EUVD-2018-0037

Malware in sbrugna...

SUSE CVE-2018-14574

django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect...

openSUSE Security Update : python-Django1 (openSUSE-2019-608)

This update for python-Django1 to version 1.11.15 fixes the following issues : The following security vulnerability was fixed : - CVE-2018-14574: Fixed an open redirect possibility in CommonMiddleware boo1102680 The following other bugs were fixed : - Fixed WKBWriter.write and writehex for empty...

Fedora 28 : python2-django1.11 (2018-0c85690ba7)

Update to 1.11.15 security release CVE-2018-14574 This fixes an open redirect possibility in CommonMiddleware. Release notes: https://docs.djangoproject.com/en/2.0/releases/1.11.15/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update...

openSUSE: Security Advisory for python-Django1 (openSUSE-SU-2018:2375-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for python-Django (openSUSE-SU-2018:2488-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Django open redirect

django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect...

Security update for python-Django1 (important)

This update for python-Django1 to version 1.11.15 fixes the following issues: The following security vulnerability was fixed: - CVE-2018-14574: Fixed an open redirect possibility in CommonMiddleware boo1102680 The following other bugs were fixed: - Fixed WKBWriter.write and writehex for empty...

Security update for python-Django (moderate)

This update for python-Django to version 2.08 fixes the following issues: The following security vulnerability was fixed: - CVE-2018-14574: Fixed an redirection vulnerability in CommonMiddleware boo1102680 The following other bugs were fixed: - Fixed a regression in Django 2.0.7 that broke the...

openSUSE Security Update : python-Django (openSUSE-2018-914)

This update for python-Django to version 2.08 fixes the following issues : The following security vulnerability was fixed : - CVE-2018-14574: Fixed an redirection vulnerability in CommonMiddleware boo1102680 The following other bugs were fixed : - Fixed a regression in Django 2.0.7 that broke the...

openSUSE Security Update : python-Django1 (openSUSE-2018-875)

This update for python-Django1 to version 1.11.15 fixes the following issues : The following security vulnerability was fixed : - CVE-2018-14574: Fixed an open redirect possibility in CommonMiddleware boo1102680 The following other bugs were fixed : - Fixed WKBWriter.write and writehex for empty...

Security update for python-Django1 (important)

This update for python-Django1 to version 1.11.15 fixes the following issues: The following security vulnerability was fixed: - CVE-2018-14574: Fixed an open redirect possibility in CommonMiddleware boo1102680 The following other bugs were fixed: - Fixed WKBWriter.write and writehex for empty...

Django Open Redirect Vulnerability

Django is a set of Django Software Foundation based on the Python language open source Web application framework. The framework includes object-oriented mapper , view system , template system and so on. An open redirection vulnerability exists in django.middleware.common.CommonMiddleware in Djang...

Debian DSA-4264-1 : python-django - security update

Andreas Hug discovered an open redirect in Django, a Python web development framework, which is exploitable ifdjango.middleware.common.CommonMiddleware is used and the APPENDSLASH setting is enabled. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

ALPINE-CVE-2018-14574

django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect...

CVE-2018-14574

django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect...

PYSEC-2018-2

django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect...

CVE-2018-14574

django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect...

CVE-2018-14574

The CVE-2018-14574 entry describes an Open Redirect in Django's CommonMiddleware. Affected versions are Django 1.11.x prior to 1.11.15 and 2.0.x prior to 2.0.8. Exploitation can redirect users to arbitrary URLs when CommonMiddleware is used (with APPEND_SLASH considerations noted by some advisori...

CVE-2018-14574

When using the django.middleware.common.CommonMiddleware class with the APPENDSLASH setting enabled, Django projects which accept paths ending in a slash may be vulnerable to an unvalidated HTTP redirect...