An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c5c5671edb advisory.

    Automatic update for python-django-4.2.11-1.fc41.

    ##### **Changelog**

    ```
    * Mon Apr  8 2024 Michel Lind <salimma@fedoraproject.org> - 4.2.11-1
    - Update to 4.2.11
    - Resolves CVE-2024-24680 (rhbz#2263505)
    - Resolves CVE-2024-27351 (rhbz#2267654)

    ```

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12803 advisory.

    Oracle Linux Automation Manager 2.2

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5662 advisory.

    Red Hat Satellite is a system management solution that allows organizations     to configure and maintain their systems without the necessity to provide     public Internet access to their servers or other client systems. It     performs provisioning and configuration management of predefined standard     operating environments.

    Users of Red Hat Satellite are advised to upgrade to these updated     packages, which fix these bugs.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2731 advisory.

    Django is a high-level Python Web framework that encourages rapid     development and a clean, pragmatic design. It focuses on automating as much     as possible and adhering to the DRY (Don't Repeat Yourself) principle.

    Security Fix(es):

    * denial-of-service in ``intcomma`` template filter (CVE-2024-24680)

    For more details about the security issue(s), including the impact, a CVSS     score, acknowledgments, and other related information, refer to the CVE     page listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

This plugin has been deprecated as it does not adhere to established standards for this style of check.

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5c7fb64c74 advisory.

    Security fix for CVE-2024-24680 and CVE-2024-27351



Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-84fbbbb914 advisory.

    Security fixes for

    - CVE-2024-27351 Potential regular expression DOS in `django.utils.text.Truncator.words()`
    - CVE-2024-24680 denial-of-service in ``intcomma`` template filter
    - CVE-2023-43665 Denial-of-service possibility in django.utils.text.Truncator
    - CVE-2023-41164 Potential DOS vulnerability in `django.utils.encoding.uri_to_iri()`
    - CVE-2023-36053 Potential regular expression denial of service vulnerability in     EmailValidator/URLValidator





Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1878 advisory.

    Red Hat Update Infrastructure (RHUI) offers a highly scalable, highly redundant     framework that enables you to manage repositories and content. It also enables     cloud providers to deliver content and updates to Red Hat Enterprise Linux     (RHEL) instances.

    Security Fix(es):

    * python-django: Potential regular expression denial of service vulnerability in     EmailValidator/URLValidator (CVE-2023-36053)

    * python-aiohttp: HTTP request smuggling via llhttp HTTP request parser (CVE-2023-37276)

    * python-django: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``     (CVE-2023-41164)

    * python-django: Denial-of-service possibility in django.utils.text.Truncator (CVE-2023-43665)

    * python-aiohttp: numerous issues in HTTP parser with header parsing (CVE-2023-47627)

    * aiohttp: HTTP request modification (CVE-2023-49081)

    * python-cryptography: NULL-dereference when loading PKCS7 certificates (CVE-2023-49083)

    * jinja2: HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-22195)

    * aiohttp: follow_symlinks directory traversal vulnerability (CVE-2024-23334)

    * python-ecdsa: vulnerable to the Minerva attack (CVE-2024-23342)

    * python-aiohttp: http request smuggling (CVE-2024-23829)

    * Django: denial-of-service in ``intcomma`` template filter (CVE-2024-24680)

    * python-django: Potential regular expression denial-of-service in django.utils.text.Truncator.words()     (CVE-2024-27351)

    * aiohttp: CRLF injection if user controls the HTTP method using aiohttp client (CVE-2023-49082)

    This RHUI update fixes the following bugs:

    * The rhui-installer failed on RHEL 8.10 Beta due to the use of distutils. This has been addressed by     updating to a newer version of ansible-collection-community-crypto which does not use the distutils.

    This RHUI update introduces the following enhancements:

    * A native Ansible module is now used to update the packages on the RHUA server when the RHUI installer is     run for the first time or rerun at any time. This update can be prevented by using the --ignore-newer-     rhel-packages flag on the rhui-installer command line.

    * PulpCore has been updated to version 3.39.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2ec03ca8cb advisory.

    Security fix for CVE-2024-24680 and CVE-2024-27351



Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1640 advisory.

    Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing     IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to     individual teams, while automation developers retain the freedom to write tasks that leverage existing     knowledge without the overhead. Ansible Automation Platform makes it possible for users across an     organization to share, vet, and manage automation content by means of a simple, powerful, and agentless     language.

    Security Fix(es):

    * automation-controller: Django: denial-of-service in 'intcomma' template filter (CVE-2024-24680)
    * automation-controller: aiohttp: http request smuggling (CVE-2024-23829)
    * automation-controller: aiohttp: follow_symlinks directory traversal vulnerability (CVE-2024-23334)
    * automation-controller: Jinja2: HTML attribute injection when passing user input as keys to xmlattr     filter (CVE-2024-22195)
    * automation-controller: cryptography: NULL-dereference when loading PKCS7 certificates (CVE-2023-49083)
    * automation-controller: aiohttp: numerous issues in HTTP parser with header parsing (CVE-2023-47627)
    * automation-controller: Twisted: disordered HTTP pipeline response in twisted.web (CVE-2023-46137)
    * automation-controller: axios: exposure of confidential data stored in cookies (CVE-2023-45857)
    * automation-controller: GitPython: Blind local file inclusion (CVE-2023-41040)
    * python3-aiohttp/python39-aiohttp: http request smuggling (CVE-2024-23829)
    * python3-aiohttp/python39-aiohttp: follow_symlinks directory traversal vulnerability (CVE-2024-23334)
    * python3-django/python39-django: Potential regular expression denial-of-service in     django.utils.text.Truncator.words() (CVE-2024-27351)
    * receptor: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads     (CVE-2024-1394)
    * receptor: golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests     (CVE-2023-39326)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Updates and fixes for automation controller:
    * Fixed bug where schedule prompted variables and survey answers were reset on edit when changing one of     the basic form fields (AAP-20967)
    * Fixed the update execution environment image to no longer fail jobs that use the previous image     (AAP-21733)
    * Removed string validation using comparisons of English literals for comparison, replacing validation     with error/op codes as a universal approach to validation and comparison (AAP-21721)
    * Fixed dispatcher to appropriately terminate child processes when dispatcher terminates (AAP-21049)
    * Fixed upgrade from Ansible Tower 3.8.6 to AAP 2.4 to no longer fail upon database schema migration     (AAP-19738)
    * automation-controller has been updated to 4.5.5

    Updates and fixes for receptor:
    * Fixes a receptor dialing issue where the connection attempt is timed out too aggressively (AAP-21838,     AAP-21828)
    * receptor has been updated to 1.4.5

    Additional fixes:
    * ansible-core has been updated to 2.15.10
    * ansible-runner has been updated to 2.3.6
    * python3-aiohttp/python39-aiohttp has been updated to 3.9.3
    * python3-django/python39-django has been updated  4.2.11
    * python3-pulpcore/python39-pulpcore has been updated 3.28.24

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1057 advisory.

    Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing     IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to     individual teams, while automation developers retain the freedom to write tasks that leverage existing     knowledge without the overhead. Ansible Automation Platform makes it possible for users across an     organization to share, vet, and manage automation content by means of a simple, powerful, and agentless     language.

    Security Fix(es):

    * automation-eda-controller / ansible-rulebook / ansible-automation-platform-installer: Insecure websocket     used when interacting with EDA server (CVE-2024-1657)

    * python3-django/python39-django: denial-of-service in 'intcomma' template filter (CVE-2024-24680)

    * python3-jinja2/python39-jinja2: HTML attribute injection when passing user input as keys to xmlattr     filter (CVE-2024-22195)

    * python3-aiohttp/python39-aiohttp: CRLF injection if user controls the HTTP method using aiohttp client     (CVE-2023-49082)

    * python3-aiohttp/python39-aiohttp: HTTP request modification (CVE-2023-49081)

    * python3-aiohttp/python39-aiohttp: numerous issues in HTTP parser with header parsing (CVE-2023-47627)

    * python3-pycryptodomex/python39-pycryptodomex: side-channel leakage for OAEP decryption in PyCryptodome     and pycryptodomex (CVE-2023-52323)

    * python3-pillow/python39-pillow: uncontrolled resource consumption when textlength in an ImageDraw     instance operates on a long text argument (CVE-2023-44271)

