21 matches found
Debian: Security Advisory (DLA-272-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : python-Django (openSUSE-2015-677)
python-django was updated to fix two security issues. These security issues were fixed : - CVE-2015-5144: Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 used an incorrect regular expression, which allowed remote attackers to inject arbitrary headers and...
openSUSE Security Update : python-django (openSUSE-2015-674)
python-django was updated to fix two security issues. These security issues were fixed : - CVE-2015-5144: Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 used an incorrect regular expression, which allowed remote attackers to inject arbitrary headers and...
Mageia: Security Advisory (MGASA-2015-0293)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 10 package python3-module-django version 1.8.5-alt1
Oct. 13, 2015 Alexey Shabalin 1.8.5-alt1 - 1.8.5 - fixed CVE-2015-5143, CVE-2015-5144, CVE-2015-5145, CVE-2015-5964, CVE-2015-5963...
Security fix for the ALT Linux 9 package python3-module-django version 1.8.5-alt1
Oct. 13, 2015 Alexey Shabalin 1.8.5-alt1 - 1.8.5 - fixed CVE-2015-5143, CVE-2015-5144, CVE-2015-5145, CVE-2015-5964, CVE-2015-5963...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix a security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Updated python-django and python-django14 packages fix security vulnerabilities
Eric Peterson and Lin Hua Cheng discovered that a new empty record used to be created in the session storage every time a session was accessed and an unknown session key was provided in the request cookie. This could allow remote attackers to saturate the session store or cause other users' sessi...
Fedora 22 : python-django-1.8.3-1.fc22 (2015-11403)
update to 1.8.3 fixing 3 CVE Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora Update for python-django FEDORA-2015-11403
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-272-1 : python-django security update
Several vulnerabilities were discovered in Django, a high-level Python web development framework : CVE-2015-2317 Daniel Chatfield discovered that python-django, a high-level Python web development framework, incorrectly handled user-supplied redirect URLs. A remote attacker could use this flaw to...
CVE-2015-5143
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service session store consumption via multiple requests with unique session keys...
CVE-2015-5143
The CVE-2015-5143 entry affects Django’s session backends in versions prior to 1.4.21, 1.5.x–1.6.x, 1.7.x prior to 1.7.9, and 1.8.x prior to 1.8.3. The root cause is that a new empty record was created in the session storage each time a request with an unknown session key was received, enabling r...
Ubuntu 14.04 LTS : Django vulnerabilities (USN-2671-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2671-1 advisory. Eric Peterson and Lin Hua Cheng discovered that Django incorrectly handled session records. A remote attacker could use this issue to cause a denial of...
USN-2671-1: Django vulnerabilities
Eric Peterson and Lin Hua Cheng discovered that Django incorrectly handled session records. A remote attacker could use this issue to cause a denial of service. CVE-2015-5143 Sjoerd Job Postmus discovered that DJango incorrectly handled newline characters when performing validation. A remote...
USN-2671-1 python-django vulnerabilities
Eric Peterson and Lin Hua Cheng discovered that Django incorrectly handled session records. A remote attacker could use this issue to cause a denial of service. CVE-2015-5143 Sjoerd Job Postmus discovered that DJango incorrectly handled newline characters when performing validation. A remote...
Debian DSA-3305-1 : python-django - security update
Several vulnerabilities were discovered in Django, a high-level Python web development framework : - CVE-2015-5143 Eric Peterson and Lin Hua Cheng discovered that a new empty record used to be created in the session storage every time a session was accessed and an unknown session key was provided...
[SECURITY] [DSA 3305-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3305-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini July 08, 2015 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3305-1 (python-django - security update)
Several vulnerabilities were discovered in Django, a high-level Python web development framework: CVE-2015-5143 Eric Peterson and Lin Hua Cheng discovered that a new empty record used to be created in the session storage every time a session was accessed and an unknown session key was provided in...