CVE-2014-1418
published 2014-05-16CVE-2014-1418: Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header…
PriorityP430medium6.4CVSS 2.0
AVNACLAuNCPIPAN
EPSS
2.55%
83.0th percentile
Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the cache via a request from certain browsers.
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | python-django | < python-django 1.6.5-1 (bookworm) | python-django 1.6.5-1 (bookworm) |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
CVSS provenance
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:P/A:N
osv6.4MEDIUM
vendor_debian6.4MEDIUM
vendor_redhat6.4MEDIUM
vendor_ubuntu6.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Django Vulnerable to Cache Poisoning
osv·2022-05-17
CVE-2014-1418 [CRITICAL] Django Vulnerable to Cache Poisoning
Django Vulnerable to Cache Poisoning
Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the cache via a request from certain browsers.
GHSA
Django Vulnerable to Cache Poisoning
ghsa·2022-05-17
CVE-2014-1418 [CRITICAL] CWE-349 Django Vulnerable to Cache Poisoning
Django Vulnerable to Cache Poisoning
Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the cache via a request from certain browsers.
OSV
CVE-2014-1418: Django 1
osv·2014-05-16·CVSS 6.4
CVE-2014-1418 [MEDIUM] CVE-2014-1418: Django 1
Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the cache via a request from certain browsers.
OSV
python-django vulnerabilities
osv·2014-05-15·CVSS 6.4
CVE-2014-1418 [MEDIUM] python-django vulnerabilities
python-django vulnerabilities
Stephen Stewart, Michael Nelson, Natalia Bidart and James Westby
discovered that Django improperly removed Vary and Cache-Control headers
from HTTP responses when replying to a request from an Internet Explorer
or Chrome Frame client. An attacker may use this to retrieve private data
or poison caches. This update removes workarounds for bugs in Internet
Explorer 6 and 7. (CVE-2014-1418)
Peter Kuma and Gavin Wahl discovered that Django did not correctly
validate some malformed URLs, which are accepted by some browsers. An
attacker may use this to cause unexpected redirects. An update has been
provided for 12.04 LTS, 12.10, 13.10, and 14.04 LTS; this issue remains
unfixed for 10.04 LTS as no "is_safe_url()" functionality existed in
this version.
Ubuntu
Django vulnerabilities
vendor_ubuntu·2014-05-15·CVSS 6.4
CVE-2014-1418 [MEDIUM] Django vulnerabilities
Title: Django vulnerabilities
Summary: Django applications could be made to expose sensitive information over
the network.
Stephen Stewart, Michael Nelson, Natalia Bidart and James Westby
discovered that Django improperly removed Vary and Cache-Control headers
from HTTP responses when replying to a request from an Internet Explorer
or Chrome Frame client. An attacker may use this to retrieve private data
or poison caches. This update removes workarounds for bugs in Internet
Explorer 6 and 7. (CVE-2014-1418)
Peter Kuma and Gavin Wahl discovered that Django did not correctly
validate some malformed URLs, which are accepted by some browsers. An
attacker may use this to cause unexpected redirects. An update has been
provided for 12.04 LTS, 12.10, 13.10, and 14.04 LTS; this issue remains
unf
Red Hat
Django: cached data possibly served to the wrong session
vendor_redhat·2014-05-14·CVSS 6.4
CVE-2014-1418 [MEDIUM] Django: cached data possibly served to the wrong session
Django: cached data possibly served to the wrong session
Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the cache via a request from certain browsers.
Package: Django (Red Hat OpenStack Platform 3) - Will not fix
Package: Django (Red Hat OpenStack Platform 4) - Will not fix
Package: Django (Red Hat Subscription Asset Manager) - Will not fix
Debian
CVE-2014-1418: python-django - Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7...
vendor_debian·2014·CVSS 6.4
CVE-2014-1418 [MEDIUM] CVE-2014-1418: python-django - Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7...
Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the cache via a request from certain browsers.
Scope: local
bookworm: resolved (fixed in 1.6.5-1)
bullseye: resolved (fixed in 1.6.5-1)
forky: resolved (fixed in 1.6.5-1)
sid: resolved (fixed in 1.6.5-1)
trixie: resolved (fixed in 1.6.5-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2014-1418 python-django14: various flaws [fedora-all]
bugzilla·2014-05-14·CVSS 6.4
CVE-2014-1418 [MEDIUM] CVE-2014-1418 python-django14: various flaws [fedora-all]
CVE-2014-1418 python-django14: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, use the bodhi submission link noted
in the next comment(s). This will include the bug IDs of this tracking
bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
NOTE: this issue affects multiple supported versions o
Bugzilla
CVE-2014-1418 python-django: various flaws [fedora-all]
bugzilla·2014-05-14·CVSS 6.4
CVE-2014-1418 [MEDIUM] CVE-2014-1418 python-django: various flaws [fedora-all]
CVE-2014-1418 python-django: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, use the bodhi submission link noted
in the next comment(s). This will include the bug IDs of this tracking
bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
NOTE: this issue affects multiple supported versions of
Bugzilla
CVE-2014-1418 Django: cached data possibly served to the wrong session
bugzilla·2014-05-14·CVSS 6.4
CVE-2014-1418 [MEDIUM] CVE-2014-1418 Django: cached data possibly served to the wrong session
CVE-2014-1418 Django: cached data possibly served to the wrong session
It was reported that, in certain situations, cached data in Django could be served to a different session, or to a user with no session at all. The original report from upstream:
""
In certain situations, Django may allow caches to store private data
related to a particular session and then serve that data to requests
with a different session, or no session at all. This can both lead to
information disclosure, and can be a vector for cache poisoning.
When using Django sessions, Django will set a ``Vary: Cookie`` header
to ensure caches do not serve cached data to requests from other
sessions. However, older versions of Internet Explorer (most likely
only Internet Explorer 6, and Internet Explorer 7 if run on Windows
Bugzilla
CVE-2014-1418 Django14: various flaws [epel-6]
bugzilla·2014-05-14·CVSS 6.4
CVE-2014-1418 [MEDIUM] CVE-2014-1418 Django14: various flaws [epel-6]
CVE-2014-1418 Django14: various flaws [epel-6]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, use the bodhi submission link noted
in the next comment(s). This will include the bug IDs of this tracking
bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
epel-6 tracking bug for Django14: see blocks bug list for fu
http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.htmlhttp://secunia.com/advisories/61281http://ubuntu.com/usn/usn-2212-1http://www.debian.org/security/2014/dsa-2934http://www.openwall.com/lists/oss-security/2014/05/14/10http://www.openwall.com/lists/oss-security/2014/05/15/3https://www.djangoproject.com/weblog/2014/may/14/security-releases-issued/http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.htmlhttp://secunia.com/advisories/61281http://ubuntu.com/usn/usn-2212-1http://www.debian.org/security/2014/dsa-2934http://www.openwall.com/lists/oss-security/2014/05/14/10http://www.openwall.com/lists/oss-security/2014/05/15/3https://www.djangoproject.com/weblog/2014/may/14/security-releases-issued/
2014-05-16
Published