CVE-2014-0480
published 2014-08-26CVE-2014-0480: The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly…
PriorityP427medium5.8CVSS 2.0
AVNACMAuNCPIPAN
EPSS
2.28%
80.9th percentile
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL to be generated.
Affected
35 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | python-django | < python-django 1.6.6-1 (bookworm) | python-django 1.6.6-1 (bookworm) |
| djangoproject | django | <= 1.4.13 | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
CVSS provenance
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
osv5.8MEDIUM
vendor_debian5.8MEDIUM
vendor_redhat5.8MEDIUM
vendor_ubuntu5.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Django Incorrectly Validates URLs
osv·2022-05-14
CVE-2014-0480 [HIGH] Django Incorrectly Validates URLs
Django Incorrectly Validates URLs
The `core.urlresolvers.reverse` function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a `//` (slash slash) in a URL, which triggers a scheme-relative URL to be generated.
GHSA
Django Incorrectly Validates URLs
ghsa·2022-05-14
CVE-2014-0480 [HIGH] CWE-20 Django Incorrectly Validates URLs
Django Incorrectly Validates URLs
The `core.urlresolvers.reverse` function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a `//` (slash slash) in a URL, which triggers a scheme-relative URL to be generated.
OSV
python-django vulnerabilities
osv·2014-09-16·CVSS 5.8
CVE-2014-0480 [MEDIUM] python-django vulnerabilities
python-django vulnerabilities
Florian Apolloner discovered that Django incorrectly validated URLs. A
remote attacker could use this issue to conduct phishing attacks.
(CVE-2014-0480)
David Wilson discovered that Django incorrectly handled file name
generation. A remote attacker could use this issue to cause Django to
consume resources, resulting in a denial of service. (CVE-2014-0481)
David Greisen discovered that Django incorrectly handled certain headers in
contrib.auth.middleware.RemoteUserMiddleware. A remote authenticated user
could use this issue to hijack web sessions. (CVE-2014-0482)
Collin Anderson discovered that Django incorrectly checked if a field
represented a relationship between models in the administrative interface.
A remote authenticated user could use this issue to
OSV
CVE-2014-0480: The core
osv·2014-08-26·CVSS 5.8
CVE-2014-0480 [MEDIUM] CVE-2014-0480: The core
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL to be generated.
Ubuntu
Django vulnerabilities
vendor_ubuntu·2014-09-16·CVSS 5.8
CVE-2014-0480 [MEDIUM] Django vulnerabilities
Title: Django vulnerabilities
Summary: Several security issues were fixed in Django.
Florian Apolloner discovered that Django incorrectly validated URLs. A
remote attacker could use this issue to conduct phishing attacks.
(CVE-2014-0480)
David Wilson discovered that Django incorrectly handled file name
generation. A remote attacker could use this issue to cause Django to
consume resources, resulting in a denial of service. (CVE-2014-0481)
David Greisen discovered that Django incorrectly handled certain headers in
contrib.auth.middleware.RemoteUserMiddleware. A remote authenticated user
could use this issue to hijack web sessions. (CVE-2014-0482)
Collin Anderson discovered that Django incorrectly checked if a field
represented a relationship between models in the administrative interfa
Red Hat
Django: reverse() can generate URLs pointing to other hosts, leading to phishing attacks
vendor_redhat·2014-08-20·CVSS 5.8
CVE-2014-0480 [MEDIUM] Django: reverse() can generate URLs pointing to other hosts, leading to phishing attacks
Django: reverse() can generate URLs pointing to other hosts, leading to phishing attacks
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL to be generated.
Package: python-django (Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)) - Affected
Package: Django14 (Red Hat OpenStack Platform 4) - Affected
Package: Django (Red Hat Subscription Asset Manager) - Will not fix
Debian
CVE-2014-0480: python-django - The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5...
vendor_debian·2014·CVSS 5.8
CVE-2014-0480 [MEDIUM] CVE-2014-0480: python-django - The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5...
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL to be generated.
Scope: local
bookworm: resolved (fixed in 1.6.6-1)
bullseye: resolved (fixed in 1.6.6-1)
forky: resolved (fixed in 1.6.6-1)
sid: resolved (fixed in 1.6.6-1)
trixie: resolved (fixed in 1.6.6-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 Django14: various flaws [epel-6]
bugzilla·2014-08-22·CVSS 5.8
CVE-2014-0480 [MEDIUM] CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 Django14: various flaws [epel-6]
CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 Django14: various flaws [epel-6]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
epel-6 tracking bug for Django14: see bl
Bugzilla
CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django: various flaws [fedora-all]
bugzilla·2014-08-22·CVSS 5.8
CVE-2014-0480 [MEDIUM] CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django: various flaws [fedora-all]
CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple su
Bugzilla
CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django15: various flaws [epel-6]
bugzilla·2014-08-22·CVSS 5.8
CVE-2014-0480 [MEDIUM] CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django15: various flaws [epel-6]
CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django15: various flaws [epel-6]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
epel-6 tracking bug for python-dj
Bugzilla
CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django15: various flaws [fedora-20]
bugzilla·2014-08-22·CVSS 5.8
CVE-2014-0480 [MEDIUM] CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django15: various flaws [fedora-20]
CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django15: various flaws [fedora-20]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
fedora-20 tracking bug for python-d
Bugzilla
CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django15: various flaws [epel-7]
bugzilla·2014-08-22·CVSS 5.8
CVE-2014-0480 [MEDIUM] CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django15: various flaws [epel-7]
CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django15: various flaws [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
epel-7 tracking bug for python-dj
Bugzilla
CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django14: various flaws [fedora-all]
bugzilla·2014-08-22·CVSS 5.8
CVE-2014-0480 [MEDIUM] CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django14: various flaws [fedora-all]
CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 python-django14: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple
Bugzilla
CVE-2014-0480 Django: reverse() can generate URLs pointing to other hosts, leading to phishing attacks
bugzilla·2014-08-14·CVSS 5.8
CVE-2014-0480 [MEDIUM] CVE-2014-0480 Django: reverse() can generate URLs pointing to other hosts, leading to phishing attacks
CVE-2014-0480 Django: reverse() can generate URLs pointing to other hosts, leading to phishing attacks
The Django project reports the following issue:
""
Django includes the helper function
``django.core.urlresolvers.reverse``, typically used to generate a URL
from a reference to a view function or URL pattern name. However, when
presented with input beginning with two forward-slash characters
(``//``), ``reverse()`` could generate scheme-relative URLs to other
hosts, allowing an attacker who is aware of unsafe use of
``reverse()`` (i.e., in a situation where an end user can control the
target of a redirect, to take a common example) to generate links to
sites of their choice, enabling phishing and other attacks.
To remedy this, URL reversing now ensures that no URL starts with two
slas
http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.htmlhttp://secunia.com/advisories/59782http://secunia.com/advisories/61276http://secunia.com/advisories/61281http://www.debian.org/security/2014/dsa-3010http://www.securityfocus.com/bid/69425https://www.djangoproject.com/weblog/2014/aug/20/security/http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.htmlhttp://secunia.com/advisories/59782http://secunia.com/advisories/61276http://secunia.com/advisories/61281http://www.debian.org/security/2014/dsa-3010http://www.securityfocus.com/bid/69425https://www.djangoproject.com/weblog/2014/aug/20/security/
2014-08-26
Published