diff --git a/vulns/django/PYSEC-0000-CVE-2024-56374.yaml b/vulns/django/PYSEC-0000-CVE-2024-56374.yaml index 4b4266c5..ba543d53 100644 --- a/vulns/django/PYSEC-0000-CVE-2024-56374.yaml +++ b/vulns/django/PYSEC-0000-CVE-2024-56374.yaml @@ -5,6 +5,19 @@ details: An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, undocumented and private functions clean_ipv6_address and is_valid_ipv6_address are vulnerable, as is the django.forms.GenericIPAddressField form field. (The django.db.models.GenericIPAddressField model field is not affected.) +aliases: +- CVE-2024-56374 +modified: '2025-01-14T21:22:18.665005Z' +published: '2025-01-14T19:15:32Z' +references: +- type: ARTICLE + url: https://www.djangoproject.com/weblog/2025/jan/14/security-releases/ +- type: WEB + url: https://docs.djangoproject.com/en/dev/releases/security/ +- type: WEB + url: https://groups.google.com/g/django-announce +- type: WEB + url: http://www.openwall.com/lists/oss-security/2025/01/14/2 affected: - package: name: django @@ -13,22 +26,44 @@ affected: ranges: - type: ECOSYSTEM events: - - introduced: "5.1" + - introduced: '5.1' - fixed: 5.1.5 - - introduced: "5.0" + - introduced: '5.0' - fixed: 5.0.11 - - introduced: "4.2" + - introduced: '4.2' - fixed: 4.2.18 -references: -- type: ARTICLE - url: https://www.djangoproject.com/weblog/2025/jan/14/security-releases/ -- type: WEB - url: https://docs.djangoproject.com/en/dev/releases/security/ -- type: WEB - url: https://groups.google.com/g/django-announce -- type: WEB - url: http://www.openwall.com/lists/oss-security/2025/01/14/2 -aliases: -- CVE-2024-56374 -modified: "2025-01-14T19:15:32Z" -published: "2025-01-14T19:15:32Z" + versions: + - '4.2' + - 4.2.1 + - 4.2.10 + - 4.2.11 + - 4.2.12 + - 4.2.13 + - 4.2.14 + - 4.2.15 + - 4.2.16 + - 4.2.17 + - 4.2.2 + - 4.2.3 + - 4.2.4 + - 4.2.5 + - 4.2.6 + - 4.2.7 + - 4.2.8 + - 4.2.9 + - '5.0' + - 5.0.1 + - 5.0.10 + - 5.0.2 + - 5.0.3 + - 5.0.4 + - 5.0.5 + - 5.0.6 + - 5.0.7 + - 5.0.8 + - 5.0.9 + - '5.1' + - 5.1.1 + - 5.1.2 + - 5.1.3 + - 5.1.4