SUSE-RU-2021:0351-1 Recommended update for ardana-horizon, ardana-logging, ardana-monasca, ardana-mq, ardana-osconfig, crowbar-ha, crowbar-openstack, kibana, openstack-neutron, openstack-nova, python-Django, release-notes-suse-openstack-cloud, sleshammer, spark

This update for ardana-horizon, ardana-logging, ardana-monasca, ardana-mq, ardana-osconfig, crowbar-ha, crowbar-openstack, kibana, openstack-neutron, openstack-nova, python-Django, release-notes-suse-openstack-cloud, sleshammer, spark fixes the following issues: Security fix from this update:...

[ASA-202102-18] python-django: directory traversal

Arch Linux Security Advisory ASA-202102-18 ========================================== Severity: Low Date : 2021-02-07 CVE-ID : CVE-2021-3281 Package : python-django Type : directory traversal Remote : No Link : https://security.archlinux.org/AVG-1518 Summary ======= The package python-django befo...

Ubuntu: Security Advisory (USN-4715-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-2540-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2540-1 : python-django security update

It was discovered that there was a potential directory-traversal in Django, a Python-based web development framework. For Debian 9 'Stretch', this problem has been fixed in version 1:1.10.7-2+deb9u10. We recommend that you upgrade your python-django packages. For the detailed security status of...

USN-4715-2: Django vulnerability

USN-4715-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Wang Baohua discovered that Django incorrectly extracted archive files. A remote attacker could possibly use this issue to extract files outside of their...

DLA-2540-1 python-django - security update

Bulletin has no description...

RHEL 8 : python-django-horizon (RHSA-2020:5411)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5411 advisory. OpenStack Dashboard horizon provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources...

RHEL 7 : python-django-horizon (RHSA-2020:5572)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5572 advisory. OpenStack Dashboard horizon provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources...

Moderate: Red Hat Security Advisory: python-django-horizon security update

An update for python-django-horizon is now available for Red Hat OpenStack Platform 13 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

python-django-horizon: dashboard allows open redirect

A flaw was found in python-django-horizon. The "next" parameter is not correctly validated allowing a remote attacker to supply a malicious URL in the dashboard that could cause an automatic redirect to the provided malicious site. The highest threat from this vulnerability is to data...

python-django-horizon: dashboard allows open redirect

A flaw was found in python-django-horizon. The "next" parameter is not correctly validated allowing a remote attacker to supply a malicious URL in the dashboard that could cause an automatic redirect to the provided malicious site. The highest threat from this vulnerability is to data...

CVE-2020-29565

A flaw was found in python-django-horizon. The "next" parameter is not correctly validated allowing a remote attacker to supply a malicious URL in the dashboard that could cause an automatic redirect to the provided malicious site. The highest threat from this vulnerability is to data...

RHEL 7 : python-django (RHSA-2020:4390)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4390 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as muc...

Fedora: Security Advisory for python-django (FEDORA-2020-9c6b391162)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 32 : python-django (2020-94407454d7)

update to 3.0.10, fixes CVE-2020-24583, CVE-2020-24584 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora 31 : python-django (2020-6941c0a65b)

update to 2.2.16, CVE-2020-24583, CVE-2020-24584 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...

Fedora: Security Advisory for python-django (FEDORA-2020-94407454d7)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python-django (FEDORA-2020-6941c0a65b)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[ASA-202009-4] python-django: multiple issues

Arch Linux Security Advisory ASA-202009-4 ========================================= Severity: Medium Date : 2020-09-03 CVE-ID : CVE-2020-24583 CVE-2020-24584 Package : python-django Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1217 Summary ======= The package...