Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2015-2317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The utils.http.issafeurl function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URL...

4.3CVSS5.2AI score0.0499EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.23 views

Debian: Security Advisory (DLA-272-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.07266EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2015-0127)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.0499EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2015/07/17 12:0 a.m.32 views

Debian DLA-272-1 : python-django security update

Several vulnerabilities were discovered in Django, a high-level Python web development framework : CVE-2015-2317 Daniel Chatfield discovered that python-django, a high-level Python web development framework, incorrectly handled user-supplied redirect URLs. A remote attacker could use this flaw to...

7.8CVSS7.6AI score0.07266EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/06/19 12:0 a.m.31 views

Fedora Update for python-django14 FEDORA-2015-9604

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.0499EPSS
Exploits1References2
securityvulns
securityvulns
added 2015/05/11 12:0 a.m.89 views

[USN-2539-1] Django vulnerabilities

========================================================================== Ubuntu Security Notice USN-2539-1 March 23, 2015 python-django vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivative...

5CVSS0.6AI score0.0499EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/04/22 12:0 a.m.34 views

Fedora 22 : python-django-1.8-1.fc22 (2015-5766)

update to 1.8 final modernize spec for python3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

5CVSS5.3AI score0.0499EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2015/04/02 12:0 a.m.35 views

openSUSE Security Update : python-Django (openSUSE-2015-281)

python-django was updated to 1.6.11 to fix security issues and non-security bugs. THe following vulnerabilities were fixed : - Made issafeurl reject URLs that start with control characters to mitigate possible XSS attack via user-supplied redirect URLs bnc923176, CVE-2015-2317 - Fixed an infinite...

5CVSS5.2AI score0.06783EPSS
Exploits2References10
OSV
OSV
added 2015/03/25 11:21 p.m.7 views

SUSE-SU-2015:0694-1 Security update for python-Django

python-Django has been updated to fix two vulnerabilities: URLs starting with control characters could have allowed XSS cross-site-scripting attacks via user-supplied redirect URLs CVE-2015-2317 An infinite loop possibility could be triggered in the striptags function, which allowed denial of...

5CVSS5.9AI score0.0499EPSS
Exploits0References5
OSV
OSV
added 2015/03/25 2:59 p.m.4 views

CVE-2015-2317

The utils.http.issafeurl function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting XSS attacks via a control character in a URL, as demonstrated by a...

5.3AI score
Exploits0References10
Debian
Debian
added 2015/03/24 7:30 p.m.46 views

[SECURITY] [DSA 3204-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3204-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 24, 2015 http://www.debian.org/security/faq -...

4.3CVSS1.3AI score0.0499EPSS
Exploits0
Debian
Debian
added 2015/03/24 7:30 p.m.39 views

[SECURITY] [DSA 3204-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3204-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 24, 2015 http://www.debian.org/security/faq -...

4.3CVSS5.7AI score0.0499EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/03/24 12:0 a.m.35 views

Ubuntu: Security Advisory (USN-2539-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.0499EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2015/03/23 7:2 p.m.59 views

USN-2539-1: Django vulnerabilities

Andrey Babak discovered that Django incorrectly handled striptags. A remote attacker could possibly use this issue to cause Django to enter an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. CVE-2015-2316 Daniel Chatfield discovered tha...

5CVSS5.3AI score0.0499EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/03/19 12:0 a.m.28 views

CVE-2015-2317

The utils.http.issafeurl function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting XSS attacks via a control character in a URL, as demonstrated by a...

4.3CVSS5.9AI score0.0499EPSS
Exploits0References3
Rows per page
Query Builder