Merge pull request #50 from nofusscomputing/template #522
GitHub Actions / Python Vulnerability Report
completed
Aug 13, 2024 in 0s
Python Vulnerability Report
Full Scan Results
Scan Date: 2024-08-13T04:34:33.294354297Z
File: requirements.txt
Vulnerabilities
| Vulnerability ID | Package | Version | Severity | Description |
|---|---|---|---|---|
| CVE-2024-42005 | Django | 5.0.0 | CRITICAL | python-django: Potential SQL injection in QuerySet.values() and values_list() |
| CVE-2024-38875 | Django | 5.0.0 | HIGH | python-django: Potential denial-of-service in django.utils.html.urlize() |
| CVE-2024-39330 | Django | 5.0.0 | HIGH | python-django: Potential directory-traversal in django.core.files.storage.Storage.save() |
| CVE-2024-39614 | Django | 5.0.0 | HIGH | python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() |
| CVE-2024-24680 | Django | 5.0.0 | MEDIUM | Django: denial-of-service in intcomma template filter |
| CVE-2024-27351 | Django | 5.0.0 | MEDIUM | python-django: Potential regular expression denial-of-service in django.utils.text.Truncator.words() |
| CVE-2024-39329 | Django | 5.0.0 | MEDIUM | python-django: Username enumeration through timing difference for users with unusable passwords |
| CVE-2024-41989 | Django | 5.0.0 | MEDIUM | python-django: Memory exhaustion in django.utils.numberformat.floatformat() |
| CVE-2024-41990 | Django | 5.0.0 | MEDIUM | python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() |
| CVE-2024-41991 | Django | 5.0.0 | MEDIUM | python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget |
Loading