Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
altlinuxHttps://packages.altlinux.org/en/sisyphus/security/697888D6B81B4FFC96FB5C9A97AA059B
HistoryJul 15, 2019 - 12:00 a.m.

Security fix for the ALT Linux 10 package python3-module-django version 2.2.3-alt1

2019-07-1500:00:00
https://packages.altlinux.org/en/sisyphus/security/
packages.altlinux.org
5

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.021 Low

EPSS

Percentile

87.4%

JSON

July 15, 2019 Alexey Shabalin 2.2.3-alt1

- 2.2.3
- build python3 only
- rename package to python3-module-django2.2
- Fixes for the following security vulnerabilities:
  + CVE-2019-12781 Incorrect HTTP detection with reverse-proxy connecting via HTTPS
  + CVE-2019-12308 AdminURLFieldWidget XSS
  + CVE-2019-6975 Memory exhaustion in django.utils.numberformat.format()
  + CVE-2019-3498 Content spoofing possibility in the default 404 page
  + CVE-2018-16984 Password hash disclosure to view only admin users
  + CVE-2018-14574 Open redirect possibility in CommonMiddleware
  + CVE-2018-7536 Denial-of-service possibility in urlize and urlizetrunc template filters
  + CVE-2018-7537 Denial-of-service possibility in truncatechars_html and truncatewords_html template filters
  + CVE-2018-6188 Information leakage in AuthenticationForm
OSVersionArchitecturePackageVersionFilename
ALT Linux10srcpython3-module-django-3.2.18-alt1.src.rpm< 2.2.3-alt1python3-module-django-3.2.18-alt1.src.rpm
ALT Linux10noarchpython3-module-django-3.2.18-alt1.noarch.rpm< 2.2.3-alt1python3-module-django-3.2.18-alt1.noarch.rpm
ALT Linux10noarchpython3-module-django-dbbackend-mysql-3.2.18-alt1.noarch.rpm< 2.2.3-alt1python3-module-django-dbbackend-mysql-3.2.18-alt1.noarch.rpm
ALT Linux10noarchpython3-module-django-dbbackend-oracle-3.2.18-alt1.noarch.rpm< 2.2.3-alt1python3-module-django-dbbackend-oracle-3.2.18-alt1.noarch.rpm
ALT Linux10noarchpython3-module-django-dbbackend-postgresql-3.2.18-alt1.noarch.rpm< 2.2.3-alt1python3-module-django-dbbackend-postgresql-3.2.18-alt1.noarch.rpm
ALT Linux10noarchpython3-module-django-dbbackend-sqlite3-3.2.18-alt1.noarch.rpm< 2.2.3-alt1python3-module-django-dbbackend-sqlite3-3.2.18-alt1.noarch.rpm
ALT Linux10noarchpython3-module-django-doc-3.2.18-alt1.noarch.rpm< 2.2.3-alt1python3-module-django-doc-3.2.18-alt1.noarch.rpm

