Directory traversal in Django

🗓️ 23 Jul 2018 19:52:31Reported by GitHub Advisory DatabaseType

github

github🔗 github.com👁 29 Views

Directory traversal vulnerability in Django 1.1.x and 1.2.x on Window

Reporter	Title	Published	Views	Family All 14
CVE	CVE-2011-0698	14 Feb 201120:00	–	cve
Cvelist	CVE-2011-0698	14 Feb 201120:00	–	cvelist
Debian CVE	CVE-2011-0698	14 Feb 201120:00	–	debiancve
EUVD	EUVD-2011-0006	7 Oct 202500:30	–	euvd
GitLab Advisory Database	Directory traversal in Django	23 Jul 201800:00	–	gitlab
Tenable Nessus	Mandriva Linux Security Advisory : python-django (MDVSA-2011:031)	20 Feb 201100:00	–	nessus
NVD	CVE-2011-0698	14 Feb 201121:00	–	nvd
OpenVAS	Mandriva Update for python-django MDVSA-2011:031 (python-django)	22 Feb 201100:00	–	openvas
OpenVAS	Mandriva Update for python-django MDVSA-2011:031 (python-django)	22 Feb 201100:00	–	openvas
OSV	GHSA-7G9H-C88W-R7H2 Directory traversal in Django	23 Jul 201819:52	–	osv

Vulners

Node

django_project djangoRange1.2–1.2.5pip

OR

django_project djangoRange1.1–1.1.4pip

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2011-0698
github	www.github.com/advisories/GHSA-7g9h-c88w-r7h2
openwall	www.openwall.com/lists/oss-security/2011/02/09/6
mandriva	www.mandriva.com/security/advisories
github	www.github.com/django/django/commit/194566480b15cf4e294d3f03ff587019b74044b2
github	www.github.com/django/django/commit/570a32a047ea56265646217264b0d3dab1a14dbd
djangoproject	www.djangoproject.com/weblog/2011/feb/08/security
github	www.github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-12.yaml
web	www.web.archive.org/web/20110521033259/http://secunia.com/advisories/43230
web	www.web.archive.org/web/20130616104703/http://www.securityfocus.com/bid/46296

16 Sep 2024 21:55Current

6.4Medium risk

Vulners AI Score6.4

CVSS 27.5

EPSS0.00719

django vulnerability windows session cookie remote attackers session replays