Filtered by vendor Redhat
Subscriptions
Filtered by product Rhui
Subscriptions
Total
43 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-42005 | 2 Djangoproject, Redhat | 6 Django, Ansible Automation Platform, Discovery and 3 more | 2024-10-23 | 9.8 Critical |
| An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values() and values_list() methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg. | ||||
| CVE-2024-41990 | 2 Djangoproject, Redhat | 3 Django, Ansible Automation Platform, Rhui | 2024-09-18 | 7.5 High |
| An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters. | ||||
| CVE-2024-41991 | 2 Djangoproject, Redhat | 6 Django, Ansible Automation Platform, Discovery and 3 more | 2024-08-12 | 7.5 High |
| An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters. | ||||