Django Software Foundation

Short Name: [None Entered]
Previous Names: [None Entered]
URL: [None Entered]
Email: [None Entered]
Security URL: [None Entered]
Security Email: [None Entered]
Knowledge Base: [None Entered]
Notes: [No Notes]

Vulnerabilities by Vendor Product

Django Software Foundation

Django Software Foundation
Django Piston Watch-list
0.2.2
OSVDB ID: 77104 Django Piston / Tastypie YAML Data Deserialization yaml.load Method Remote Code Execution
Django Tastypie Watch-list
0.9.9
OSVDB ID: 77104 Django Piston / Tastypie YAML Data Deserialization yaml.load Method Remote Code Execution
Django Watch-list
1.0
OSVDB ID: 58832 Django Forms Library Multiple Field RegEx Handling DoS
1.1
OSVDB ID: 58832 Django Forms Library Multiple Field RegEx Handling DoS
1.1.2
OSVDB ID: 70160 Django django.contrib.auth Multiple Crafted Password Reset Token Remote DoS
OSVDB ID: 70159 Django django.contrib.admin Admin Interface query String Information Disclosure
1.2.3
OSVDB ID: 70160 Django django.contrib.auth Multiple Crafted Password Reset Token Remote DoS
OSVDB ID: 70159 Django django.contrib.admin Admin Interface query String Information Disclosure
1.1.3
OSVDB ID: 71000 Django File Upload Field Filename XSS
OSVDB ID: 71001 Django Session Cookie / Character Traversal Arbitrary File Access
OSVDB ID: 70999 Django X-Requested-With Header CSRF
1.2.4
OSVDB ID: 71000 Django File Upload Field Filename XSS
OSVDB ID: 71001 Django Session Cookie / Character Traversal Arbitrary File Access
OSVDB ID: 70999 Django X-Requested-With Header CSRF
1.3
OSVDB ID: 84360 Django django.forms.ImageField Class Image Dimension Handling Resource Consumption DoS
OSVDB ID: 84361 Django django.forms.ImageField Class Image Decompression Handling Memory Consumption DoS
OSVDB ID: 84359 Django Authentication Framework Multiple View Redirection Functionality data: Scheme URL XSS
OSVDB ID: 75400 Django X-Forwarded-Host HTTP Header Parsing Cache Poisoning Weakness
OSVDB ID: 75399 Django django.contrib.sessions Remote Session Information Manipulation
OSVDB ID: 86493 Django HttpRequest.get_host() Method HTTP Host Header Parsing Remote Information Disclosure
1.4
OSVDB ID: 84360 Django django.forms.ImageField Class Image Dimension Handling Resource Consumption DoS
OSVDB ID: 84361 Django django.forms.ImageField Class Image Decompression Handling Memory Consumption DoS
OSVDB ID: 84359 Django Authentication Framework Multiple View Redirection Functionality data: Scheme URL XSS
OSVDB ID: 98020 Django sessionid Session Cookie Authentication Persistence
OSVDB ID: 86493 Django HttpRequest.get_host() Method HTTP Host Header Parsing Remote Information Disclosure
1.3
1.4
1.3
1.4
1.4
1.3
1.2.6
OSVDB ID: 75400 Django X-Forwarded-Host HTTP Header Parsing Cache Poisoning Weakness
OSVDB ID: 75399 Django django.contrib.sessions Remote Session Information Manipulation
OSVDB ID: 75398 Django URLField Field URL Verification Remote DoS
OSVDB ID: 75401 Django URLField Redirect Response Parsing Local File Enumeration
1.2.7
OSVDB ID: 76811 Django HTTP Host Header DNS CNAME Record Parsing CSRF Protection Weakness
1.3
OSVDB ID: 76811 Django HTTP Host Header DNS CNAME Record Parsing CSRF Protection Weakness
OSVDB ID: 75398 Django URLField Field URL Verification Remote DoS
OSVDB ID: 75401 Django URLField Redirect Response Parsing Local File Enumeration
1.3.1
OSVDB ID: 76811 Django HTTP Host Header DNS CNAME Record Parsing CSRF Protection Weakness
1.3.5
OSVDB ID: 90407 Django Formsets Form Submission Handling Memory Consumption Remote DoS
1.4.3
OSVDB ID: 90407 Django Formsets Form Submission Handling Memory Consumption Remote DoS
1.5
OSVDB ID: 95567 Django django.contrib.auth Authentication Response Timing Account Enumeration
1.5.1
OSVDB ID: 95607 Django Password Reset Form Return Message Account Enumeration
OSVDB ID: 96327 Django django.utils.http.is_safe_url() Function URL Redirection Handling XSS
OSVDB ID: 96328 Django django.contrib.admin.widgets.AdminURLFieldWidget URLField XSS
1.5.1
1.4.5
OSVDB ID: 96327 Django django.utils.http.is_safe_url() Function URL Redirection Handling XSS
OSVDB ID: 96328 Django django.contrib.admin.widgets.AdminURLFieldWidget URLField XSS
1.6b1
OSVDB ID: 96327 Django django.utils.http.is_safe_url() Function URL Redirection Handling XSS
OSVDB ID: 96328 Django django.contrib.admin.widgets.AdminURLFieldWidget URLField XSS
1.5.1
1.4.5
1.6b1
1.4.6
OSVDB ID: 97275 Django template/defaulttags.py ALLOWED_INCLUDE_ROOTS Setting ssi Tag Handling Traversal Arbitrary File Access
1.5.2
OSVDB ID: 97275 Django template/defaulttags.py ALLOWED_INCLUDE_ROOTS Setting ssi Tag Handling Traversal Arbitrary File Access
1.6 beta 3
OSVDB ID: 97354 Django Authentication Framework Large Password Handling Remote DoS
1.5.3
OSVDB ID: 97354 Django Authentication Framework Large Password Handling Remote DoS
1.4.7
OSVDB ID: 97354 Django Authentication Framework Large Password Handling Remote DoS
1.4
0.95
OSVDB ID: 99928 Django flup Debug Mode Local Information Disclosure
1.4.8
OSVDB ID: 101643 Django django.contrib.auth Improper sensitive_post_parameters() Decorator Application Error Report Information Disclosure
1.4.7
OSVDB ID: 101643 Django django.contrib.auth Improper sensitive_post_parameters() Decorator Application Error Report Information Disclosure
1.5.1
OSVDB ID: 101659 Python Undefined __del__ Method Generator Leak Remote DoS
1.5.0
OSVDB ID: 101659 Python Undefined __del__ Method Generator Leak Remote DoS



The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use