Related

altlinux 1
debian 7
nessus 30
osv 30
openvas 28
redhat 3
fedora 13
ubuntu 4
mageia 1
archlinux 10
redhatcve 8
veracode 8
prion 8
cve 8
freebsd 3
github 8
ubuntucve 8
alpinelinux 7
suse 5
debiancve 8
nuclei 1
altlinux
altlinux
Security fix for the ALT Linux 9 package python3-module-django version 2.2.3-alt1
2019-07-15 00:00:00
debian
debian
[SECURITY] [DSA 4476-1] python-django security update
2019-07-05 18:03:12
[SECURITY] [DSA 4161-1] python-django security update
2018-04-01 13:16:40
[SECURITY] [DSA 4161-1] python-django security update
2018-04-01 13:16:40
nessus
nessus
Debian DSA-4476-1 : python-django - security update
2019-07-08 00:00:00
RHEL 7 : Storage Server (RHSA-2019:0265)
2019-02-06 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : Django vulnerabilities (USN-4043-1)
2019-07-02 00:00:00
osv
osv
python-django - security update
2019-07-05 00:00:00
python-django - security update
2018-03-08 00:00:00
python-django - security update
2018-04-01 00:00:00
openvas
openvas
Fedora Update for python2-django1.11 FEDORA-2019-5ad2149e99
2019-03-21 00:00:00
Debian: Security Advisory (DSA-4476-1)
2019-07-07 00:00:00
Ubuntu: Security Advisory (USN-4043-1)
2019-07-02 00:00:00
redhat
redhat
(RHSA-2019:0265) Moderate: Red Hat Gluster Storage Web Administration security update
2019-02-04 07:32:25
(RHSA-2019:0082) Moderate: python-django security update
2019-01-16 17:03:22
(RHSA-2019:0051) Moderate: python-django security update
2019-01-16 16:51:02
fedora
fedora
[SECURITY] Fedora 28 Update: python2-django1.11-1.11.20-1.fc28
2019-03-20 21:18:09
[SECURITY] Fedora 30 Update: python-django-2.1.10-1.fc30
2019-07-13 01:07:30
[SECURITY] Fedora 28 Update: python-django-2.0.3-1.fc28
2018-03-30 13:28:29
ubuntu
ubuntu
Django vulnerabilities
2019-07-01 00:00:00
Django vulnerabilities
2018-03-06 00:00:00
Django vulnerability
2018-08-01 00:00:00
mageia
mageia
Updated python-django packages fix security vulnerabilities
2018-03-14 19:21:20
archlinux
archlinux
[ASA-201803-5] python-django: denial of service
2018-03-06 00:00:00
[ASA-201803-6] python2-django: denial of service
2018-03-06 00:00:00
[ASA-201906-1] python2-django: cross-site scripting
2019-06-04 00:00:00
redhatcve
redhatcve
CVE-2018-16984
2018-10-15 16:19:07
CVE-2018-14574
2018-08-02 02:49:03
CVE-2019-12781
2020-04-07 11:36:06
veracode
veracode
Information Disclosure
2018-10-03 03:07:20
Open Redirect
2018-08-02 07:23:55
Cross-site Scripting (XSS)
2019-06-04 02:09:04
prion
prion
Default credentials
2018-10-02 18:29:00
Design/Logic Flaw
2019-07-01 14:15:00
Input validation
2018-02-05 03:29:00
cve
cve
CVE-2018-16984
2018-10-02 18:29:00
CVE-2018-14574
2018-08-03 17:29:00
CVE-2019-12308
2019-06-03 17:29:00
freebsd
freebsd
Django -- password hash disclosure
2018-10-02 00:00:00
Django -- Incorrect HTTP detection with reverse-proxy connecting via HTTPS
2019-07-01 00:00:00
Django -- information leakage
2018-02-01 00:00:00
github
github
Django allows unprivileged users to read the password hashes of arbitrary accounts
2018-10-03 20:07:39
Django open redirect
2018-10-04 21:58:46
Django Cross-site Scripting in AdminURLFieldWidget
2019-06-10 18:43:25
ubuntucve
ubuntucve
CVE-2019-12308
2019-06-03 00:00:00
CVE-2018-16984
2018-10-02 00:00:00
CVE-2018-14574
2018-08-01 00:00:00
alpinelinux
alpinelinux
CVE-2019-12308
2019-06-03 17:29:00
CVE-2018-14574
2018-08-03 17:29:00
CVE-2019-12781
2019-07-01 14:15:00
suse
suse
Security update for python-Django (moderate)
2018-08-14 21:08:37
Security update for python-Django1 (important)
2018-09-22 09:30:22
Security update for python-Django (moderate)
2018-09-22 09:15:44
debiancve
debiancve
CVE-2018-16984
2018-10-02 18:29:00
CVE-2019-12781
2019-07-01 14:15:00
CVE-2018-14574
2018-08-03 17:29:00
nuclei
nuclei
Django - Open Redirect
2021-02-01 13:26:05

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.021 Low

EPSS

Percentile

87.4%

JSON
Related for 697888D6B81B4FFC96FB5C9A97AA059B
altlinux1debian7nessus30osv30openvas28redhat3fedora13ubuntu4mageia1archlinux10redhatcve8veracode8prion8cve8freebsd3github8ubuntucve8alpinelinux7suse5debiancve8nuclei1