FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
94d441d2-5497-11ef-9d2f-080027836e8bDjango -- multiple vulnerabilities

Django reports:

CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat().

CVE-2024-41990: Potential denial-of-service in django.utils.html.urlize().

CVE-2024-41991: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget.

CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list().


Discovery 2024-08-01
Entry 2024-08-07
py39-django42
py310-django42
py311-django42
< 4.2.15

py310-django50
py311-django50
< 5.0.8

CVE-2024-41989
CVE-2024-41990
CVE-2024-41991
CVE-2024-42005
https://www.djangoproject.com/weblog/2024/aug/06/security-releases/
171afa61-3eba-11ef-a58f-080027836e8bDjango -- multiple vulnerabilities

Django reports:

CVE-2024-38875: Potential denial-of-service in django.utils.html.urlize().

CVE-2024-39329: Username enumeration through timing difference for users with unusable passwords.

CVE-2024-39330: Potential directory-traversal in django.core.files.storage.Storage.save().

CVE-2024-39614: Potential denial-of-service in django.utils.translation.get_supported_language_variant().


Discovery 2024-07-01
Entry 2024-07-10
py39-django42
py310-django42
py311-django42
< 4.2.14

py310-django50
py311-django50
< 5.0.7

CVE-2024-38875
CVE-2024-39329
CVE-2024-39330
CVE-2024-39614
https://www.djangoproject.com/weblog/2024/jul/09/security-releases/