Sergey Bobrov discovered that Django incorrectly parsed cookies when being
used with Google Analytics. A remote attacker could possibly use this issue
to set arbitrary cookies leading to a CSRF protection bypass.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 16.04 | noarch | python-django | <Â 1.8.7-1ubuntu5.2 | UNKNOWN |
Ubuntu | 16.04 | noarch | python-django-common | <Â 1.8.7-1ubuntu5.2 | UNKNOWN |
Ubuntu | 16.04 | noarch | python-django-doc | <Â 1.8.7-1ubuntu5.2 | UNKNOWN |
Ubuntu | 16.04 | noarch | python3-django | <Â 1.8.7-1ubuntu5.2 | UNKNOWN |
Ubuntu | 14.04 | noarch | python-django | <Â 1.6.1-2ubuntu0.15 | UNKNOWN |
Ubuntu | 14.04 | noarch | python-django-doc | <Â 1.6.1-2ubuntu0.15 | UNKNOWN |
Ubuntu | 12.04 | noarch | python-django | <Â 1.3.1-4ubuntu1.21 | UNKNOWN |
Ubuntu | 12.04 | noarch | python-django-doc | <Â 1.3.1-4ubuntu1.21 | UNKNOWN |