Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-1D6AFD0CEA1D71A5B888BCA4B57BDC39HistorySep 16, 2013 - 12:00 a.m.
Directory traversal with ssi template tag
2013-09-1600:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
10
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.005 Low
EPSS
Percentile
74.8%
Directory traversal vulnerability allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting followed by a .. in a ssi template tag.
| CPE | Name | Operator | Version |
|---|---|---|---|
| pypi/django | ge | 1.4 | |
| pypi/django | lt | 1.4.7 | |
| pypi/django | ge | 1.5 | |
| pypi/django | lt | 1.5.3 |
Related
nessus
nessus
Mandriva Linux Security Advisory : python-django (MDVSA-2013:234)
2013-09-14 00:00:00
FreeBSD : django -- multiple vulnerabilities (a851b305-1bc3-11e3-95b7-00e0814cab4e)
2013-09-13 00:00:00
Debian DSA-2755-1 : python-django - directory traversal
2013-09-12 00:00:00
cvelist
cvelist
CVE-2013-4315
2013-09-16 19:00:00
freebsd
freebsd
django -- multiple vulnerabilities
2013-09-10 00:00:00
osv
osv
PYSEC-2013-20
2013-09-16 19:14:00
Django Directory Traversal via ssi template tag
2022-05-17 04:56:46
python-django - directory traversal
2013-09-11 00:00:00
seebug
seebug
Django 目录遍历序列(CVE-2013-4315)
2013-09-14 00:00:00
Django "ssi"模板标签目录遍历漏洞(CVE-2013-4315)
2013-09-14 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2755-1)
2013-09-10 00:00:00
Debian Security Advisory DSA 2755-1 (python-django - directory traversal)
2013-09-11 00:00:00
Mageia: Security Advisory (MGASA-2013-0283)
2022-01-28 00:00:00
veracode
veracode
Directory Traversal
2019-01-15 09:01:36
ubuntucve
ubuntucve
CVE-2013-4315
2013-09-16 00:00:00
cve
cve
CVE-2013-4315
2013-09-16 19:14:00
prion
prion
Directory traversal
2013-09-16 19:14:00
debian
debian
[SECURITY] [DSA 2755-1] python-django security update
2013-09-11 14:24:55
[SECURITY] [DSA 2755-1] python-django security update
2013-09-11 14:25:20
debiancve
debiancve
CVE-2013-4315
2013-09-16 19:14:00
mageia
mageia
Updated python-django package fixes security vulnerability
2013-09-19 13:41:40
Updated python-django package fixes multiple vulnerabilities
2013-09-19 13:45:04
github
github
Django Directory Traversal via ssi template tag
2022-05-17 04:56:46
securityvulns
securityvulns
[USN-1967-1] Django vulnerabilities
2013-10-02 00:00:00
redhat
redhat
(RHSA-2013:1521) Moderate: python-django security update
2013-11-14 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: python-django14-1.4.8-1.fc20
2013-09-24 23:00:28
[SECURITY] Fedora 19 Update: python-django14-1.4.8-1.fc19
2013-09-24 23:05:13
[SECURITY] Fedora 19 Update: python-django-1.5.4-1.fc19
2013-09-24 22:56:43
ubuntu
ubuntu
Django vulnerabilities
2013-09-24 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.005 Low
EPSS
Percentile
74.8%
Related for GITLAB-1D6AFD0CEA1D71A5B888BCA4B57BDC39