Showing 1 - 6 of 6

CVE-2022-22818

Status Candidate

Overview

The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS.

Related Files

Red Hat Security Advisory 2022-8853-01: Posted Dec 8, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-8853-01 - An update for python-django20 is now available for Red Hat OpenStack Platform 16.2.4 (Train) for Red Hat Enterprise Linux (RHEL) 8.4. Issues addressed include cross site scripting and denial of service vulnerabilities.; tags | advisory, denial of service, vulnerability, xss, python; systems | linux, redhat; advisories | CVE-2022-22818, CVE-2022-23833; SHA-256 | b1ffbe4826331e7e7e393e95b639b6c12acc38f9635633508dead64541997d6f; Download | Favorite | View

Red Hat Security Advisory 2022-8872-01: Posted Dec 8, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-8872-01 - An update for python-django20 is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2. Issues addressed include cross site scripting, denial of service, remote shell upload, and remote SQL injection vulnerabilities.; tags | advisory, remote, denial of service, shell, vulnerability, xss, sql injection, python; systems | linux, redhat; advisories | CVE-2022-22818, CVE-2022-23833, CVE-2022-28346; SHA-256 | e5e7d087bfcb84b64424f6f5ba3f374d1774f83da6dd2bb3d702e487b2cbd58b; Download | Favorite | View

Red Hat Security Advisory 2022-8506-01: Posted Nov 17, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-8506-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include code execution, cross site scripting, denial of service, remote SQL injection, and traversal vulnerabilities.; tags | advisory, remote, denial of service, vulnerability, code execution, xss, sql injection; systems | linux, redhat; advisories | CVE-2021-37136, CVE-2021-37137, CVE-2022-22818, CVE-2022-24836, CVE-2022-25648, CVE-2022-29970, CVE-2022-32209, CVE-2022-34265; SHA-256 | 2d5699b272bf62135c49021ecfc5e70e3ef3e624c94ce2a33e3c23d5cd96ba6d; Download | Favorite | View

Debian Security Advisory 5254-1: Posted Oct 15, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5254-1 - Multiple security issues were found in Django, a Python web development framework, which could result in denial of service, SQL injection or cross-site scripting.; tags | advisory, web, denial of service, xss, sql injection, python; systems | linux, debian; advisories | CVE-2022-22818, CVE-2022-23833, CVE-2022-28346, CVE-2022-28347, CVE-2022-34265, CVE-2022-36359, CVE-2022-41323; SHA-256 | f1deaa074be2780bc47f540868f469aef9215c48a81c548946be8c4d1bf75ee6; Download | Favorite | View

Ubuntu Security Notice USN-5269-2: Posted Feb 7, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5269-2 - USN-5269-1 fixed several vulnerabilities in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Keryn Knight discovered that Django incorrectly handled certain template tags. A remote attacker could possibly use this issue to perform a cross-site scripting attack.; tags | advisory, remote, vulnerability, xss; systems | linux, ubuntu; advisories | CVE-2022-22818, CVE-2022-23833; SHA-256 | 2f29f6eb676287e101069ec9b32e684488a4b90fff89f3dc828fd5b4b3a33eb2; Download | Favorite | View

Ubuntu Security Notice USN-5269-1: Posted Feb 3, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5269-1 - Keryn Knight discovered that Django incorrectly handled certain template tags. A remote attacker could possibly use this issue to perform a cross-site scripting attack. Alan Ryan discovered that Django incorrectly handled file uploads. A remote attacker could possibly use this issue to cause Django to hang, resulting in a denial of service.; tags | advisory, remote, denial of service, xss, file upload; systems | linux, ubuntu; advisories | CVE-2022-22818, CVE-2022-23833; SHA-256 | 44ead4d24055dc9998855e1e79daf13648af011234c8ab7db00a1edd78b0a0fc; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 172 files
Ubuntu 47 files
Debian 22 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
tmrswrr 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2022-22818

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems