Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2011-4139
HistoryOct 19, 2011 - 10:55 a.m.

CVE-2011-4139

2011-10-1910:55:00
Debian Security Bug Tracker
security-tracker.debian.org
8

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

83.0%

Django before 1.2.7 and 1.3.x before 1.3.1 uses a request’s HTTP Host header to construct a full URL in certain circumstances, which allows remote attackers to conduct cache poisoning attacks via a crafted request.

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

83.0%

Related for DEBIANCVE:CVE-2011-4139