Search for packages
| purl | pkg:rpm/redhat/automation-controller@4.4.2-1?arch=el8ap |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-wz1q-1tjp-4qhw
Aliases: BIT-django-2023-36053 CVE-2023-36053 GHSA-jh3w-4vvf-mjgr PYSEC-2023-100 |
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs. | There are no reported fixed by versions. |
|
VCID-ypub-ukuh-p3aw
Aliases: BIT-django-2023-24580 CVE-2023-24580 GHSA-2hrw-hx67-34x6 PYSEC-2023-13 |
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:55:22.377914+00:00 | RedHat Importer | Affected by | VCID-ypub-ukuh-p3aw | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24580.json | 38.0.0 |
| 2026-04-01T13:53:35.901192+00:00 | RedHat Importer | Affected by | VCID-wz1q-1tjp-4qhw | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-36053.json | 38.0.0 |