Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-6C3DA27158D3EE86A8F581FE03872589HistoryApr 23, 2014 - 12:00 a.m.
Unexpected code execution using reverse()
2014-04-2300:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
11
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.023 Low
EPSS
Percentile
88.5%
Django incorrectly handle dotted Python paths when using the django.core.urlresolvers.reverse function. An attacker can use this issue to cause Django to import arbitrary modules from the Python path, resulting in possible code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| pypi/django | ge | 1.4 | |
| pypi/django | lt | 1.4.11 | |
| pypi/django | ge | 1.5 | |
| pypi/django | lt | 1.5.6 | |
| pypi/django | ge | 1.6 | |
| pypi/django | lt | 1.6.3 |
Related
osv
osv
PYSEC-2014-1
2014-04-23 15:55:00
Code Injection in Django
2022-05-17 03:07:04
python-django - security update
2014-05-19 00:00:00
debiancve
debiancve
CVE-2014-0472
2014-04-23 15:55:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 09:01:30
github
github
Code Injection in Django
2022-05-17 03:07:04
ubuntucve
ubuntucve
CVE-2014-0472
2014-04-22 00:00:00
prion
prion
Path traversal
2014-04-23 15:55:00
cve
cve
CVE-2014-0472
2014-04-23 15:55:00
nessus
nessus
FreeBSD : django -- multiple vulnerabilities (59e72db2-cae6-11e3-8420-00e0814cab4e)
2014-04-24 00:00:00
Ubuntu 14.04 LTS : Django regression (USN-2169-2)
2014-04-23 00:00:00
Ubuntu 14.04 LTS : Django vulnerabilities (USN-2169-1)
2014-04-23 00:00:00
openvas
openvas
Ubuntu Update for python-django USN-2169-2
2014-05-02 00:00:00
Ubuntu Update for python-django USN-2169-1
2014-05-02 00:00:00
Ubuntu: Security Advisory (USN-2169-1)
2014-05-02 00:00:00
mageia
mageia
Updated python-django packages fix multiple vulnerabilities
2014-04-28 19:54:39
redhat
redhat
(RHSA-2014:0456) Moderate: Django security update
2014-04-30 00:00:00
(RHSA-2014:0457) Moderate: Django security update
2014-04-30 00:00:00
ubuntu
ubuntu
Django regression
2014-04-23 00:00:00
Django vulnerabilities
2014-04-22 00:00:00
ibm
ibm
freebsd
freebsd
django -- multiple vulnerabilities
2014-04-21 00:00:00
gentoo
gentoo
Django: Multiple vulnerabilities
2014-06-26 00:00:00
debian
debian
[SECURITY] [DSA 2934-1] python-django security update
2014-05-19 20:39:58
[SECURITY] [DSA 2934-1] python-django security update
2014-05-19 20:39:58
securityvulns
securityvulns
[SECURITY] [DSA 2934-1] python-django security update
2014-06-14 00:00:00
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.023 Low
EPSS
Percentile
88.5%
Related for GITLAB-6C3DA27158D3EE86A8F581FE03872589