SecuritySpace - CVE-2018-7536

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

CVE Kennung:	CVE-2018-7536
Beschreibung:	An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable.
Test Kennungen:	1.3.6.1.4.1.25623.1.0.891303
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2018-7536 BugTraq ID: 103361 http://www.securityfocus.com/bid/103361 Debian Security Information: DSA-4161 (Google Search) https://www.debian.org/security/2018/dsa-4161 https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html RedHat Security Advisories: RHSA-2018:2927 https://access.redhat.com/errata/RHSA-2018:2927 RedHat Security Advisories: RHSA-2019:0051 https://access.redhat.com/errata/RHSA-2019:0051 RedHat Security Advisories: RHSA-2019:0082 https://access.redhat.com/errata/RHSA-2019:0082 RedHat Security Advisories: RHSA-2019:0265 https://access.redhat.com/errata/RHSA-2019:0265 https://usn.ubuntu.com/3591-1/