Team IT Security (TSEC) Nachrichtenportal Logo

🕵️ CVE-2015-8213 | Django CMS 1.7.10/1.8.6 Date Template Filter django.utils.formats.get_format information disclosure (USN-2816-1 / BID-77750)


Nachrichtenbereich: 🕵️ Sicherheitslücken
🔗 Quelle: vuldb.com

A vulnerability was found in Django CMS 1.7.10/1.8.6. It has been declared as problematic. Affected by this vulnerability is the function django.utils.formats.get_format of the component Date Template Filter. The manipulation leads to information disclosure. This vulnerability is known as CVE-2015-8213. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component. ...

Sharing is caring on Social Media

Reddit
Telegram
LinkedIn
Xing
Twitter
Whatsapp
Facebook
Flipboard

🕵️ CVE-2025-26699 | Django up to 4.2.19/5.0.12/5.1.6 Template Filter django.utils.text.wrap denial of service (Nessus ID 232266)


📈 50.54 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-41989 | Django up to 4.2.14/5.0.7 Template Filter django.utils.numberformat.floatformat memory allocation


📈 50.54 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2016-2512 | Django 1.8.1/1.8.2/1.8.6/1.9 django.utils.http.is_safe_url cross site scripting (USN-2915-1 / BID-83879)


📈 43.21 Punkte
🕵️ Sicherheitslücken

🔧 What is the difference between the template filter: `|linebreaks` and `|linebreaksbr` in Django Template?


📈 37.25 Punkte
🔧 Programmierung

🕵️ Medium CVE-2021-41413: Ok-file-formats project Ok-file-formats


📈 33.46 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2023-30145 | Camaleon CMS 2.7.0 Template formats injection (ID 172593 / EDB-51489)


📈 33.4 Punkte
🕵️ Sicherheitslücken

🐧 LabPlot, KDE's full-featured app for data analysis and visualization, releases version 2.10. This release comes with more plotting formats and new spreadsheet functions, adds support for new data formats and import/export filters, and more.


📈 32.51 Punkte
🐧 Linux Tipps

🕵️ CVE-2025-32873 | Django up to 4.2.20/5.1.8/5.2.0 django.utils.html.strip_tags denial of service (Nessus ID 235680)


📈 31.46 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-53907 | Django django.utils.html.strip_tags denial of service (Nessus ID 212064)


📈 31.46 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-45230 | Django up to 4.2.15/5.0.8/5.1.0 django.utils.html.urlize denial of service


📈 31.46 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-27351 | Django up to 3.2.24/4.2.10/5.0.2 Regular Expression django.utils.text.Truncator.words redos


📈 31.46 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2025-3841 | wix-incubator jam up to e87a6fd85cf8fb5ff37b62b2d68f917219d07ae9 Jinja2 Template jam.py config['template'] special elements used in a template engine


📈 30.85 Punkte
🕵️ Sicherheitslücken

🕵️ Django up to 2.2.17/3.0.11/3.1.5 Archive django.utils.archive.extract path traversal


📈 30.5 Punkte
🕵️ Sicherheitslücken

🕵️ Django up to 1.11.18/2.0.10/2.1.5 django.utils.numberformat.format() denial of service


📈 30.5 Punkte
🕵️ Sicherheitslücken

🕵️ Django up to 1.8.17/1.9.12/1.10.6 django.utils.http.is_safe_url cross site scripting


📈 30.5 Punkte
🕵️ Sicherheitslücken

🕵️ Django bis 1.8.17/1.9.12/1.10.6 django.utils.http.is_safe_url() Cross Site Scripting


📈 30.5 Punkte
🕵️ Sicherheitslücken

🕵️ Django 1.8.1/1.8.2/1.8.6/1.9 django.utils.http.is_safe_url() Cross Site Scripting


📈 30.5 Punkte
🕵️ Sicherheitslücken

🕵️ Django 1.8.1/1.8.2/1.8.6/1.9 django.utils.http.is_safe_url() Cross Site Scripting


📈 30.5 Punkte
🕵️ Sicherheitslücken

🕵️ Medium CVE-2020-8147: Utils-extend project Utils-extend


📈 29.17 Punkte
🕵️ Sicherheitslücken

🕵️ High CVE-2021-34080: Ssl-utils project Ssl-utils


📈 29.17 Punkte
🕵️ Sicherheitslücken

🕵️ Medium CVE-2020-7722: Nodee-utils project Nodee-utils


📈 29.17 Punkte
🕵️ Sicherheitslücken

🔧 PHP 8.4: It's a small change, but `$date = DateTimeImmutable::createFromTimestamp(1732420815)` instead of `$date = new DateTimeImmutable(); $date->setTimestamp(1732420815);` looks pretty cool! 🤩


📈 29.06 Punkte
🔧 Programmierung

🕵️ CVE-2016-2513 | Django 1.8.1/1.8.2/1.8.6/1.9 Time Username information disclosure (USN-2915-1 / BID-83878)


📈 28.4 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-41990 | gofiber Django up to 4.2.14/5.0.7 Template Filter urlize/urlizetrunc denial of service (Nessus ID 216436)


📈 28.24 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-41991 | Django up to 4.2.14/5.0.7 Template Filter urlize/urlizetrunc denial of service (Nessus ID 208713)


📈 28.24 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-24680 | Django up to 3.2.23/4.2.9/5.0.1 intcomma Template Filter denial of service


📈 28.24 Punkte
🕵️ Sicherheitslücken

🕵️ SaltStack Salt prior 3002.5 API salt/utils/thin.py salt.utils.thin.gen_thin command injection


📈 28.21 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2016-1572 | ecryptfs-utils mount.ecryptfs_private.c /proc/$pid access control (USN-2876-1 / BID-81299)


📈 26.81 Punkte
🕵️ Sicherheitslücken

🔧 Test Case Template: Free Examples & Formats for QA Teams


📈 26.22 Punkte
🔧 Programmierung

🪟 How to change Date and Time formats in Windows 11


📈 25.94 Punkte
🪟 Windows Tipps

🕵️ CVE-2023-4547 | SPA-Cart eCommerce CMS 1.9.0.3 /search filter[brandid]/filter[price] cross site scripting (ID 174343 / EDB-51713)


📈 25.43 Punkte
🕵️ Sicherheitslücken

🔧 Announcing my new Django package: django-admin-export! #packaging #python #django


📈 24.6 Punkte
🔧 Programmierung

🕵️ Django CMS 1.9/1.10/1.11 Technical 500 Template Deserialization cross site scripting


📈 24.39 Punkte
🕵️ Sicherheitslücken

🕵️ Django CMS 1.9/1.10/1.11 Technical 500 Template Deserialization Cross Site Scripting


📈 24.39 Punkte
🕵️ Sicherheitslücken

🕵️ cron-utils up to 9.1.2 Template injection


📈 24.07 Punkte
🕵️ Sicherheitslücken