SQL injection, oval:org.secpod.oval:def:58353 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:58342 Several vulnerabilities were discovered in python-django, a web development framework. They could lead to remote denial-of-service or SQL injection, oval:org.secpod.oval:def:2105224 An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator"s chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability ... |