    * python3-pygments/python39-pygments: ReDoS in pygments (CVE-2022-40896)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Updates and fixes for automation controller:
    * automation-controller has been updated to 4.5.2
    * Enabled HashiCorp Vault LDAP and Userpass authentication (AAP-19842)

    Updates and fixes for automation hub:
    * automation-hub and python3-galaxy-ng/python39-galaxy-ng have been updated to 4.9.1
    * various dependencies have been updated

    Updates and fixes for Event-Driven Ansible:
    * automation-eda-controller has been updated to 1.0.5
    * various dependencies have been updated
    * Fixed a vulnerability that allowed command line injections in user and url fields for projects     (AAP-17778)
    * The communication between the activations and eda-server is now authenticated. Once EDA Controller is     upgraded, all the existing running activations must be restarted with upgraded Decision Environment images     (AAP-17619)
    * Removed 409 conflict error when enabling an activation (AAP-16305)
    * An activation status did not change to failed when an internal error occurred (AAP-16014)
    * Restarting the EDA server can cause activation states to become stale (AAP-13064)
    * RHEL 9.2 activations can not connect to the host (AAP-12929)
    * Added podman_containers_conf_logs_max_size variable to control max log size for podman installations     with a default value of 10 MiB (AAP-12295)

    Note: The 2.4-6 installer/setup should be used to update Event-Driven Ansible to 1.0.5

    Updates and fixes for installer and setup:
    * Added podman_containers_conf_logs_max_size variable for containers.conf to control max log size for     podman installations with a default value of 10 MiB (AAP-19775)
    * EDA debug flag of false will now correctly disable django debug mode (AAP-19577)
    * installer and setup have been updated to 2.4-6

    Additional changes:
    * ansible-builder has been updated to 3.0.1
    * ansible-runner has been updated to 2.3.5
    * ansible-dev-tools has been added

    For more details about the updates and fixes included in this release, refer to the Release Notes.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e0f6215b-c59e-11ee-a6db-080027a5b8e9 advisory.

  - An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The     intcomma template filter was subject to a potential denial-of-service attack when used with very long     strings. (CVE-2024-24680)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6623-1 advisory.

    It was discovered that Django incorrectly handled certain inputs that uses intcomma template filter. An     attacker could possibly use this issue to cause a denial of service.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
211092	Fedora 41 : python-django (2024-c5c5671edb)	Nessus	Fedora Local Security Checks	high
210229	Oracle Linux 8 : Oracle / Linux / Automation / Manager / 2.2 / (MODERATE) (ELSA-2024-12803)	Nessus	Oracle Linux Local Security Checks	high
205887	RHEL 8 : Satellite 6.15.3 Security Update (Moderate) (RHSA-2024:5662)	Nessus	Red Hat Local Security Checks	high
197637	RHEL 9 : Red Hat OpenStack Platform 17.1 (python-django) (RHSA-2024:2731)	Nessus	Red Hat Local Security Checks	high
195691	RHEL 7 : django (Unpatched Vulnerability) (deprecated)	Nessus	Red Hat Local Security Checks	high
194649	Fedora 40 : python-django (2024-5c7fb64c74)	Nessus	Fedora Local Security Checks	high
193650	Fedora 38 : python-django3 (2024-84fbbbb914)	Nessus	Fedora Local Security Checks	high
193467	RHEL 8 : RHUI 4.8 Release - Security Updates, Bug Fixes, and Enhancements (Moderate) (RHSA-2024:1878)	Nessus	Red Hat Local Security Checks	critical
193457	Fedora 39 : python-django (2024-2ec03ca8cb)	Nessus	Fedora Local Security Checks	high
193086	RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2024:1640)	Nessus	Red Hat Local Security Checks	critical
191748	RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Important) (RHSA-2024:1057)	Nessus	Red Hat Local Security Checks	high
190128	FreeBSD : Django -- multiple vulnerabilities (e0f6215b-c59e-11ee-a6db-080027a5b8e9)	Nessus	FreeBSD Local Security Checks	high
190066	Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 : Django vulnerability (USN-6623-1)	Nessus	Ubuntu Local Security Checks	high

Detections

Analytics

CVE-2024-24680

high

Tenable Plugins

high

high

high

high

high

high

high

critical

high

critical

high

high

high