CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 1CVE-2015-0219
https://notcve.org/view.php?id=CVE-2015-0219
Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X-Auth_User header. Django anterior a 1.4.18, 1.6.x anterior a 1.6.10, y 1.7.x anterior a 1.7.3 permite a atacantes remotos falsificar cabeceras WSGI mediante el uso de un caracter _ (guión bajo) en lugar de un caracter - (guión) en una cabecera HTTP, tal y como fue demostrado por una cabecera X-Auth_User. • http://advisories.mageia.org/MGASA-2015-0026.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html http://secunia.com/advisories/62285 http://secunia.com/advisories/62309 http:&#x • CWE-17: DEPRECATED: Code •
CVSS: 4.3EPSS: 0%CPEs: 18EXPL: 1CVE-2015-0220
https://notcve.org/view.php?id=CVE-2015-0220
The django.util.http.is_safe_url function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL, related to redirect URLs, as demonstrated by a "\njavascript:" URL. La función django.util.http.is_safe_url en Django anterior a 1.4.18, 1.6.x anterior a 1.6.10, y 1.7.x anterior a 1.7.3 no maneja correctamente los espacios en blanco líder, lo que permite a atacantes remotos realizar ataques de XSS a través de una URL manipulada, relacionado con redirigir URLs, tal y como fue demostrado por una URL '\njavascript:'. • http://advisories.mageia.org/MGASA-2015-0026.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html http://secunia.com/advisories/62285 http://secunia.com/advisories/62309 http://secunia.com/advisories/62718 http://ubuntu.com/usn/usn-2469-1 http:&#x • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 2%CPEs: 18EXPL: 0CVE-2015-0222
https://notcve.org/view.php?id=CVE-2015-0222
ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries. ModelMultipleChoiceField en Django 1.6.x anterior a 1.6.10 y 1.7.x anterior a 1.7.3, cuando show_hidden_initial está configurado a 'True', permite a atacantes remotos causar una denegación de servicio mediante la presentación de valores duplicados, lo que provoca un número grande de consultas SQL. • http://advisories.mageia.org/MGASA-2015-0026.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html http://secunia.com/advisories/62285 http://secunia.com/advisories/62309 http:&#x • CWE-17: DEPRECATED: Code •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2011-4104
https://notcve.org/view.php?id=CVE-2011-4104
The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method. El método from_yaml en serializers.py en Django Tastypie anterior a 0.9.10 no deserializa debidamente los datos YAML, lo que permite a atacantes remotos ejecutar código Python arbitrario a través de vectores relacionados con el método yaml.load. • http://www.openwall.com/lists/oss-security/2011/11/02/1 http://www.openwall.com/lists/oss-security/2011/11/02/7 https://github.com/toastdriven/django-tastypie/commit/e8af315211b07c8f48f32a063233cc3f76dd5bc2 https://groups.google.com/forum/#%21topic/django-tastypie/i2aNGDHTUBI https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases • CWE-20: Improper Input Validation •
CVSS: 6.0EPSS: 0%CPEs: 42EXPL: 0CVE-2014-0482
https://notcve.org/view.php?id=CVE-2014-0482
The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3, when using the contrib.auth.backends.RemoteUserBackend backend, allows remote authenticated users to hijack web sessions via vectors related to the REMOTE_USER header. El middleware contrib.auth.middleware.RemoteUserMiddleware en Django anterior a 1.4.14, 1.5.x anterior a 1.5.9, 1.6.x anterior a 1.6.6, y 1.7 anterior a release candidate 3, cuando utiliza el backend contrib.auth.backends.RemoteUserBackend, permite a usuarios remotos autenticados secuestrar sesiones web a través de vectores relacionados con la cabecera REMOTE_USER. • http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html http://secunia.com/advisories/59782 http://secunia.com/advisories/61276 http://secunia.com/advisories/61281 http://www.debian.org/security/2014/dsa-3010 https://www.djangoproject.com/weblog/2014/aug/20/security • CWE-287: Improper Authentication •