Debian Python-Django vulnerabilities

CVE-2015-5963 [MEDIUM] CVE-2015-5963: python-django - contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.... contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session

CVE-2015-0221 [MEDIUM] CVE-2015-0221: python-django - The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10,... The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service (memory consumption) via a long line in a file. Scope: local bookworm: resolved (fixed in 1.7.1-1.1) bullseye: resolved (fixed in 1.7.1-1.1) forky: resolved (fix

CVE-2015-2317 [MEDIUM] CVE-2015-2317: python-django - The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before... The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL. Scope: local bookworm: resolved (fixed in 1.7

CVE-2015-5144 [MEDIUM] CVE-2015-5144: python-django - Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before ... Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an (1) email message to the EmailValidator, a (2) URL to the URLValidator, or unspecified vectors to the (3)

CVE-2015-0219 [MEDIUM] CVE-2015-0219: python-django - Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote ... Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X-Auth_User header. Scope: local bookworm: resolved (fixed in 1.7.1-1.1) bullseye: resolved (fixed in 1.7.1-1.1) forky: resolved (fixed in 1

CVE-2015-2241 [MEDIUM] CVE-2015-2241: python-django - Cross-site scripting (XSS) vulnerability in the contents function in admin/helpe... Cross-site scripting (XSS) vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a model attribute in ModelAdmin.readonly_fields, as demonstrated by a @property. Scope: local bookworm: resolved (fixed in 1.7.6-1) bullseye: resolved (fixed in 1.7.

CVE-2015-5964 [MEDIUM] CVE-2015-5964: python-django - The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.Sessio... The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors. Scope: local bookwo

CVE-2015-0220 [MEDIUM] CVE-2015-0220: python-django - The django.util.http.is_safe_url function in Django before 1.4.18, 1.6.x before ... The django.util.http.is_safe_url function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL, related to redirect URLs, as demonstrated by a "\njavascript:" URL. Scope: local bookworm: resolved (fixed in

CVE-2015-3982 [MEDIUM] CVE-2015-3982: python-django - The session.flush function in the cached_db backend in Django 1.8.x before 1.8.2... The session.flush function in the cached_db backend in Django 1.8.x before 1.8.2 does not properly flush the session, which allows remote attackers to hijack user sessions via an empty string in the session key. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2015-5145 [HIGH] CVE-2015-5145: python-django - validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to ... validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2014-0474 [CRITICAL] CVE-2014-0474: python-django - The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model f... The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting." Scope: local bookworm: resolved

CVE-2014-3730 [MEDIUM] CVE-2014-3730: python-django - The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 befor... The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly validate URLs, which allows remote attackers to conduct open redirect attacks via a malformed URL, as demonstrated by "http:\\\djangoproject.com." Scope: local bookworm: resolved (fixed in 1.6.5-1) bullseye: resolved

CVE-2014-1418 [MEDIUM] CVE-2014-1418: python-django - Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7... Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the cache via a request from certain browsers. Scope: local bookworm: resolved (fixed in 1.6.5-1) bullseye: resolved (

CVE-2014-0481 [MEDIUM] CVE-2014-0481: python-django - The default configuration for the file upload handling system in Django before 1... The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 uses a sequential file name generation process when a file with a conflicting name is uploaded, which allows remote attackers to cause a denial of service (CPU consumption) by unloading a multiple fil

CVE-2014-0472 [MEDIUM] CVE-2014-0472: python-django - The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x bef... The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules by leveraging a view that constructs URLs using user input and a "dotted Python path." Scope: local bookworm: resolved (fixed in 1.6.3-1) bullseye: reso

CVE-2014-0482 [MEDIUM] CVE-2014-0482: python-django - The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4... The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3, when using the contrib.auth.backends.RemoteUserBackend backend, allows remote authenticated users to hijack web sessions via vectors related to the REMOTE_USER header. Scope: local bookworm: resolved (

CVE-2014-0473 [MEDIUM] CVE-2014-0473: python-django - The caching framework in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before ... The caching framework in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 reuses a cached CSRF token for all anonymous users, which allows remote attackers to bypass CSRF protections by reading the CSRF cookie for anonymous users. Scope: local bookworm: resolved (fixed in 1.6.3-1) bullseye: resolved (fixed in 1.6.3-1) f

CVE-2014-0480 [MEDIUM] CVE-2014-0480: python-django - The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5... The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL to be generated. Scope: local bookworm: resolved (fixed in 1.6

CVE-2014-0483 [LOW] CVE-2014-0483: python-django - The administrative interface (contrib.admin) in Django before 1.4.14, 1.5.x befo... The administrative interface (contrib.admin) in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not check if a field represents a relationship between models, which allows remote authenticated users to obtain sensitive information via a to_field parameter in a popup action to an admin change form page, as demo

CVE-2013-4315 [MEDIUM] CVE-2013-4315: python-django - Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5... Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting followed by a .. (dot dot) in a ssi template tag. Scope: local bookworm: resolved (fixed in 1.5.3-1) bullseye: resolved (fixed in 1.5.3-1) forky: res