CVE-2015-0222
published 2015-01-16CVE-2015-0222: ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a…
PriorityP424medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
2.69%
84.0th percentile
ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | python-django | < python-django 1.7.1-1.1 (bookworm) | python-django 1.7.1-1.1 (bookworm) |
| djangoproject | django | <= 1.4.17 | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | >= 1.6 < 1.6.10 | 1.6.10 |
| djangoproject | django | >= 1.7 < 1.7.3 | 1.7.3 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
vendor_ubuntu5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Django regression
vendor_ubuntu·2015-02-04·CVSS 5.0
CVE-2015-0221 [MEDIUM] Django regression
Title: Django regression
Summary: USN-2469-1 caused a regression in Django.
USN-2469-1 fixed vulnerabilities in Django. The security fix for
CVE-2015-0221 introduced a regression on Ubuntu 10.04 LTS and Ubuntu 12.04
LTS when serving static content through GZipMiddleware. This update fixes
the problem.
We apologize for the inconvenience.
Original advisory details:
Jedediah Smith discovered that Django incorrectly handled underscores in
WSGI headers. A remote attacker could possibly use this issue to spoof
headers in certain environments. (CVE-2015-0219)
Mikko Ohtamaa discovered that Django incorrectly handled user-supplied
redirect URLs. A remote attacker could possibly use this issue to perform a
cross-site scripting attack. (CVE-2015-0220)
Alex Gaynor discovered that Django incorre
Ubuntu
Django vulnerabilities
vendor_ubuntu·2015-01-13·CVSS 5.0
CVE-2015-0219 [MEDIUM] Django vulnerabilities
Title: Django vulnerabilities
Summary: Several security issues were fixed in Django.
Jedediah Smith discovered that Django incorrectly handled underscores in
WSGI headers. A remote attacker could possibly use this issue to spoof
headers in certain environments. (CVE-2015-0219)
Mikko Ohtamaa discovered that Django incorrectly handled user-supplied
redirect URLs. A remote attacker could possibly use this issue to perform a
cross-site scripting attack. (CVE-2015-0220)
Alex Gaynor discovered that Django incorrectly handled reading files in
django.views.static.serve(). A remote attacker could possibly use this
issue to cause Django to consume resources, resulting in a denial of
service. (CVE-2015-0221)
Keryn Knight discovered that Django incorrectly handled forms with
ModelMultipleChoiceFi
Red Hat
Django: database denial of service with ModelMultipleChoiceField
vendor_redhat·2015-01-13·CVSS 5.0
CVE-2015-0222 [MEDIUM] CWE-20 Django: database denial of service with ModelMultipleChoiceField
Django: database denial of service with ModelMultipleChoiceField
ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.
Package: python-django (Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)) - Not affected
Package: python-django (Red Hat Enterprise Linux OpenStack Platform 6 (Juno)) - Not affected
Debian
CVE-2015-0222: python-django - ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, w...
vendor_debian·2015·CVSS 5.0
CVE-2015-0222 [MEDIUM] CVE-2015-0222: python-django - ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, w...
ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.
Scope: local
bookworm: resolved (fixed in 1.7.1-1.1)
bullseye: resolved (fixed in 1.7.1-1.1)
forky: resolved (fixed in 1.7.1-1.1)
sid: resolved (fixed in 1.7.1-1.1)
trixie: resolved (fixed in 1.7.1-1.1)
OSV
Django database denial-of-service with ModelMultipleChoiceField
osv·2022-05-17
CVE-2015-0222 [HIGH] Django database denial-of-service with ModelMultipleChoiceField
Django database denial-of-service with ModelMultipleChoiceField
ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.
GHSA
Django database denial-of-service with ModelMultipleChoiceField
ghsa·2022-05-17
CVE-2015-0222 [HIGH] CWE-770 Django database denial-of-service with ModelMultipleChoiceField
Django database denial-of-service with ModelMultipleChoiceField
ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.
OSV
CVE-2015-0222: ModelMultipleChoiceField in Django 1
osv·2015-01-16·CVSS 5.0
CVE-2015-0222 [MEDIUM] CVE-2015-0222: ModelMultipleChoiceField in Django 1
ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.
