12 matches found
CVE-2018-25160
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...
EUVD-2018-21615
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...
CVE-2018-25160
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...
CVE-2018-25160 HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...
EUVD-2020-0067
Malware in sbrugna...
SUSE CVE-2020-13254
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...
django: potential data leakage via malformed memcached keys
A flaw was found in Django, where the memcached backend does not perform key validation and passes malformed keys. This flaw causes a key collision and potential data leakage. The highest threat from this vulnerability is to confidentiality...
GHSA-WPJR-J57X-WXFW Data leakage via cache key collision in Django
An issue was discovered in Django version 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...
DEBIAN-CVE-2020-13254
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...
PYSEC-2020-31
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...
UBUNTU-CVE-2020-13254
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...
PT-2020-5484 · Django +3 · Django +3
Name of the Vulnerable Software and Affected Versions: Django versions 2.2 before 2.2.13 Django versions 3.0 before 3.0.7 Description: The issue is related to errors in the certificate authentication procedure in the Django library. It may allow a remote attacker to gain unauthorized access to...