RHEL 6 : django (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-django: DNS rebinding vulnerability when 'DEBUG=True' CVE-2016-9014 - Django before 1.4.21, 1.5.x...

RHEL 6 : python-django (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-django: DNS rebinding vulnerability when 'DEBUG=True' CVE-2016-9014 - Django 1.10 before 1.10.7, 1...

django-admin-caching (>=0.1.0 <=0.1.2), django-automated-logging (=0.0.1a0) +12 more potentially affected by CVE-2017-7233 via django (>=1.10.0 <=1.10.6)

django PYPI version =1.10.0, =0.1.0, =2.0.0, =0.1.0, =0.3.1, =0.9.0, =0.6.0, =0.2.5, =0.8.0, =0.8.3 Source cves: CVE-2017-7233 Source advisory: OSV:GHSA-37HP-765X-J95X...

openSUSE Security Update : python3-Django (openSUSE-2018-318)

This update for python3-Django to version 1.18.18 fixes multiple issues. Security issues fixed : - CVE-2018-7537: Fixed catastrophic backtracking in django.utils.text.Truncator. bsc1083305 - CVE-2018-7536: Fixed catastrophic backtracking in urlize and urlizetrunc template filters bsc1083304. -...

OPENSUSE-SU-2018:0632-1 Security update for python-Django

This update for python-Django fixes the following issues: Update to version 1.11.10 LTS Fixes CVE-2018-6188 boo1077714, CVE-2017-7234, CVE-2017-7233, CVE-2017-12794...

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat OpenStack Platform 11.0 Ocata. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Fedora 26 : python-django (2017-f997e46fa7)

fix CVE-2017-7233 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat OpenStack Platform 9.0 Mitaka. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Debian DSA-3835-1 : python-django - security update

Several vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-9013 Marti Raudsepp reported that a user with a hard-coded password is created when running tests with ...

[SECURITY] [DSA 3835-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3835-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 26, 2017 https://www.debian.org/security/faq -...

Fedora Update for python-django FEDORA-2017-c0ef6054d7

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated python-django packages fix security vulnerability

It was discovered that Django incorrectly handled numeric redirect URLs. A remote attacker could possibly use this issue to perform XSS attacks, and to use a Django server as an open redirect. CVE-2017-7233 Phithon Gong discovered that Django incorrectly handled certain URLs when the...

MGASA-2017-0106 Updated python-django packages fix security vulnerability

It was discovered that Django incorrectly handled numeric redirect URLs. A remote attacker could possibly use this issue to perform XSS attacks, and to use a Django server as an open redirect. CVE-2017-7233 Phithon Gong discovered that Django incorrectly handled certain URLs when the...

Django two url jump vulnerability analysis: CVE-2017-7233&7234-vulnerability warning-the black bar safety net

! Django official News&Event in the 4 on 4, released a security update that fixes two URL jump loopholes, one is the urlparse pot, the other by long Dinh tech security researcher phithon report, are very beautiful. Because there are replicate Django vulnerability of habit, the evening pumping up...

Django is_safe_url() the URL to jump to the filter function of the Bypass（CVE-2017-7233）

Source: same thread safety Emergency Response Center Author: Nearg1e@YSRC Foreign security researcher roks0n provided to the Django official of a vulnerability. On issafeurl function Django comes with a function: django. utils. http. issafeurlurl, host=None, allowedhosts=None, requirehttps=False...

Security fix for the ALT Linux 9 package python3-module-django version 1.8.18-alt1

April 12, 2017 Alexey Shabalin 1.8.18-alt1 - 1.8.18 - fixed CVE-2017-7233,CVE-2017-7234...