ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2021.0511
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2021-0511)
Resumen:	The remote host is missing an update for the 'python-django-filter' package(s) announced via the MGASA-2021-0511 advisory.
Descripción:	Summary: The remote host is missing an update for the 'python-django-filter' package(s) announced via the MGASA-2021-0511 advisory. Vulnerability Insight: In django-filter before version 2.4.0, automatically generated 'NumberFilter' instances, whose value was later converted to an integer, were subject to potential DoS from maliciously input using exponential format with sufficiently large exponents. Affected Software/OS: 'python-django-filter' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-15225 https://github.com/carltongibson/django-filter/security/advisories/GHSA-x7gm-rfgv-w973 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAT2ZAEF6DM3VFSOHKB7X3ASSHGQHJAK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPHENTRHRAYFXYPPBT7JRHZRWILRY44S/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVJ7AYU6FUSU3F653YCGW5LFD3IULRSX/ https://github.com/carltongibson/django-filter/commit/340cf7a23a2b3dcd7183f6a0d6c383e85b130d2b https://github.com/carltongibson/django-filter/releases/tag/2.4.0 https://pypi.org/project/django-filter/
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.