Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.23 views

RHEL 6 : django (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-django: DNS rebinding vulnerability when 'DEBUG=True' CVE-2016-9014 - Django before 1.4.21, 1.5.x...

8.1CVSS7.7AI score0.06074EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.23 views

Debian: Security Advisory (DLA-272-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.07266EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/10/26 12:0 a.m.50 views

openSUSE Security Update : python-Django (openSUSE-2015-677)

python-django was updated to fix two security issues. These security issues were fixed : - CVE-2015-5144: Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 used an incorrect regular expression, which allowed remote attackers to inject arbitrary headers and...

7.8CVSS7.7AI score0.07266EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/10/23 12:0 a.m.35 views

openSUSE Security Update : python-django (openSUSE-2015-674)

python-django was updated to fix two security issues. These security issues were fixed : - CVE-2015-5144: Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 used an incorrect regular expression, which allowed remote attackers to inject arbitrary headers and...

7.8CVSS7.7AI score0.07266EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.30 views

Mageia: Security Advisory (MGASA-2015-0293)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS9AI score0.07266EPSS
Exploits0References5
ALT Linux
ALT Linux
added 2015/10/13 12:0 a.m.35 views

Security fix for the ALT Linux 10 package python3-module-django version 1.8.5-alt1

Oct. 13, 2015 Alexey Shabalin 1.8.5-alt1 - 1.8.5 - fixed CVE-2015-5143, CVE-2015-5144, CVE-2015-5145, CVE-2015-5964, CVE-2015-5963...

7.8CVSS6.2AI score0.07266EPSS
Exploits0
ALT Linux
ALT Linux
added 2015/10/13 12:0 a.m.32 views

Security fix for the ALT Linux 9 package python3-module-django version 1.8.5-alt1

Oct. 13, 2015 Alexey Shabalin 1.8.5-alt1 - 1.8.5 - fixed CVE-2015-5143, CVE-2015-5144, CVE-2015-5145, CVE-2015-5964, CVE-2015-5963...

7.8CVSS6.2AI score0.07266EPSS
Exploits0
Mageia
Mageia
added 2015/07/28 9:1 p.m.43 views

Updated python-django and python-django14 packages fix security vulnerabilities

Eric Peterson and Lin Hua Cheng discovered that a new empty record used to be created in the session storage every time a session was accessed and an unknown session key was provided in the request cookie. This could allow remote attackers to saturate the session store or cause other users' sessi...

7.8CVSS6.5AI score0.07266EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/07/24 12:0 a.m.31 views

Fedora Update for python-django FEDORA-2015-11403

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.4AI score0.07266EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/07/24 12:0 a.m.28 views

Fedora 22 : python-django-1.8.3-1.fc22 (2015-11403)

update to 1.8.3 fixing 3 CVE Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

7.8CVSS6.3AI score0.07266EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2015/07/17 12:0 a.m.32 views

Debian DLA-272-1 : python-django security update

Several vulnerabilities were discovered in Django, a high-level Python web development framework : CVE-2015-2317 Daniel Chatfield discovered that python-django, a high-level Python web development framework, incorrectly handled user-supplied redirect URLs. A remote attacker could use this flaw to...

7.8CVSS7.6AI score0.07266EPSS
Exploits0References5
NVD
NVD
added 2015/07/14 5:59 p.m.18 views

CVE-2015-5144

Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an 1 email message to the EmailValidator, a ...

4.3CVSS7.9AI score0.03665EPSS
Exploits0References10
CVE
CVE
added 2015/07/14 5:0 p.m.112 views

CVE-2015-5144

CVE-2015-5144 affects Django prior to 1.4.21, 1.5.x–1.6.x, 1.7.x prior to 1.7.9, and 1.8.x prior to 1.8.3. The root cause is an incorrect regular expression in built‑in validators, enabling remote attackers to inject arbitrary headers and perform HTTP response splitting via newline characters in ...

4.3CVSS6.5AI score0.03665EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2015/07/09 11:24 a.m.2 views

USN-2671-1 python-django vulnerabilities

Eric Peterson and Lin Hua Cheng discovered that Django incorrectly handled session records. A remote attacker could use this issue to cause a denial of service. CVE-2015-5143 Sjoerd Job Postmus discovered that DJango incorrectly handled newline characters when performing validation. A remote...

7.8CVSS7.2AI score0.07266EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2015/07/09 11:24 a.m.64 views

USN-2671-1: Django vulnerabilities

Eric Peterson and Lin Hua Cheng discovered that Django incorrectly handled session records. A remote attacker could use this issue to cause a denial of service. CVE-2015-5143 Sjoerd Job Postmus discovered that DJango incorrectly handled newline characters when performing validation. A remote...

7.8CVSS7.4AI score0.07266EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/07/09 12:0 a.m.37 views

Debian DSA-3305-1 : python-django - security update

Several vulnerabilities were discovered in Django, a high-level Python web development framework : - CVE-2015-5143 Eric Peterson and Lin Hua Cheng discovered that a new empty record used to be created in the session storage every time a session was accessed and an unknown session key was provided...

7.8CVSS7.5AI score0.07266EPSS
Exploits0References7
Debian
Debian
added 2015/07/08 10:14 p.m.48 views

[SECURITY] [DSA 3305-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3305-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini July 08, 2015 https://www.debian.org/security/faq -...

7.8CVSS6.5AI score0.07266EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/07/08 12:0 a.m.44 views

CVE-2015-5144

Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an 1 email message to the EmailValidator, a ...

4.3CVSS7.2AI score0.03665EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/07/08 12:0 a.m.27 views

Debian Security Advisory DSA 3305-1 (python-django - security update)

Several vulnerabilities were discovered in Django, a high-level Python web development framework: CVE-2015-5143 Eric Peterson and Lin Hua Cheng discovered that a new empty record used to be created in the session storage every time a session was accessed and an unknown session key was provided in...

7.8CVSS0.6AI score0.07266EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.29 views

Debian: Security Advisory (DSA-3305-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.4AI score0.07266EPSS
Exploits0References3
Rows per page
Query Builder