VDB
BDU%3A2023-00662
BDU%3A2023-00662
PUBLISHED
CVSS 4 MEDIUM
Уязвимость программной платформы для веб-приложений Django, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Risk Scores
CVSS 2.0
4
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| Canonical Ltd., ООО «РусБИТех-Астра», Сообщество свободного программного обеспечения, Django Software Foundation, АО "НППКТ" | Ubuntu, Astra Linux Special Edition (запись в едином реестре российских программ №369), Debian GNU/Linux, Django, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913) |
Exploit Intelligence
- Security advisory tracking for Django 3.2.16 vulnerabilities - CVE-2023-23969 and CVE-2023-24580 (github-poc-repo)
- Security advisory tracking for Django 3.2.16 vulnerabilities - CVE-2023-23969 and CVE-2023-24580 (github-poc-repo)
- Security advisory tracking for Django 3.2.16 vulnerabilities - CVE-2023-23969 and CVE-2023-24580 (github-poc)
- Security advisory tracking for Django 3.2.16 vulnerabilities - CVE-2023-23969 and CVE-2023-24580 (github-poc)
- https://groups.google.com/forum/#%21forum/django-announce (circl)
- FEDORA-2023-a53ab7c969 (circl)
- FEDORA-2023-8fed428c5e (circl)
- https://security.netapp.com/advisory/ntap-20230302-0007/ (circl)
- [debian-lts-announce] 20230201 [SECURITY] [DLA 3306-1] python-django security update (circl)
- https://docs.djangoproject.com/en/4.1/releases/security/ (circl)
…and 12 more exploits
Timeline
- Feb 10, 2023 CVE Published
- Jan 9, 2024 CVE Updated
- Mar 19, 2026 Distribution Patch
- Mar 19, 2026 Distribution Patch
- Mar 19, 2026 Security Advisory
- Mar 19, 2026 Security Advisory
References
- https://security-tracker.debian.org/tracker/CVE-2023-23969 url
- https://ubuntu.com/security/notices/USN-5837-1 url
- https://ubuntu.com/security/notices/USN-5837-2 url
- https://github.com/django/django/commit/c7e0151fdf33e1b11d488b6f67b94fdf3a30614a url
- https://www.openwall.com/lists/oss-security/2023/02/01/4 url
- https://www.djangoproject.com/weblog/2023/feb/01/security-releases/ url
- https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0303SE17MD url
- https://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0316SE47MD url
- https://wiki.astralinux.ru/astra-linux-se16-bulletin-20231214SE16 url
- https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.9/ url
- https://github.com/django/django/commit/4452642f193533e288a52c02efb5bbc766a68f95 advisory
- https://github.com/django/django/commit/9d7bd5a56b1ce0576e8e07a8001373576d277942 advisory
- https://groups.google.com/forum/#%21forum/django-announce url
- https://docs.djangoproject.com/en/4.1/releases/security/ url
- [debian-lts-announce] 20230201 [SECURITY] [DLA 3306-1] python-django security update mailing-list
- https://security.netapp.com/advisory/ntap-20230302-0007/ url
- FEDORA-2023-8fed428c5e vendor-advisory
- FEDORA-2023-a53ab7c969 vendor-advisory