Lucene search
K

16 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2015-0026)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.06783EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2015/02/05 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-2469-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.06783EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2015/02/05 12:0 a.m.36 views

Ubuntu 10.04 LTS / 12.04 LTS : python-django regression (USN-2469-2)

USN-2469-1 fixed vulnerabilities in Django. The security fix for CVE-2015-0221 introduced a regression on Ubuntu 10.04 LTS and Ubuntu 12.04 LTS when serving static content through GZipMiddleware. This update fixes the problem. We apologize for the inconvenience. Jedediah Smith discovered that...

5CVSS5.4AI score0.06783EPSS
Exploits3References5
Debian
Debian
added 2015/02/03 6:8 a.m.79 views

[SECURITY] [DSA 3151-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3151-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 03, 2015 http://www.debian.org/security/faq -...

5CVSS6.5AI score0.06783EPSS
Exploits3
OSV
OSV
added 2015/02/03 12:0 a.m.29 views

DSA-3151-1 python-django - security update

Bulletin has no description...

5CVSS6AI score0.06783EPSS
Exploits3
OpenVAS
OpenVAS
added 2015/02/02 12:0 a.m.32 views

Debian: Security Advisory (DSA-3151-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.06783EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2015/01/27 12:0 a.m.22 views

Fedora Update for python-django FEDORA-2015-0790

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.06783EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2015/01/27 12:0 a.m.27 views

Fedora Update for python-django14 FEDORA-2015-0804

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.06783EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2015/01/26 12:0 a.m.33 views

Fedora 21 : python-django-1.6.10-1.fc21 (2015-0714)

fix CVE-2015-0219 rhbz1181939 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

5CVSS5.3AI score0.06783EPSS
Exploits3References9
OpenVAS
OpenVAS
added 2015/01/26 12:0 a.m.30 views

Fedora Update for python-django FEDORA-2015-0714

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.06783EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2015/01/23 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-2469-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.06783EPSS
Exploits3References2
Mageia
Mageia
added 2015/01/17 10:31 p.m.42 views

Updated python-django and python-django14 packages fix security vulnerabilities

Jedediah Smith discovered that Django incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments CVE-2015-0219. Mikko Ohtamaa discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker...

5CVSS6.5AI score0.06783EPSS
Exploits3References3
NVD
NVD
added 2015/01/16 4:59 p.m.20 views

CVE-2015-0220

The django.util.http.issafeurl function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL, related to redirect URLs, as demonstrated by a...

4.3CVSS5.5AI score0.03028EPSS
Exploits1References12
OSV
OSV
added 2015/01/16 4:59 p.m.9 views

CVE-2015-0220

The django.util.http.issafeurl function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL, related to redirect URLs, as demonstrated by a...

5.3AI score
Exploits0References13
CVE
CVE
added 2015/01/16 4:0 p.m.96 views

CVE-2015-0220

CVE-2015-0220 affects Django’s django.util.http.is_safe_url() where leading whitespace in user-supplied redirect URLs is not properly handled, enabling cross-site scripting via crafted redirects (e.g., a line feed followed by javascript:). Affected versions include Django 1.7.x before 1.7.3, 1.6....

4.3CVSS5.3AI score0.03028EPSS
Exploits1References12Affected Software1
Debian CVE
Debian CVE
added 2015/01/16 4:0 p.m.25 views

CVE-2015-0220

The django.util.http.issafeurl function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL, related to redirect URLs, as demonstrated by a...

4.3CVSS5.4AI score0.03028EPSS
Exploits1
Rows per page
Query Builder