Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
CVE Kennung: | CVE-2018-7537 |
Beschreibung: | An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable. |
Test Kennungen: | 1.3.6.1.4.1.25623.1.0.891303 1.3.6.1.4.1.25623.1.0.892233 |
Querverweise: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-7537 BugTraq ID: 103357 http://www.securityfocus.com/bid/103357 Debian Security Information: DSA-4161 (Google Search) https://www.debian.org/security/2018/dsa-4161 https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html RedHat Security Advisories: RHSA-2018:2927 https://access.redhat.com/errata/RHSA-2018:2927 RedHat Security Advisories: RHSA-2019:0265 https://access.redhat.com/errata/RHSA-2019:0265 https://usn.ubuntu.com/3591-1/ |