FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
171afa61-3eba-11ef-a58f-080027836e8b	Django -- multiple vulnerabilities Django reports: CVE-2024-38875: Potential denial-of-service in django.utils.html.urlize(). CVE-2024-39329: Username enumeration through timing difference for users with unusable passwords. CVE-2024-39330: Potential directory-traversal in django.core.files.storage.Storage.save(). CVE-2024-39614: Potential denial-of-service in django.utils.translation.get_supported_language_variant(). Discovery 2024-07-01 Entry 2024-07-10 py39-django42 py310-django42 py311-django42 < 4.2.14 py310-django50 py311-django50 < 5.0.7 CVE-2024-38875 CVE-2024-39329 CVE-2024-39330 CVE-2024-39614 https://www.djangoproject.com/weblog/2024/jul/09/security-releases/
94d441d2-5497-11ef-9d2f-080027836e8b	Django -- multiple vulnerabilities Django reports: CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat(). CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize(). CVE-2024-41991: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget. CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list(). Discovery 2024-08-01 Entry 2024-08-07 py39-django42 py310-django42 py311-django42 < 4.2.15 py310-django50 py311-django50 < 5.0.8 CVE-2024-41989 CVE-2024-41990 CVE-2024-41991 CVE-2024-42005 https://www.djangoproject.com/weblog/2024/aug/06/security-releases/

VuXML ID

Description

171afa61-3eba-11ef-a58f-080027836e8b

Django -- multiple vulnerabilities

Django reports:

CVE-2024-38875: Potential denial-of-service in django.utils.html.urlize().

CVE-2024-39329: Username enumeration through timing difference for users with unusable passwords.

CVE-2024-39330: Potential directory-traversal in django.core.files.storage.Storage.save().

CVE-2024-39614: Potential denial-of-service in django.utils.translation.get_supported_language_variant().

Discovery 2024-07-01
Entry 2024-07-10
py39-django42
py310-django42
py311-django42

< 4.2.14

py310-django50
py311-django50

< 5.0.7

CVE-2024-38875
CVE-2024-39329
CVE-2024-39330
CVE-2024-39614
https://www.djangoproject.com/weblog/2024/jul/09/security-releases/

94d441d2-5497-11ef-9d2f-080027836e8b

Django -- multiple vulnerabilities

Django reports:

CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat().

CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize().

CVE-2024-41991: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget.

CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list().

Discovery 2024-08-01
Entry 2024-08-07
py39-django42
py310-django42
py311-django42

< 4.2.15

py310-django50
py311-django50

< 5.0.8

CVE-2024-41989
CVE-2024-41990
CVE-2024-41991
CVE-2024-42005
https://www.djangoproject.com/weblog/2024/aug/06/security-releases/