CVE-2024-53907

Published Dec 6, 2024

Last updated 2 months ago

CVSS high 7.5

Overview

Description
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.
Source
cve@mitre.org
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity
HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-770

Social media

Hype score
Not currently trending

  1. ۲ آسیب پذیری برای Django با کدهای شناسایی CVE-2024-53907 از نوع DOS و CVE-2024-53908 از نوع Sqlinjection منتشر شده است. آسیب پذیری ها بر روی Django نسخه های 5.1 و 5.0 و 4.2 تاثیر گزار است. Django برای پچ کردن این آسیب پذیری update لازم را ارائه داده است. https://t.co/Poz3aKY03t

    @AmirHossein_sec

    13 Dec 2024

    25 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-53907 (CVSS:7.5, HIGH) is Received. An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method an..https://t.co/04NwAxRkrC #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    11 Dec 2024

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Pythonのフレームワーク Django(ジャンゴ)で深刻な脆弱性に対応するセキュリティパッチがリリース(CVE-2024-53908,CVE-2024-53907)されました。 https://t.co/tcABC9ECa3

    @01Programing

    9 Dec 2024

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Threat Alert: Django Releases Patches for CVE-2024-53907 and CVE-2024-53908 to Mitigate DoS an CVE-2024-53907 CVE-2024-53908 Severity: 🔴 High Maturity: 💢 Emerging Learn more: https://t.co/HLm2OS7OAW #CyberSecurity #ThreatIntel #InfoSec

    @fletch_ai

    7 Dec 2024

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2024-53907 An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a p… https://t.co/cNKkWq47Tz

    @CVEnew

    6 Dec 2024

    263 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2024-53907, -53908: DoS and SCLi in Django, high rating❗️ Some versions of Django are susceptible to vulns, which allow DoS or SQL injection. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/ozijb7ZH3h #cybersecurity #vulnerability_map #django https://t.co/Xe7g0TmV

    @Netlas_io

    6 Dec 2024

    274 Impressions

    3 Retweets

    4 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  7. Django Releases Patches for CVE-2024-53907 and CVE-2024-53908 to Mitigate DoS and SQLi Threats https://t.co/BlkBJhIIX1

    @Dinosn

    6 Dec 2024

    1626 Impressions

    1 Retweet

    10 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

References