CVSS: 6.1EPSS: 1%CPEs: 3EXPL: 0CVE-2019-12308
https://notcve.org/view.php?id=CVE-2019-12308
An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link. Se descubrió un problema en Django 1.11 antes de 1.11.21, 2.1 anterior de la versión 2.1.9 y 2.2 anterior de la versión 2.2.2. El valor de la URL actual en la que se puede hacer clic, mostrado por el AdminURLFieldWidget, muestra el valor proporcionado sin validarlo como una URL segura. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html http://www.openwall.com/lists/oss-security/2019/06/03/2 http://www.securityfocus.com/bid/108559 https://docs.djangoproject.com/en/dev/releases/1.11.21 https://docs.djangoproject.com/en/dev/releases/2.1.9 https://docs.djangoproject.com/en/dev/releases/2.2.2 https://docs.djangoproject.com/en/dev/releases/security https:/&#x • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 0CVE-2019-6975
https://notcve.org/view.php?id=CVE-2019-6975
Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function. Django, en versiones 1.11.x anteriores a la 1.11.19, versiones 2.0.x anteriores a la 2.0.11 y versiones 2.1.x anteriores a la 2.1.6, permite el consumo incontrolado de memoria mediante un valor malicioso proporcionado por el atacante a la función django.utils.numberformat.format(). • http://www.securityfocus.com/bid/106964 https://docs.djangoproject.com/en/dev/releases/security https://groups.google.com/forum/#%21topic/django-announce/WTwEAprR0IQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/66WMXHGBXD7GSM3PEXVCMCAGLMQYHZCU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ https://seclists.org/bugtraq/2019/Jul/10 https://usn.ubuntu.com/3890-1 https://www.debian.org/se • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 1%CPEs: 10EXPL: 0CVE-2019-3498
https://notcve.org/view.php?id=CVE-2019-3498
In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content. En Django, en versiones 1.11.x anteriores a la 1.11.18, versiones 2.0.x anteriores a la 2.0.10 y 2.1.x anteriores a la 2.1.5, existe una neutralización incorrecta de elementos especiales en las salidas empleadas por un componente de bajada en django.views.defaults.page_not_found(), lo que conduce a la suplantación de contenido (en una página de error 404) si un usuario fracasa a la hora de reconocer que una URL manipulada tiene contenido malicioso. • http://www.securityfocus.com/bid/106453 https://docs.djangoproject.com/en/dev/releases/security https://groups.google.com/forum/#%21topic/django-announce/VYU7xQQTEPQ https://lists.debian.org/debian-lts-announce/2019/01/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVXDOVCXLD74SHR2BENGCE2OOYYYWJHZ https://usn.ubuntu.com/3851-1 https://www.debian.org/security/2019/dsa-4363 https://www.djangoproject.com/weblog/2019/jan/04/security-release • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16984
https://notcve.org/view.php?id=CVE-2018-16984
An issue was discovered in Django 2.1 before 2.1.2, in which unprivileged users can read the password hashes of arbitrary accounts. The read-only password widget used by the Django Admin to display an obfuscated password hash was bypassed if a user has only the "view" permission (new in Django 2.1), resulting in display of the entire password hash to those users. This may result in a vulnerability for sites with legacy user accounts using insecure hashes. Se ha descubierto un problema en Django, en versiones 2.1 anteriores a la 2.1.2, por el cual los usuarios no privilegiados pueden leer los hashes de contraseña de cuentas arbitrarias. El widget de contraseña de solo lectura empleada por el administrador de Django para mostrar un hash de contraseña ofuscada se omitía si un usuario tenía solo el permiso "view" (nuevo en Django 2.1), lo que resultaba en que el hash de contraseña completo se mostraba a esos usuarios. • http://www.securitytracker.com/id/1041749 https://security.netapp.com/advisory/ntap-20190502-0009 https://www.djangoproject.com/weblog/2018/oct/01/security-release • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2018-14574 – django: Open redirect possibility in CommonMiddleware
https://notcve.org/view.php?id=CVE-2018-14574
django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect. django.middleware.common.CommonMiddleware en Django en versiones 1.11.x anteriores a la 1.11.15 y versiones 2.0.x anteriores a la 2.0.8 tiene una redirección abierta. When using the django.middleware.common.CommonMiddleware class with the APPEND_SLASH setting enabled, Django projects which accept paths ending in a slash may be vulnerable to an unvalidated HTTP redirect. • http://www.securityfocus.com/bid/104970 http://www.securitytracker.com/id/1041403 https://access.redhat.com/errata/RHSA-2019:0265 https://usn.ubuntu.com/3726-1 https://www.debian.org/security/2018/dsa-4264 https://www.djangoproject.com/weblog/2018/aug/01/security-releases https://access.redhat.com/security/cve/CVE-2018-14574 https://bugzilla.redhat.com/show_bug.cgi?id=1609031 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •