CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

SUSE CVE•added 2023/02/15 4:48 a.m.•1 views

SUSE CVE-2017-7234

A maliciously crafted URL to a Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 site using the django.views.static.serve view could redirect to any other domain, aka an open redirect vulnerability...

6.1CVSS7.6AI score0.00258EPSS

Exploits1References6

Github Security Blog•added 2022/05/17 3:20 a.m.•24 views

Django DoS in django.views.static.serve

The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service memory consumption via a long line in a file...

5CVSS6.6AI score0.07842EPSS

Exploits1References20Affected Software1

OSV•added 2019/01/04 5:50 p.m.•0 views

GHSA-H4HV-M4H4-MHWG Django open redirect

6.1CVSS7AI score0.00258EPSS

Exploits1References11

Github Security Blog•added 2019/01/04 5:50 p.m.•28 views

Django open redirect

6.1CVSS6.4AI score0.00258EPSS

Exploits1References10Affected Software1

seebug.org•added 2017/04/13 12:0 a.m.•127 views

Django.views.static.serve url跳转漏洞（CVE-2017-7234）

来源：同程安全应急响应中心作者：Nearg1e@YSRC 来自 @Phithon 的一个漏洞。问题出现在：django.views.static.serve函数上。该函数可以用来指定web站点的静态文件目录。如: python urlpatterns = urlr'^admin/', admin.site.urls, urlr'^staticp/?P.$', serve, 'documentroot': os.path.joinsettings.BASEDIR, 'staticpath'...

5.8CVSS6.8AI score0.00258EPSS

Exploits1

PyPA•added 2017/04/04 5:59 p.m.•3 views

PYSEC-2017-10

6.1CVSS6.7AI score0.00258EPSS

Exploits1References5Affected Software1

OSV•added 2017/04/04 5:59 p.m.•2 views

DEBIAN-CVE-2017-7234

6.1CVSS6.7AI score0.00258EPSS

Exploits1References1

OSV•added 2017/04/04 5:59 p.m.•0 views

PYSEC-2017-10

6.1CVSS6.7AI score0.00258EPSS

Exploits1References5

OSV•added 2017/04/04 5:59 p.m.•1 views

ALPINE-CVE-2017-7234

6.1CVSS6.7AI score0.00258EPSS

Exploits1References1

OSV•added 2017/04/04 5:9 p.m.•0 views

USN-3254-1 python-django vulnerabilities

It was discovered that Django incorrectly handled numeric redirect URLs. A remote attacker could possibly use this issue to perform XSS attacks, and to use a Django server as an open redirect. CVE-2017-7233 Phithon Gong discovered that Django incorrectly handled certain URLs when the...

6.1CVSS6.7AI score0.00747EPSS

Exploits2References3

OSV•added 2017/04/04 2:0 p.m.•0 views

UBUNTU-CVE-2017-7234

6.1CVSS6.7AI score0.00258EPSS

Exploits1References4

Positive Technologies•added 2017/04/04 12:0 a.m.•5 views

PT-2017-17596 · Django Software Foundation +2 · Django +2

Name of the Vulnerable Software and Affected Versions: Django versions 1.8 through 1.8.18 Django versions 1.9 through 1.9.13 Django versions 1.10 through 1.10.7 Description: A maliciously crafted URL to a Django site using the django.views.static.serve view could redirect to any other domain. Thi...

9.8CVSS6.1AI score0.92834EPSS

Exploits30References119

EUVD•added 2015/01/16 4:59 p.m.•1 views

EUVD-2015-0015

5CVSS6AI score0.07842EPSS

Exploits1References28

OSV•added 2015/01/16 4:59 p.m.•25 views

PYSEC-2015-6

5CVSS4.9AI score0.07842EPSS

Exploits1References13

Debian CVE•added 2015/01/16 4:0 p.m.•34 views

CVE-2015-0221

5CVSS6.1AI score0.07842EPSS

Exploits1

CNVD•added 2015/01/16 12:0 a.m.•1 views

Django 'django.views.static.serve()' function denial of service vulnerability

Django is an open source web application framework written in Python . A denial of service vulnerability exists in the Django 'django.views.static.serve' function, which could be exploited by a remote attacker to trigger a denial of service due to excessive resource consumption...

5CVSS6.8AI score0.07842EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by