Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.4 (python-django) security update

An update for python-django is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 8 : Red Hat OpenStack Platform 16.1.4 (python-django) (RHSA-2021:0915)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0915 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as...

Fedora 32 : python-django (2021-ef83e8525a)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-ef83e8525a advisory. - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are...

Fedora 33 : python-django (2021-1bb399a5af)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-1bb399a5af advisory. - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are...

MGASA-2021-0135 Updated python-django package fixes a security vulnerability

Django contains a copy of urllib.parse.parseqsl which was added to backport some security fixes to prevent web cache poisoning. A further security fix has been issued recently such that parseqsl no longer allows using ; as a query parameter separator by default CVE-2021-23336...

Fedora: Security Advisory for python-django (FEDORA-2021-ef83e8525a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python-django (FEDORA-2021-1bb399a5af)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Ubuntu: Security Advisory (USN-4742-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Web Cache Poisoning

python-django is vulnerable to web cache poisoning. An attacker may separate query parameters using a semicolon ;, causing a difference in the interpretation of the request between the proxy running with default configuration and the server resulting in malicious requests being cached as complete...

Debian: Security Advisory (DLA-2569-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-202102-28] python-django: url request injection

Arch Linux Security Advisory ASA-202102-28 ========================================== Severity: Medium Date : 2021-02-20 CVE-ID : CVE-2021-23336 Package : python-django Type : url request injection Remote : Yes Link : https://security.archlinux.org/AVG-1593 Summary ======= The package python-djan...

[SECURITY] [DLA 2569-1] python-django security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2569-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 19, 2021 https://wiki.debian.org/LTS -...

atila-vue (>=0.1.3 <=0.1.3.5), contrail (>=0.3.0 <=1.0.2) +28 more potentially affected by CVE-2021-23336 via django (>=3.0.0 <=3.0.11)

django PYPI version =3.0.0, =0.1.3, =0.3.0, =0.1.1, =0.0.1, =0.0.1, =0.2.1, =0.8.0, =0.7.0, =0.10.0, =0.5.0, =0.6.4 and more Source cves: CVE-2021-23336 Source advisory: SNYK:PYTHON-DJANGO-1076802...

DLA-2569-1 python-django - security update

Bulletin has no description...

SUSE-RU-2021:0497-1 Recommended update for ardana-db, ardana-horizon, ardana-logging, ardana-monasca, ardana-opsconsole-ui, ardana-osconfig, crowbar-core, crowbar-openstack, kibana, openstack-dashboard, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, release-notes-suse-openstack-cloud, sleshammer

This update for ardana-db, ardana-horizon, ardana-logging, ardana-monasca, ardana-opsconsole-ui, ardana-osconfig, crowbar-core, crowbar-openstack, kibana, openstack-dashboard, openstack-manila, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1,...

Fedora: Security Advisory for python-django (FEDORA-2021-5329c680f7)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-RU-2021:0351-1 Recommended update for ardana-horizon, ardana-logging, ardana-monasca, ardana-mq, ardana-osconfig, crowbar-ha, crowbar-openstack, kibana, openstack-neutron, openstack-nova, python-Django, release-notes-suse-openstack-cloud, sleshammer, spark

This update for ardana-horizon, ardana-logging, ardana-monasca, ardana-mq, ardana-osconfig, crowbar-ha, crowbar-openstack, kibana, openstack-neutron, openstack-nova, python-Django, release-notes-suse-openstack-cloud, sleshammer, spark fixes the following issues: Security fix from this update:...

[ASA-202102-18] python-django: directory traversal

Arch Linux Security Advisory ASA-202102-18 ========================================== Severity: Low Date : 2021-02-07 CVE-ID : CVE-2021-3281 Package : python-django Type : directory traversal Remote : No Link : https://security.archlinux.org/AVG-1518 Summary ======= The package python-django befo...

Ubuntu: Security Advisory (USN-4715-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2540-1 : python-django security update

It was discovered that there was a potential directory-traversal in Django, a Python-based web development framework. For Debian 9 'Stretch', this problem has been fixed in version 1:1.10.7-2+deb9u10. We recommend that you upgrade your python-django packages. For the detailed security status of...