Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-3204-1:8EF20
HistoryMar 24, 2015 - 7:31 p.m.

[SECURITY] [DSA 3204-1] python-django security update

2015-03-2419:31:02
lists.debian.org
15

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

70.5%

JSON

Debian Security Advisory DSA-3204-1 [email protected]
http://www.debian.org/security/ Salvatore Bonaccorso
March 24, 2015 http://www.debian.org/security/faq

Package : python-django
CVE ID : CVE-2015-2317
Debian Bug : 780873

Daniel Chatfield discovered that python-django, a high-level Python web
development framework, incorrectly handled user-supplied redirect URLs.
A remote attacker could use this flaw to perform a cross-site scripting
attack.

For the stable distribution (wheezy), this problem has been fixed in
version 1.4.5-1+deb7u11.

For the unstable distribution (sid), this problem has been fixed in
version 1.7.7-1.

We recommend that you upgrade your python-django packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7allpython-django< 1.4.5-1+deb7u11python-django_1.4.5-1+deb7u11_all.deb

Related

openvas 7
nessus 10
ubuntucve 1
debian 2
debiancve 1
cve 1
osv 2
github 1
prion 1
fedora 2
securityvulns 2
ubuntu 1
freebsd 1
mageia 1
openvas
openvas
Debian: Security Advisory (DSA-3204-1)
2015-03-23 00:00:00
Debian Security Advisory DSA 3204-1 (python-django - security update)
2015-03-24 00:00:00
Fedora Update for python-django FEDORA-2015-5766
2015-07-07 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : python-django (MDVSA-2015:195)
2015-04-07 00:00:00
Debian DSA-3204-1 : python-django - security update
2015-03-25 00:00:00
Fedora 20 : python-django14-1.4.20-1.fc20 (2015-9604)
2015-06-19 00:00:00
ubuntucve
ubuntucve
CVE-2015-2317
2015-03-19 00:00:00
debian
debian
[SECURITY] [DSA 3204-1] python-django security update
2015-03-24 19:30:44
[SECURITY] [DLA 272-1] python-django security update
2015-07-16 13:47:04
debiancve
debiancve
CVE-2015-2317
2015-03-25 14:59:00
cve
cve
CVE-2015-2317
2015-03-25 14:59:00
osv
osv
PYSEC-2015-9
2015-03-25 14:59:00
python-django - security update
2015-07-16 00:00:00
github
github
Django cross-site scripting (XSS) attack via user-supplied redirect URLs
2022-05-14 02:06:51
prion
prion
Cross site scripting
2015-03-25 14:59:00
fedora
fedora
[SECURITY] Fedora 22 Update: python-django-1.8-1.fc22
2015-04-21 19:11:20
[SECURITY] Fedora 20 Update: python-django14-1.4.20-1.fc20
2015-06-18 13:24:55
securityvulns
securityvulns
[USN-2539-1] Django vulnerabilities
2015-05-11 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2015-05-11 00:00:00
ubuntu
ubuntu
Django vulnerabilities
2015-03-23 00:00:00
freebsd
freebsd
django -- multiple vulnerabilities
2015-03-18 00:00:00
mageia
mageia
Updated python-django packages fix security vulnerabilities
2015-04-03 16:11:23

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

70.5%

JSON
Related for DEBIAN:DSA-3204-1:8EF20
openvas7nessus10ubuntucve1debian2debiancve1cve1osv2github1prion1fedora2securityvulns2ubuntu1freebsd1mageia1