Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:GA
patchinfo.34948
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.34948
<patchinfo incident="34948"> <issue tracker="cve" id="2024-41990"/> <issue tracker="cve" id="2024-41989"/> <issue tracker="cve" id="2022-28346"/> <issue tracker="cve" id="2024-41991"/> <issue tracker="cve" id="2024-42005"/> <issue tracker="cve" id="2019-12308"/> <issue tracker="bnc" id="1228630">VUL-0: EMBARGOED: CVE-2024-41990: python-Django,python-Django1,python-Django4: Potential denial-of-service vulnerability in django.utils.html.urlize()</issue> <issue tracker="bnc" id="1228631">VUL-0: EMBARGOED: CVE-2024-41991: python-Django,python-Django1,python-Django4: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget</issue> <issue tracker="bnc" id="1228632">VUL-0: EMBARGOED: CVE-2024-42005: python-Django,python-Django1,python-Django4: Potential SQL injection in QuerySet.values() and values_list()</issue> <issue tracker="bnc" id="1228629">VUL-0: EMBARGOED: CVE-2024-41989: python-Django,python-Django1,python-Django4: Memory exhaustion in django.utils.numberformat.floatformat()</issue> <issue tracker="bnc" id="1198398">VUL-0: CVE-2022-28346: python-Django,python-Django1: Potential SQL injection in QuerySet.annotate(),aggregate() and extra()</issue> <issue tracker="bnc" id="1136468">VUL-0: CVE-2019-12308: python-Django, python-Django1 : The clickable "Current URL" link generated by AdminURLFieldWidget displays the provided value without validating it as a safe</issue> <packager>mcalabkova</packager> <rating>important</rating> <category>security</category> <summary>Security update for python-Django</summary> <description>This update for python-Django fixes the following issues: - CVE-2024-42005: Fixed SQL injection in QuerySet.values() and values_list() (bsc#1228629) - CVE-2024-41989: Fixed Memory exhaustion in django.utils.numberformat.floatformat() (bsc#1228630) - CVE-2024-41990: Fixed denial-of-service vulnerability in django.utils.html.urlize() (bsc#1228631) - CVE-2024-41991: Fixed another denial-of-service vulnerability in django.utils.html.urlize() (bsc#1228632) - CVE-2022-28346: Fixed SQL injection in QuerySet.annotate(),aggregate() and extra() (bsc#1198398) - CVE-2019-12308: Fixed XSS in AdminURLFieldWidget (bsc#1136468) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