OSV
python-django vulnerabilities
osv·2015-01-13·CVSS 5.0
CVE-2015-0219 [MEDIUM] python-django vulnerabilities
python-django vulnerabilities
Jedediah Smith discovered that Django incorrectly handled underscores in
WSGI headers. A remote attacker could possibly use this issue to spoof
headers in certain environments. (CVE-2015-0219)
Mikko Ohtamaa discovered that Django incorrectly handled user-supplied
redirect URLs. A remote attacker could possibly use this issue to perform a
cross-site scripting attack. (CVE-2015-0220)
Alex Gaynor discovered that Django incorrectly handled reading files in
django.views.static.serve(). A remote attacker could possibly use this
issue to cause Django to consume resources, resulting in a denial of
service. (CVE-2015-0221)
Keryn Knight discovered that Django incorrectly handled forms with
ModelMultipleChoiceField. A remote attacker could possibly use this issue
to
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2015-0222 python-django: Django: database denial of service with ModelMultipleChoiceField [fedora-all]
bugzilla·2015-01-14·CVSS 5.0
CVE-2015-0222 [MEDIUM] CVE-2015-0222 python-django: Django: database denial of service with ModelMultipleChoiceField [fedora-all]
CVE-2015-0222 python-django: Django: database denial of service with ModelMultipleChoiceField [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects mu
Bugzilla
CVE-2015-0222 python-django: Django: database denial of service with ModelMultipleChoiceField [epel-7]
bugzilla·2015-01-14·CVSS 5.0
CVE-2015-0222 [MEDIUM] CVE-2015-0222 python-django: Django: database denial of service with ModelMultipleChoiceField [epel-7]
CVE-2015-0222 python-django: Django: database denial of service with ModelMultipleChoiceField [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
epel-7 tracking bug for py
Bugzilla
CVE-2015-0222 Django: database denial of service with ModelMultipleChoiceField
bugzilla·2015-01-07·CVSS 5.0
CVE-2015-0222 [MEDIUM] CVE-2015-0222 Django: database denial of service with ModelMultipleChoiceField
CVE-2015-0222 Django: database denial of service with ModelMultipleChoiceField
The Django project reports the following issue:
"""
Given a form that uses ``ModelMultipleChoiceField`` and ``show_hidden_initial=True`` (not a documented API), it was possible for a user to cause an unreasonable number of SQL queries by submitting duplicate values for the field's data. The validation logic in ``ModelMultipleChoiceField`` now deduplicates submitted values to address this issue.
"""
This issue is resolved in the upstream versions 1.7.3 and 1.6.10.
Acknowledgements:
Red Hat would like to thank the upstream Django project for reporting this issue.
Discussion:
Created attachment 977200
mmc-dos-1.6.x.patch
---
Created attachment 977201
mmc-dos-1.7.x.patch
---
Created attachment 977202
mmc-
http://advisories.mageia.org/MGASA-2015-0026.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.htmlhttp://lists.opensuse.org/opensuse-updates/2015-04/msg00001.htmlhttp://lists.opensuse.org/opensuse-updates/2015-09/msg00035.htmlhttp://secunia.com/advisories/62285http://secunia.com/advisories/62309http://ubuntu.com/usn/usn-2469-1http://www.mandriva.com/security/advisories?name=MDVSA-2015:109https://www.djangoproject.com/weblog/2015/jan/13/security/http://advisories.mageia.org/MGASA-2015-0026.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/148608.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-January/148696.htmlhttp://lists.opensuse.org/opensuse-updates/2015-04/msg00001.htmlhttp://lists.opensuse.org/opensuse-updates/2015-09/msg00035.htmlhttp://secunia.com/advisories/62285http://secunia.com/advisories/62309http://ubuntu.com/usn/usn-2469-1http://www.mandriva.com/security/advisories?name=MDVSA-2015:109https://www.djangoproject.com/weblog/2015/jan/13/security/
2015-01-16
Published