Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2016-2512HistoryApr 08, 2016 - 3:59 p.m.
CVE-2016-2512
2016-04-0815:59:00
Debian Security Bug Tracker
security-tracker.debian.org
7
0.003 Low
EPSS
Percentile
70.5%
The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting (XSS) attacks via a URL containing basic authentication, as demonstrated by http://mysite.example.com\@attacker.com.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | python-django | <Â 1.9.4-1 | python-django_1.9.4-1_all.deb |
| Debian | 11 | all | python-django | <Â 1.9.4-1 | python-django_1.9.4-1_all.deb |
| Debian | 10 | all | python-django | <Â 1.9.4-1 | python-django_1.9.4-1_all.deb |
| Debian | 999 | all | python-django | <Â 1.9.4-1 | python-django_1.9.4-1_all.deb |
| Debian | 13 | all | python-django | <Â 1.9.4-1 | python-django_1.9.4-1_all.deb |
Related
veracode
veracode
Cross-site Scripting (XSS) And Malicious Redirect
2019-01-15 09:10:37
osv
osv
Django XSS Vulnerability
2022-05-17 01:09:58
PYSEC-2016-15
2016-04-08 15:59:00
python-django - security update
2016-04-07 00:00:00
ubuntucve
ubuntucve
CVE-2016-2512
2016-03-01 00:00:00
prion
prion
Cross site scripting
2016-04-08 15:59:00
cvelist
cvelist
CVE-2016-2512
2016-04-08 15:00:00
cve
cve
CVE-2016-2512
2016-04-08 15:59:00
github
github
Django XSS Vulnerability
2022-05-17 01:09:58
openvas
openvas
Debian Security Advisory DSA 3544-1 (python-django - security update)
2016-04-07 00:00:00
Debian: Security Advisory (DSA-3544-1)
2016-04-06 00:00:00
Mageia: Security Advisory (MGASA-2016-0096)
2016-03-08 00:00:00
redhat
redhat
(RHSA-2016:0502) Moderate: python-django security update
2016-03-24 00:58:21
(RHSA-2016:0506) Moderate: python-django security update
2016-03-24 01:00:02
(RHSA-2016:0503) Moderate: python-django security update
2016-03-24 00:58:26
ubuntu
ubuntu
Django vulnerabilities
2016-03-01 00:00:00
Django regression
2016-03-07 00:00:00
Django regression
2016-03-07 00:00:00
nessus
nessus
FreeBSD : django -- multiple vulnerabilities (f9e6c0d1-e4cc-11e5-b2bd-002590263bf5)
2016-03-08 00:00:00
Fedora 23 : python-django-1.8.11-1.fc23 (2016-11183ea08d)
2016-03-18 00:00:00
Debian DSA-3544-1 : python-django - security update
2016-04-08 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: python-django-1.8.11-1.fc22
2016-03-17 21:24:27
[SECURITY] Fedora 23 Update: python-django-1.8.11-1.fc23
2016-03-17 20:58:27
debian
debian
[SECURITY] [DSA 3544-1] python-django security update
2016-04-07 16:33:46
[SECURITY] [DSA 3544-1] python-django security update
2016-04-07 16:33:29
mageia
mageia
Updated python-django packages fix security vulnerability
2016-03-07 14:20:30
freebsd
freebsd
django -- multiple vulnerabilities
2016-03-01 00:00:00
altlinux
altlinux