Debian Security Advisory DSA 2332-1 (python-django)

The remote host is missing an update to python-django announced via advisory DSA 2332-1. OpenVAS Vulnerability Test $Id: deb23321.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2332-1 python-django Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft...

[SECURITY] [DSA 2332-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2332-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 29, 2011 http://www.debian.org/security/faq -...

CVE-2011-4136

django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote attackers to modify a session by triggering use of a key that is equal to that...

CVE-2011-4136

django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote attackers to modify a session by triggering use of a key that is equal to that...

CVE-2011-4136

django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote attackers to modify a session by triggering use of a key that is equal to that...