 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.113346 |
| Categoría: | Denial of Service |
| Título: | Django < 2.16 Uncontrolled Memory Consumption Vulnerability - Windows |
| Resumen: | Django is prone to an uncontrolled memory consumption vulnerability. |
| Descripción: | Summary: Django is prone to an uncontrolled memory consumption vulnerability. Vulnerability Insight: If django.utils.numberformat.format() received a Decimal with a large number of digits or a large exponent, it could lead to significant memory usage due to a call to .format(). Vulnerability Impact: Successful exploitation would allow an attacker to exhaust the target system's resources and crash the affected and other applications. Affected Software/OS: Django through version 1.11.18, version 2.0.0 through 2.0.10 and 2.1.0 through 2.1.5. Solution: Update to version 1.11.19, 2.0.11 or 2.1.6 respectively. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-6975 BugTraq ID: 106964 http://www.securityfocus.com/bid/106964 Bugtraq: 20190708 [SECURITY] [DSA 4476-1] python-django security update (Google Search) https://seclists.org/bugtraq/2019/Jul/10 Debian Security Information: DSA-4476 (Google Search) https://www.debian.org/security/2019/dsa-4476 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU/ https://docs.djangoproject.com/en/dev/releases/security/ https://groups.google.com/forum/#!topic/django-announce/WTwEAprR0IQ https://www.djangoproject.com/weblog/2019/feb/11/security-releases/ https://www.openwall.com/lists/oss-security/2019/02/11/1 https://usn.ubuntu.com/3890-1/ |
| Copyright | Copyright (C) 2019 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |