Lucene search
Ubuntu.comUB:CVE-2014-0480HistoryAug 26, 2014 - 12:00 a.m.
CVE-2014-0480
2014-08-2600:00:00
ubuntu.com
ubuntu.com
10
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.005 Low
EPSS
Percentile
74.9%
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x
before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does
not properly validate URLs, which allows remote attackers to conduct
phishing attacks via a // (slash slash) in a URL, which triggers a
scheme-relative URL to be generated.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | python-django | < 1.1.1-2ubuntu1.13 | UNKNOWN |
| ubuntu | 12.04 | noarch | python-django | < 1.3.1-4ubuntu1.12 | UNKNOWN |
| ubuntu | 14.04 | noarch | python-django | < 1.6.1-2ubuntu0.4 | UNKNOWN |
Related
debiancve
debiancve
CVE-2014-0480
2014-08-26 14:55:00
prion
prion
Code injection
2014-08-26 14:55:00
gitlab
gitlab
Improper Input Validation
2022-05-14 00:00:00
osv
osv
Django Incorrectly Validates URLs
2022-05-14 02:09:22
PYSEC-2014-4
2014-08-26 14:55:00
python-django - security update
2014-08-22 00:00:00
cve
cve
CVE-2014-0480
2014-08-26 14:55:00
github
github
Django Incorrectly Validates URLs
2022-05-14 02:09:22
ibm
ibm
nessus
nessus
Fedora 20 : python-django-1.6.6-1.fc20 (2014-9771)
2014-09-10 00:00:00
Ubuntu 14.04 LTS : Django vulnerabilities (USN-2347-1)
2014-09-17 00:00:00
Fedora 19 : python-django14-1.4.16-1.fc19 (2014-15307)
2014-12-02 00:00:00
openvas
openvas
Fedora Update for python-django15 FEDORA-2014-9866
2014-09-11 00:00:00
Debian: Security Advisory (DSA-3010-1)
2014-08-21 00:00:00
Ubuntu: Security Advisory (USN-2347-1)
2014-09-17 00:00:00
debian
debian
[SECURITY] [DSA 3010-1] python-django security update
2014-08-22 20:52:59
[SECURITY] [DSA 3010-1] python-django security update
2014-08-22 20:52:59
[SECURITY] [DLA 65-1] python-django security update
2014-09-29 08:20:58
fedora
fedora
[SECURITY] Fedora 20 Update: python-django15-1.5.9-1.fc20
2014-09-10 13:29:30
[SECURITY] Fedora 20 Update: python-django14-1.4.16-1.fc20
2014-12-01 18:59:44
[SECURITY] Fedora 20 Update: python-django14-1.4.14-1.fc20
2014-09-09 22:27:18
freebsd
freebsd
django -- multiple vulnerabilities
2014-08-20 00:00:00
gentoo
gentoo
Django: Multiple vulnerabilities
2014-12-13 00:00:00
mageia
mageia
Updated python-django packages fix multiple vulnerabilities
2014-09-05 13:07:37
ubuntu
ubuntu
Django vulnerabilities
2014-09-16 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3010-1] python-django security update
2014-08-26 00:00:00
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.005 Low
EPSS
Percentile
74.9%
Related for UB:CVE-2014-0480