Lucene search
K

14 matches found

OpenVAS
OpenVAS
added 2014/09/10 12:0 a.m.31 views

Fedora Update for python-django FEDORA-2014-9791

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.3AI score0.04753EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2014/05/05 12:0 a.m.31 views

Fedora Update for python-django FEDORA-2014-5562

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.04753EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2013/11/14 5:25 p.m.47 views

Moderate: Red Hat Security Advisory: python-django security update

Updated python-django packages that fix two security issues are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

5CVSS5.6AI score0.03182EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2013/10/03 12:0 a.m.30 views

Fedora Update for python-django FEDORA-2013-16901

Check for the Version of python-django OpenVAS Vulnerability Test Fedora Update for python-django FEDORA-2013-16901 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

5CVSS6.3AI score0.03182EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2013/10/03 12:0 a.m.28 views

Fedora Update for python-django14 FEDORA-2013-16899

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.02661EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2013/10/03 12:0 a.m.27 views

Fedora Update for python-django FEDORA-2013-16901

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.4AI score0.02661EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2013/09/25 12:0 a.m.23 views

Fedora 19 : python-django14-1.4.8-1.fc19 (2013-16899)

fix CVE-2013-1443 DoS via large passwords Fix for CVE-2013-4315 SSI include issue Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

5CVSS5.3AI score0.03182EPSS
Exploits3References5
Mageia
Mageia
added 2013/09/19 9:45 a.m.48 views

Updated python-django package fixes multiple vulnerabilities

Updated python-django package fixes security vulnerabilities: Rainer Koirikivi discovered a directory traversal vulnerability with 'ssi' template tags in python-django, a high-level Python web development framework. It was shown that the handling of the 'ALLOWEDINCLUDEROOTS' setting, used to...

5CVSS0.7AI score0.03182EPSS
Exploits3References4
Mageia
Mageia
added 2013/09/19 9:41 a.m.73 views

Updated python-django package fixes security vulnerability

Rainer Koirikivi discovered a directory traversal vulnerability with 'ssi' template tags in python-django, a high-level Python web development framework. It was shown that the handling of the 'ALLOWEDINCLUDEROOTS' setting, used to represent allowed prefixes for the % ssi % template tag, is...

5CVSS2.5AI score0.03182EPSS
Exploits2References3
CVE
CVE
added 2013/09/16 7:0 p.m.96 views

CVE-2013-4315

Django Directory Traversal (CVE-2013-4315) affects Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3. A remote attacker can read arbitrary files via an ALLOWED_INCLUDE_ROOTS path ending in .. in an SSI template tag. Root cause: improper sanitization of file paths in SSI h...

5CVSS6.3AI score0.03182EPSS
Exploits2References6Affected Software1
seebug.org
seebug.org
added 2013/09/14 12:0 a.m.36 views

Django "ssi"模板标签目录遍历漏洞(CVE-2013-4315)

BUGTRAQ ID: 62332 CVECAN ID: CVE-2013-4315 Django是Python编程语言驱动的一个开源Web应用程序框架。 Django 1.4.7、1.5.3之前版本在处理"ssi"标签时没有在template/defaulttags.py内正确验证ALLOWEDINCLUDEROOTS设置,即用于读取文件,远程攻击者通过目录遍历序列利用此漏洞可获取敏感信息。 0 Django 1.5.x Django 1.4.x 厂商补丁: Django ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

5CVSS6.2AI score0.03182EPSS
Exploits2
seebug.org
seebug.org
added 2013/09/14 12:0 a.m.38 views

Django 目录遍历序列(CVE-2013-4315)

BUGTRAQ ID: 62332 CVECAN ID: CVE-2013-4315 Django是Python编程语言驱动的一个开源Web应用程序框架。 Django在ssi模板标签的实现上存在目录遍历漏洞,攻击者可利用此漏洞获取敏感信息。 0 Django 1.4.x 厂商补丁: Django ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.djangoproject.com/...

5CVSS6.2AI score0.03182EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2013/09/14 12:0 a.m.53 views

Mandriva Linux Security Advisory : python-django (MDVSA-2013:234)

A vulnerability has been discovered and corrected in python-django : Rainer Koirikivi discovered a directory traversal vulnerability with 'ssi' template tags in python-django, a high-level Python web development framework. It was shown that the handling of the 'ALLOWEDINCLUDEROOTS' setting, used ...

5CVSS5.4AI score0.03182EPSS
Exploits2References1
Debian
Debian
added 2013/09/11 2:24 p.m.32 views

[SECURITY] [DSA 2755-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2755-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 11, 2013 http://www.debian.org/security/faq -...

5CVSS1.1AI score0.03182EPSS
Exploits2
Rows per page
Query Builder