CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-56374

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions clean_ipv6_address and is_valid_ipv6_address are vulnerable, as is the django.forms.GenericIPAddressField form field. (The django.db.models.GenericIPAddressField model field is not affected.)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.7%

CVSS Severity

CVSS v3 Score 5.8

References

Products affected by CVE-2024-56374

Djangoproject » Django » Version: 4.2

cpe:2.3:a:djangoproject:django:4.2
Djangoproject » Django » Version: 4.2.0

cpe:2.3:a:djangoproject:django:4.2.0
Djangoproject » Django » Version: 4.2.1

cpe:2.3:a:djangoproject:django:4.2.1
Djangoproject » Django » Version: 4.2.10

cpe:2.3:a:djangoproject:django:4.2.10
Djangoproject » Django » Version: 4.2.11

cpe:2.3:a:djangoproject:django:4.2.11
Djangoproject » Django » Version: 4.2.12

cpe:2.3:a:djangoproject:django:4.2.12
Djangoproject » Django » Version: 4.2.13

cpe:2.3:a:djangoproject:django:4.2.13
Djangoproject » Django » Version: 4.2.14

cpe:2.3:a:djangoproject:django:4.2.14
Djangoproject » Django » Version: 4.2.15

cpe:2.3:a:djangoproject:django:4.2.15
Djangoproject » Django » Version: 4.2.16

cpe:2.3:a:djangoproject:django:4.2.16
Djangoproject » Django » Version: 4.2.17

cpe:2.3:a:djangoproject:django:4.2.17
Djangoproject » Django » Version: 4.2.2

cpe:2.3:a:djangoproject:django:4.2.2
Djangoproject » Django » Version: 4.2.3

cpe:2.3:a:djangoproject:django:4.2.3
Djangoproject » Django » Version: 4.2.4

cpe:2.3:a:djangoproject:django:4.2.4
Djangoproject » Django » Version: 4.2.5

cpe:2.3:a:djangoproject:django:4.2.5
Djangoproject » Django » Version: 4.2.6

cpe:2.3:a:djangoproject:django:4.2.6
Djangoproject » Django » Version: 4.2.7

cpe:2.3:a:djangoproject:django:4.2.7
Djangoproject » Django » Version: 4.2.8

cpe:2.3:a:djangoproject:django:4.2.8
Djangoproject » Django » Version: 4.2.9

cpe:2.3:a:djangoproject:django:4.2.9
Djangoproject » Django » Version: 5.0

cpe:2.3:a:djangoproject:django:5.0
Djangoproject » Django » Version: 5.0.1

cpe:2.3:a:djangoproject:django:5.0.1
Djangoproject » Django » Version: 5.0.10

cpe:2.3:a:djangoproject:django:5.0.10
Djangoproject » Django » Version: 5.0.2

cpe:2.3:a:djangoproject:django:5.0.2
Djangoproject » Django » Version: 5.0.3

cpe:2.3:a:djangoproject:django:5.0.3
Djangoproject » Django » Version: 5.0.4

cpe:2.3:a:djangoproject:django:5.0.4
Djangoproject » Django » Version: 5.0.5

cpe:2.3:a:djangoproject:django:5.0.5
Djangoproject » Django » Version: 5.0.6

cpe:2.3:a:djangoproject:django:5.0.6
Djangoproject » Django » Version: 5.0.7

cpe:2.3:a:djangoproject:django:5.0.7
Djangoproject » Django » Version: 5.0.8

cpe:2.3:a:djangoproject:django:5.0.8
Djangoproject » Django » Version: 5.0.9

cpe:2.3:a:djangoproject:django:5.0.9
Djangoproject » Django » Version: 5.1

cpe:2.3:a:djangoproject:django:5.1
Djangoproject » Django » Version: 5.1.1

cpe:2.3:a:djangoproject:django:5.1.1
Djangoproject » Django » Version: 5.1.2

cpe:2.3:a:djangoproject:django:5.1.2
Djangoproject » Django » Version: 5.1.3

cpe:2.3:a:djangoproject:django:5.1.3
Djangoproject » Django » Version: 5.1.4

cpe:2.3:a:djangoproject:django:5.1.4
Debian » Debian Linux » Version: 11.0

cpe:2.3:o:debian:debian_linux:11.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-56374

Products

Pricing

Contact Us