In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2010 advisory.

    For more details about the security issue(s), including the impact, a CVSS     score, acknowledgments, and other related information, refer to the CVE page(s)     listed in the References section.

    Security fixes:
    * python-pygments: ReDoS in pygments (CVE-2022-40896)
    * python-pycryptodomex: Side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex     (CVE-2023-52323)
    * satellite: Arithmetic overflow in satellite (CVE-2023-4320)
    * automation-hub: Ansible Automation Hub: insecure galaxy-importer tarfile extraction (CVE-2023-5189)
    * jetty: Improper addition of quotation marks to user inputs in CgiServlet (CVE-2023-36479)
    * python-aiohttp: HTTP request smuggling via llhttp HTTP request parser (CVE-2023-37276)
    * rubygem-activesupport: File Disclosure of Locally Encrypted Files (CVE-2023-38037)
    * jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)
    * python-django: Potential denial of service vulnerability in `django.utils.encoding.uri_to_iri()`     (CVE-2023-41164)
    * python-django: Denial-of-service possibility in django.utils.text.Truncator (CVE-2023-43665)
    * python-aiohttp: Numerous issues in HTTP parser with header parsing (CVE-2023-47627)
    * python-aiohttp: HTTP request modification (CVE-2023-49081)
    * python-aiohttp: CRLF injection if user controls the HTTP method using aiohttp client (CVE-2023-49082)
    * rubygem-puma: HTTP request smuggling when parsing chunked Transfer-Encoding Bodies (CVE-2024-21647)
    * rubygem-audited: Race condition can lead to audit logs being incorrectly attributed to the wrong user     (CVE-2024-22047)
    * python-jinja2: HTML attribute injection when passing user input as keys to xmlattr filter     (CVE-2024-22195)
    * python-aiohttp: Follow_symlinks directory traversal vulnerability (CVE-2024-23334)
    * python-aiohttp: HTTP request smuggling (CVE-2024-23829)

    Additional Changes:
    This update also fixes several bugs and adds various enhancements.

    Documentation for these changes is available from the Release Notes document linked to in the References     section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5701 advisory.

    Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing     IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to     individual teams, while automation developers retain the freedom to write tasks that leverage existing     knowledge without the overhead. Ansible Automation Platform makes it possible for users across an     organization to share, vet, and manage automation content by means of a simple, powerful, and agentless     language.

    Security Fix(es):
    * ansible-core: malicious role archive can cause ansible-galaxy to overwrite arbitrary files     (CVE-2023-5115)
    * automation-controller: Django: Potential denial of service vulnerability in     django.utils.encoding.uri_to_iri() (CVE-2023-41164)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional changes:
    * ansible-core has been updated to 2.14.11
    * automation-controller has been updated to 4.3.16

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5758 advisory.

    Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing     IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to     individual teams, while automation developers retain the freedom to write tasks that leverage existing     knowledge without the overhead. Ansible Automation Platform makes it possible for users across an     organization to share, vet, and manage automation content by means of a simple, powerful, and agentless     language.

    Security Fix(es):
    * ansible-core: malicious role archive can cause ansible-galaxy to overwrite arbitrary files     (CVE-2023-5115)
    * automation-controller: Django: Potential denial of service vulnerability in     django.utils.encoding.uri_to_iri() (CVE-2023-41164)
    * python3-django/python39-django: Denial-of-service possibility in django.utils.text.Truncator     (CVE-2023-43665)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional changes:
    * ansible-core has been updated to 2.15.5
    * automation-controller has been updated to 4.4.6
    * python3-django/python39-django has been updated to 3.2.22
    * automation controller: Added a new subscription usage page to the controller UI to view historical usage     of licenses (AAP-16983)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5208 advisory.

    Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing     IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to     individual teams, while automation developers retain the freedom to write tasks that leverage existing     knowledge without the overhead. Ansible Automation Platform makes it possible for users across an     organization to share, vet, and manage automation content by means of a simple, powerful, and agentless     language.

    Security Fix(es):
    * python3-django/python39-django: Potential denial of service vulnerability in     django.utils.encoding.uri_to_iri() (CVE-2023-41164)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional changes:
    * ansible-core has been updated to 2.15.4 (AAP-16010)
    * ansible-runner has been updated to 2.3.4 (AAP-15594)
    * automation-controller has been updated to 4.4.4 (AAP-15594)
    * python3-django/python39-django has been updated to 3.2.21 (AAP-15704)

    Updates and fixes for automation controller:
    * Fixed job error handling so that we correctly report error text from ansible-runner or receptor in cases     we previously showed Job terminated due to error (AAP-12917)
    * The constructed inventory edit form no longer hangs indefinitely in the loading state for users with     edit permissions (AAP-15099)
    * Added views for a monthly summary of host metrics (AAP-15677)
    * Added host metrics to exported analytics data (AAP-15677)
    * Introduced a periodic task and management command for cleaning up old host metrics (AAP-15677)
    * Fixed bug where rapidly clicking on launch button in preview step would launch multiple jobs (AAP-15689)
    * Fixed incorrect capacity for remote execution nodes when resource limits are set in OpenShift     (AAP-15736)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-84fbbbb914 advisory.

