vulnerability
FreeBSD: VID-D3E023FB-6E88-11EC-B948-080027240888 (CVE-2021-45116): Django -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Dec 20, 2021 | Nov 4, 2022 | Nov 4, 2022 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Dec 20, 2021
Added
Nov 4, 2022
Modified
Nov 4, 2022
Description
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key.
Solutions
freebsd-upgrade-package-py37-django22freebsd-upgrade-package-py37-django32freebsd-upgrade-package-py37-django40freebsd-upgrade-package-py38-django22freebsd-upgrade-package-py38-django32freebsd-upgrade-package-py38-django40freebsd-upgrade-package-py39-django22freebsd-upgrade-package-py39-django32freebsd-upgrade-package-py39-django40
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.