Kasper Dupont

**Name of the Vulnerable Software and Affected Versions** Django versions prior to 6.0.6 Django versions prior to 5.2.15 **Description** An issue exists in `django.core.mail.backends.smtp.EmailBackend` where the system fails to prevent the reuse of a partially-initialized connection following a failed `STARTTLS` handshake when the `fail silently` variable is set to `True`. This allows on-path network attackers to intercept and read email content in cleartext. **Recommendations** Update to version 6.0.6 or later. Update to version 5.2.15 or later.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue allows an attacker to fill up the neighbour table with enough entries that it will overflow for valid connections after that. This behaviour is more prevalent after commit 58956317c8de ("neighbor: Improve garbage collection") is applied, as it prevents removal from entries that are not NUD FAILED, unless they are more than 5s old. IFF POINTOPOINT interfaces use NUD NOARP entries for IPv6. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** httplib2 versions 0.7.2 and earlier httplib2 versions 0.8 and earlier httplib2 versions prior to 0.10.1 **Description** The issue allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate because, after an initial connection is made, it does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate. **Recommendations** For versions 0.7.2 and earlier, update to version 0.10.1 or later. For versions 0.8 and earlier, update to version 0.10.1 or later. For versions prior to 0.10.1, update to version 0.10.1 or later.

**Name of the Vulnerable Software and Affected Versions** Pan versions prior to 0.13.3 Pan version 0.11.4 Pan version 0.13.4 Pan version 0.9.7 **Description** The issue allows remote attackers to cause a denial of service, leading to disruption of protected information availability. This can be exploited remotely. **Recommendations** For version 0.9.7, update to a version later than 0.9.7. For version 0.11.4, update to a version later than 0.11.4. For version 0.13.4, update to a version later than 0.13.4. For versions prior to 0.13.3, update to version 0.13.3 or later.