    Security fixes for

    - CVE-2024-27351 Potential regular expression DOS in `django.utils.text.Truncator.words()`
    - CVE-2024-24680 denial-of-service in ``intcomma`` template filter
    - CVE-2023-43665 Denial-of-service possibility in django.utils.text.Truncator
    - CVE-2023-41164 Potential DOS vulnerability in `django.utils.encoding.uri_to_iri()`
    - CVE-2023-36053 Potential regular expression denial of service vulnerability in     EmailValidator/URLValidator





Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1878 advisory.

    Red Hat Update Infrastructure (RHUI) offers a highly scalable, highly redundant     framework that enables you to manage repositories and content. It also enables     cloud providers to deliver content and updates to Red Hat Enterprise Linux     (RHEL) instances.

    Security Fix(es):

    * python-django: Potential regular expression denial of service vulnerability in     EmailValidator/URLValidator (CVE-2023-36053)

    * python-aiohttp: HTTP request smuggling via llhttp HTTP request parser (CVE-2023-37276)

    * python-django: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``     (CVE-2023-41164)

    * python-django: Denial-of-service possibility in django.utils.text.Truncator (CVE-2023-43665)

    * python-aiohttp: numerous issues in HTTP parser with header parsing (CVE-2023-47627)

    * aiohttp: HTTP request modification (CVE-2023-49081)

    * python-cryptography: NULL-dereference when loading PKCS7 certificates (CVE-2023-49083)

    * jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195)

    * aiohttp: follow_symlinks directory traversal vulnerability (CVE-2024-23334)

    * python-ecdsa: vulnerable to the Minerva attack (CVE-2024-23342)

    * python-aiohttp: http request smuggling (CVE-2024-23829)

    * Django: denial-of-service in ``intcomma`` template filter (CVE-2024-24680)

    * python-django: Potential regular expression denial-of-service in django.utils.text.Truncator.words()     (CVE-2024-27351)

    * aiohttp: CRLF injection if user controls the HTTP method using aiohttp client (CVE-2023-49082)

    This RHUI update fixes the following bugs:

    * The rhui-installer failed on RHEL 8.10 Beta due to the use of distutils. This has been addressed by     updating to a newer version of ansible-collection-community-crypto which does not use the distutils.

    This RHUI update introduces the following enhancements:

    * A native Ansible module is now used to update the packages on the RHUA server when the RHUI installer is     run for the first time or rerun at any time. This update can be prevented by using the --ignore-newer-     rhel-packages flag on the rhui-installer command line.

    * PulpCore has been updated to version 3.39.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a67af7d8f4 advisory.

    Security fix for CVE-2023-41164 and CVE-2023-43665




Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-9d36d373f1 advisory.

    Security fix for CVE-2023-43665, CVE-2023-41164, and CVE-2023-36053

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-cc023fabb7 advisory.

    Security fix for CVE-2023-43665, CVE-2023-41164, and CVE-2023-36053

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6414-2 advisory.

    USN-6414-1 and USN-6378-1 fixed CVE-2023-43665 and CVE-2023-41164 in Django, respectively. This update     provides the corresponding update for Ubuntu 18.04 LTS.



Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has a package installed that is affected by a vulnerability as referenced in the USN-6378-1 advisory.

    It was discovered that Django incorrectly handled certain URIs with a very large number of Unicode     characters. A remote attacker could possibly use this issue to cause Django to consume resources or crash,     leading to a denial of service.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3558 advisory.

  - Django reports: CVE-2023-41164: Potential denial of service vulnerability in     django.utils.encoding.uri_to_iri(). (CVE-2023-41164)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8fd4f40a-4b7d-11ee-aa2a-080027de9982 advisory.

  - Django reports: CVE-2023-41164: Potential denial of service vulnerability in     django.utils.encoding.uri_to_iri(). (CVE-2023-41164)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
199805	RHEL 8 : Satellite 6.15.0 (Important) (RHSA-2024:2010)	Nessus	Red Hat Local Security Checks	high
194401	RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5701)	Nessus	Red Hat Local Security Checks	medium
194369	RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5758)	Nessus	Red Hat Local Security Checks	medium
194229	RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5208)	Nessus	Red Hat Local Security Checks	high
193650	Fedora 38 : python-django3 (2024-84fbbbb914)	Nessus	Fedora Local Security Checks	high
193467	RHEL 8 : RHUI 4.8 Release - Security Updates, Bug Fixes, and Enhancements (Moderate) (RHSA-2024:1878)	Nessus	Red Hat Local Security Checks	critical
185323	Fedora 39 : python-django (2023-a67af7d8f4)	Nessus	Fedora Local Security Checks	high
183683	Fedora 37 : python-asgiref / python-django (2023-9d36d373f1)	Nessus	Fedora Local Security Checks	high
183095	Fedora 38 : python-asgiref / python-django (2023-cc023fabb7)	Nessus	Fedora Local Security Checks	high
182577	Ubuntu 18.04 ESM : Django vulnerabilities (USN-6414-2)	Nessus	Ubuntu Local Security Checks	high
181542	Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Django vulnerability (USN-6378-1)	Nessus	Ubuntu Local Security Checks	high
181181	Debian DLA-3558-1 : python-django - LTS security update	Nessus	Debian Local Security Checks	high
180489	FreeBSD : Django -- multiple vulnerabilities (8fd4f40a-4b7d-11ee-aa2a-080027de9982)	Nessus	FreeBSD Local Security Checks	high

Detections

Analytics

CVE-2023-41164

high

Tenable Plugins

high

medium

medium

high

high

critical

high

high

high

high

high

high

high