Lucene search
K

26 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2019-3498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream...

6.5CVSS6.7AI score0.03685EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2019-0035)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.03685EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2019-0040)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.03685EPSS
Exploits0References5
ALT Linux
ALT Linux
added 2019/07/15 12:0 a.m.54 views

Security fix for the ALT Linux 10 package python3-module-django version 2.2.3-alt1

July 15, 2019 Alexey Shabalin 2.2.3-alt1 - 2.2.3 - build python3 only - rename package to python3-module-django2.2 - Fixes for the following security vulnerabilities: + CVE-2019-12781 Incorrect HTTP detection with reverse-proxy connecting via HTTPS + CVE-2019-12308 AdminURLFieldWidget XSS +...

5.8CVSS6.6AI score0.2549EPSS
Exploits0
ALT Linux
ALT Linux
added 2019/07/15 12:0 a.m.61 views

Security fix for the ALT Linux 9 package python3-module-django version 2.2.3-alt1

July 15, 2019 Alexey Shabalin 2.2.3-alt1 - 2.2.3 - build python3 only - rename package to python3-module-django2.2 - Fixes for the following security vulnerabilities: + CVE-2019-12781 Incorrect HTTP detection with reverse-proxy connecting via HTTPS + CVE-2019-12308 AdminURLFieldWidget XSS +...

5.8CVSS6.6AI score0.2549EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/03/21 12:0 a.m.31 views

Fedora Update for python2-django1.11 FEDORA-2019-5ad2149e99

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.6AI score
Exploits0References2
OSV
OSV
added 2019/02/25 10:59 a.m.10 views

SUSE-SU-2019:0483-1 Security update for python-Django

This update for python-Django fixes the following issues: Security issue fixed: - CVE-2019-3498: Fixed a content spoofing attack in the default 404 page bsc1120932...

6.5CVSS6.6AI score0.03685EPSS
Exploits0References3
Mageia
Mageia
added 2019/01/18 10:19 p.m.33 views

Updated python-django16 package fixes security vulnerability

It was discovered that Django incorrectly handled the default 404 page. A remote attacker could use this issue to spoof content using a malicious URL CVE-2019-3498...

6.5CVSS2.3AI score0.03685EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/16 12:0 a.m.45 views

Fedora 28 : python-django (2019-e6ca5847c7)

fix CVE-2019-3498 python-django: Content spoofing via URL path in Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

6.5CVSS6.3AI score0.03685EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2019/01/14 4:20 p.m.4 views

boorunaut (>=0.1.0 <=0.4.2), cloudxns-ddns-service (=1.0.0) +113 more potentially affected by CVE-2019-3498 via django (>=2.1.0 <=2.1.4)

django PYPI version =2.1.0, =0.1.0, =0.10.0, =2.4.0, =0.3.1, =0.1.6, =0.2.0, =1.3.2, =0.1.0, =0.1.0a3 and more Source cves: CVE-2019-3498 Source advisory: OSV:GHSA-337X-4Q8G-PRC5...

6.5CVSS6.7AI score0.03685EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/01/14 4:20 p.m.3 views

cklauth (>=0.1.0 <=0.3.0), dj-saml-idp (>=1.1.0 <=1.2.1) +18 more potentially affected by CVE-2019-3498 via django (>=2.0.0 <=2.0.1)

django PYPI version =2.0.0, =0.1.0, =1.1.0, =4.3.1, =1.2.7, =0.1.0, =1.7.0, =0.0.3, =0.0.20, =0.1.0 - djangotheming =0.1.0 - fastaudiovisal =0.0.1 - fastaudiovisual =0.0.1 and more Source cves: CVE-2019-3498 Source advisory: OSV:GHSA-337X-4Q8G-PRC5...

6.5CVSS6.7AI score0.03685EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/01/14 4:20 p.m.3 views

aileen (>=0.2.0.dev20181221 <=0.2.1), cheetay-logs (=1.0.6) +35 more potentially affected by CVE-2019-3498 via django (>=1.11.0 <=1.11.17)

django PYPI version =1.11.0, =0.2.0.dev20181221, =0.0.19, =4.4.1, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =0.1.2, =0.2.0 and more Source cves: CVE-2019-3498 Source advisory: OSV:GHSA-337X-4Q8G-PRC5...

6.5CVSS6.7AI score0.03685EPSS
Exploits0
OSV
OSV
added 2019/01/11 9:7 p.m.12 views

MGASA-2019-0035 Updated python-django packages fix security vulnerability

An upstream patch has been backported to fix a security vulnerability in python-django. CVE-2019-3498: Content spoofing possibility in the default 404 page An attacker could craft a malicious URL that could make spoofed content appear on the default page generated by the...

6.5CVSS6.5AI score0.03685EPSS
Exploits0References4
Mageia
Mageia
added 2019/01/11 9:7 p.m.36 views

Updated python-django packages fix security vulnerability

An upstream patch has been backported to fix a security vulnerability in python-django. CVE-2019-3498: Content spoofing possibility in the default 404 page An attacker could craft a malicious URL that could make spoofed content appear on the default page generated by the...

6.5CVSS2.2AI score0.03685EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/11 12:0 a.m.33 views

Fedora 29 : python-django (2019-a7b53ed5a3)

fix CVE-2019-3498 python-django: Content spoofing via URL path in Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

6.5CVSS6.3AI score0.03685EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/10 12:0 a.m.35 views

Debian DSA-4363-1 : python-django - security update

It was discovered that malformed URLs could spoof the content of the default 404 page of Django, a Python web development framework. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4363. The text itself is...

6.5CVSS6.3AI score0.03685EPSS
Exploits0References4
NVD
NVD
added 2019/01/09 11:29 p.m.18 views

CVE-2019-3498

In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.pagenotfound, leading to content spoofing in a 404 error page if a user fails to recognize th...

6.5CVSS6.4AI score0.03685EPSS
Exploits0References8
vulnersOsv
vulnersOsv
added 2019/01/09 11:29 p.m.6 views

cklauth (>=0.1.0 <=0.3.0), dj-saml-idp (>=1.1.0 <=1.2.1) +18 more potentially affected by CVE-2019-3498 via django (>=2.0.0 <=2.0.1)

django PYPI version =2.0.0, =0.1.0, =1.1.0, =4.3.1, =1.2.7, =0.1.0, =1.7.0, =0.0.3, =0.0.20, =0.1.0 - djangotheming =0.1.0 - fastaudiovisal =0.0.1 - fastaudiovisual =0.0.1 and more Source cves: CVE-2019-3498 Source advisory: OSV:PYSEC-2019-17...

6.5CVSS6.7AI score0.03685EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/01/09 11:29 p.m.4 views

aileen (>=0.2.0.dev20181221 <=0.2.1), cheetay-logs (=1.0.6) +35 more potentially affected by CVE-2019-3498 via django (>=1.11.0 <=1.11.17)

django PYPI version =1.11.0, =0.2.0.dev20181221, =0.0.19, =4.4.1, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =0.1.2, =0.2.0 and more Source cves: CVE-2019-3498 Source advisory: OSV:PYSEC-2019-17...

6.5CVSS6.7AI score0.03685EPSS
Exploits0
CVE
CVE
added 2019/01/09 10:0 p.m.165 views

CVE-2019-3498

CVE-2019-3498 affects Django in the function django.views.defaults.page_not_found() where output can be spoofed on a 404 page due to improper neutralization of elements. Affected versions are Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5. Remediation is to upgrade to t...

6.5CVSS6.2AI score0.03685EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder