CVE-2013-4315
published 2013-09-16CVE-2013-4315: Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files…
PriorityP430medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
3.18%
86.5th percentile
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting followed by a .. (dot dot) in a ssi template tag.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | python-django | < python-django 1.5.3-1 (bookworm) | python-django 1.5.3-1 (bookworm) |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | >= 1.4 < 1.4.7 | 1.4.7 |
| djangoproject | django | >= 1.5 < 1.5.3 | 1.5.3 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
vendor_ubuntu5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Django vulnerabilities
vendor_ubuntu·2013-09-24·CVSS 5.0
CVE-2013-1443 [MEDIUM] Django vulnerabilities
Title: Django vulnerabilities
Summary: Several security issues were fixed in Django.
It was discovered that Django incorrectly handled large passwords. A remote
attacker could use this issue to consume resources, resulting in a denial
of service. (CVE-2013-1443)
It was discovered that Django incorrectly handled ssi templates. An
attacker could use this issue to read arbitrary files. (CVE-2013-4315)
It was discovered that the Django is_safe_url utility function did not
restrict redirects to certain schemes. An attacker could possibly use this
issue to perform a cross-site scripting attack.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
python-django: directory traversal with "ssi" template tag
vendor_redhat·2013-09-10·CVSS 5.0
CVE-2013-4315 [MEDIUM] CWE-22 python-django: directory traversal with "ssi" template tag
python-django: directory traversal with "ssi" template tag
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting followed by a .. (dot dot) in a ssi template tag.
Package: Django14 (Red Hat OpenStack Platform 4) - Affected
Package: Django (Red Hat Subscription Asset Manager) - Will not fix
Debian
CVE-2013-4315: python-django - Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5...
vendor_debian·2013·CVSS 5.0
CVE-2013-4315 [MEDIUM] CVE-2013-4315: python-django - Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5...
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting followed by a .. (dot dot) in a ssi template tag.
Scope: local
bookworm: resolved (fixed in 1.5.3-1)
bullseye: resolved (fixed in 1.5.3-1)
forky: resolved (fixed in 1.5.3-1)
sid: resolved (fixed in 1.5.3-1)
trixie: resolved (fixed in 1.5.3-1)
OSV
Django Directory Traversal via ssi template tag
osv·2022-05-17
CVE-2013-4315 [HIGH] Django Directory Traversal via ssi template tag
Django Directory Traversal via ssi template tag
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting followed by a `..` (dot dot) in a ssi template tag.
GHSA
Django Directory Traversal via ssi template tag
ghsa·2022-05-17
CVE-2013-4315 [HIGH] CWE-22 Django Directory Traversal via ssi template tag
Django Directory Traversal via ssi template tag
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting followed by a `..` (dot dot) in a ssi template tag.
OSV
CVE-2013-4315: Directory traversal vulnerability in Django 1
osv·2013-09-16·CVSS 5.0
CVE-2013-4315 [MEDIUM] CVE-2013-4315: Directory traversal vulnerability in Django 1
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting followed by a .. (dot dot) in a ssi template tag.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2013-4315 Django14: python-django: directory traversal with "ssi" template tag [epel-6]
bugzilla·2013-09-11·CVSS 5.0
CVE-2013-4315 [MEDIUM] CVE-2013-4315 Django14: python-django: directory traversal with "ssi" template tag [epel-6]
CVE-2013-4315 Django14: python-django: directory traversal with "ssi" template tag [epel-6]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
epel-6 t
Bugzilla
CVE-2013-4315 python-django: directory traversal with "ssi" template tag [fedora-all]
bugzilla·2013-09-11·CVSS 5.0
CVE-2013-4315 [MEDIUM] CVE-2013-4315 python-django: directory traversal with "ssi" template tag [fedora-all]
CVE-2013-4315 python-django: directory traversal with "ssi" template tag [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this i
Bugzilla
CVE-2013-4315 python-django14: python-django: directory traversal with "ssi" template tag [fedora-19]
bugzilla·2013-09-11·CVSS 5.0
CVE-2013-4315 [MEDIUM] CVE-2013-4315 python-django14: python-django: directory traversal with "ssi" template tag [fedora-19]
CVE-2013-4315 python-django14: python-django: directory traversal with "ssi" template tag [fedora-19]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
fed
Bugzilla
CVE-2013-4315 python-django: directory traversal with "ssi" template tag
bugzilla·2013-09-05·CVSS 5.0
CVE-2013-4315 [MEDIUM] CVE-2013-4315 python-django: directory traversal with "ssi" template tag
CVE-2013-4315 python-django: directory traversal with "ssi" template tag
Django upstream reported the following vulnerability in Django:
Django's template language includes two methods of including and
rendering one template inside another:
1. The ``{% include %}`` tag takes a template name, and uses Django's
template loading mechanism (which is restricted to the directories
specified in the ``TEMPLATE_DIRS`` setting, as with any other
normal template load in Django).
2. The ``{% ssi %}`` tag, which takes a file path and includes that
file's contents (optionally parsing and rendering it as a
template).
Since the ``ssi`` tag is not restricted to ``TEMPLATE_DIRS``, it
represents a security risk; the setting ``ALLOWED_INCLUDE_ROOTS`` thus
is required, and specifies filesystem locations f
http://lists.opensuse.org/opensuse-updates/2013-10/msg00015.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1521.htmlhttp://secunia.com/advisories/54772http://secunia.com/advisories/54828http://www.debian.org/security/2013/dsa-2755https://www.djangoproject.com/weblog/2013/sep/10/security-releases-issued/http://lists.opensuse.org/opensuse-updates/2013-10/msg00015.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1521.htmlhttp://secunia.com/advisories/54772http://secunia.com/advisories/54828http://www.debian.org/security/2013/dsa-2755https://www.djangoproject.com/weblog/2013/sep/10/security-releases-issued/
2013-09-16
Published