Category Archives: Advisories

USN-6946-1: Django vulnerabilities

Read Time:38 Second

It was discovered that Django incorrectly handled certain strings in
floatformat function. An attacker could possibly use this issue to
cause a memory exhaustion. (CVE-2024-41989)

It was discovered that Django incorrectly handled very large inputs.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2024-41990)

It was discovered that Django in AdminURLFieldWidget incorrectly
handled certain inputs with a very large number of Unicode characters.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2024-41991)

It was discovered that Django incorrectly handled certain JSON objects.
An attacker could possibly use this issue to cause a potential SQL
injection. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04
LTS. (CVE-2024-42005)

Read More