exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2019-12781

Status Candidate

Overview

An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.

Related Files

Red Hat Security Advisory 2020-4390-01
Posted Oct 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4390-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Issues addressed include denial of service, memory exhaustion, and remote SQL injection vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, sql injection, python
systems | linux, redhat
advisories | CVE-2019-12781, CVE-2019-14232, CVE-2019-14233, CVE-2019-14234, CVE-2019-14235
SHA-256 | 4cebf7d44e31c240a760ae6facd694e9856c3d52ac9e2b2f51d8b4f4f0e24ad7
Download | Favorite | View
Red Hat Security Advisory 2020-4366-01
Posted Oct 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4366-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include HTTP request smuggling, cross site scripting, denial of service, memory leak, and traversal vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, xss, memory leak
systems | linux, redhat
advisories | CVE-2018-11751, CVE-2018-3258, CVE-2019-12781, CVE-2019-16782, CVE-2020-10693, CVE-2020-10968, CVE-2020-10969, CVE-2020-11619, CVE-2020-14061, CVE-2020-14062, CVE-2020-14195, CVE-2020-14334, CVE-2020-14380, CVE-2020-5216, CVE-2020-5217, CVE-2020-5267, CVE-2020-7238, CVE-2020-7663, CVE-2020-7942, CVE-2020-7943, CVE-2020-8161, CVE-2020-8184, CVE-2020-8840, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548
SHA-256 | c691cbaa83066b8d59e5188ddbfb88ab178e4310136cd824c67d6356f9911b5b
Download | Favorite | View
Red Hat Security Advisory 2020-1324-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1324-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Issues addressed include denial of service, memory exhaustion, and remote SQL injection vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, sql injection, python
systems | linux, redhat
advisories | CVE-2019-12781, CVE-2019-14232, CVE-2019-14233, CVE-2019-14234, CVE-2019-14235
SHA-256 | 2fc65aca7c721672bcd1ad2728442682f05f53d75519f7b999663f63ac6bc6a1
Download | Favorite | View
Debian Security Advisory 4476-1
Posted Jul 8, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4476-1 - Three security issues were found in Django, a Python web development framework, which could result in denial of service, incomplete sanitization of clickable links or missing redirects of HTTP requests to HTTPS.

tags | advisory, web, denial of service, python
systems | linux, debian
advisories | CVE-2019-12308, CVE-2019-12781, CVE-2019-6975
SHA-256 | 2980e0b9827eedf44d267a77048e49db5ae44d769d25f09eef68b40f05f9b3e5
Download | Favorite | View
Ubuntu Security Notice USN-4043-1
Posted Jul 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4043-1 - It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10 and Ubuntu 19.04. Gavin Wahl discovered that Django incorrectly handled certain requests. An attacker could possibly use this issue to bypass credentials and access administrator interface. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-12308, CVE-2019-12781
SHA-256 | 9d727ca527dbc3931a26a95f493eb01a514019c9b6b3aa5f02a0adbe357ecec5
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

December 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close