Test ID:	1.3.6.1.4.1.25623.1.0.152821
Category:	General
Title:	Django 4.x < 4.2.15, 5.x < 5.0.8 Multiple Vulnerabilities - Windows
Summary:	Django is prone to multiple vulnerabilities.
Description:	Summary: Django is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat() - CVE-2024-41990: Potential denial of service (DoS) in django.utils.html.urlize() - CVE-2024-41991: Potential denial of service (DoS) in django.utils.html.urlize() and AdminURLFieldWidget - CVE-2024-42005: Potential SQL injection (SQLi) in QuerySet.values() and values_list() Affected Software/OS: Django version 4.x prior to 4.2.15 and 5.x prior to 5.0.8. Solution: Update to version 4.2.15, 5.0.8 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-41989 Common Vulnerability Exposure (CVE) ID: CVE-2024-41990 Common Vulnerability Exposure (CVE) ID: CVE-2024-41991 Common Vulnerability Exposure (CVE) ID: CVE-2024-42005
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.