Red Hat Security Advisory 2018-2927-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include cross site scripting, denial of service, deserialization, information leakage, and remote SQL injection vulnerabilities.
28fc612d55914841a03c100791e1a5e510f200a646c0e0c2cab3742c7ef9004f
Red Hat Security Advisory 2017-3093-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: A redirect flaw, where the is_safe_url() function did not correctly sanitize numeric-URL user input, was found in python-django. A remote attacker could exploit this flaw to perform XSS attacks against the OpenStack dashboard.
d28217e1a8006a55ab36721cf9f4c727529c8f692cd038039b0e873b660284dd
Red Hat Security Advisory 2017-1596-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. The following packages have been upgraded to a later upstream version: python-django. Security Fix: A redirect flaw, where the is_safe_url() function did not correctly sanitize numeric-URL user input, was found in python-django. A remote attacker could exploit this flaw to perform XSS attacks against the OpenStack dashboard.
d0e6a85be46c7aeefb2e61f70abc77ca2dd2e25ace97d6cacede77e48678e993
Red Hat Security Advisory 2017-1445-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: A redirect flaw, where the is_safe_url() function did not correctly sanitize numeric-URL user input, was found in python-django. A remote attacker could exploit this flaw to perform XSS attacks against the OpenStack dashboard.
ad4ca3fd49942e49f2842c91b7172c20b057eb2592c81b27f3f5b82ee1dccc02
Red Hat Security Advisory 2017-1451-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: A redirect flaw, where the is_safe_url() function did not correctly sanitize numeric-URL user input, was found in python-django. A remote attacker could exploit this flaw to perform XSS attacks against the OpenStack dashboard.
2da61be40fdc1c13cf6e5a8e420f09b72268374fea540bc91b264fb566ee06dc
Red Hat Security Advisory 2017-1470-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: A redirect flaw, where the is_safe_url() function did not correctly sanitize numeric-URL user input, was found in python-django. A remote attacker could exploit this flaw to perform XSS attacks against the OpenStack dashboard.
0dc0607dbf2fdfb7bd17e572638d802e9e2edef0aaec7d93926257b953e68596
Red Hat Security Advisory 2017-1462-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Security Fix: A redirect flaw, where the is_safe_url() function did not correctly sanitize numeric-URL user input, was found in python-django. A remote attacker could exploit this flaw to perform XSS attacks against the OpenStack dashboard.
7915fc1f53635bda45e495c729f8b6b1d0b2b39a3656cb115a6f9707b46ab156
Ubuntu Security Notice 3254-1 - It was discovered that Django incorrectly handled numeric redirect URLs. A remote attacker could possibly use this issue to perform XSS attacks, and to use a Django server as an open redirect. Phithon Gong discovered that Django incorrectly handled certain URLs when the jango.views.static.serve view is being used. A remote attacker could possibly use a Django server as an open redirect.
801ae2bcbebfea2c9051c6832ae1dc3ea158685668ddfea06d6087a5c8b1837a