exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2019-12781

Status Candidate

Overview

An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP.

Related Files

Red Hat Security Advisory 2020-4390-01
Posted Oct 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4390-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Issues addressed include denial of service, memory exhaustion, and remote SQL injection vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, sql injection, python
systems | linux, redhat
advisories | CVE-2019-12781, CVE-2019-14232, CVE-2019-14233, CVE-2019-14234, CVE-2019-14235
SHA-256 | 4cebf7d44e31c240a760ae6facd694e9856c3d52ac9e2b2f51d8b4f4f0e24ad7
Download | Favorite | View
Red Hat Security Advisory 2020-4366-01
Posted Oct 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4366-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include HTTP request smuggling, cross site scripting, denial of service, memory leak, and traversal vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, xss, memory leak
systems | linux, redhat
advisories | CVE-2018-11751, CVE-2018-3258, CVE-2019-12781, CVE-2019-16782, CVE-2020-10693, CVE-2020-10968, CVE-2020-10969, CVE-2020-11619, CVE-2020-14061, CVE-2020-14062, CVE-2020-14195, CVE-2020-14334, CVE-2020-14380, CVE-2020-5216, CVE-2020-5217, CVE-2020-5267, CVE-2020-7238, CVE-2020-7663, CVE-2020-7942, CVE-2020-7943, CVE-2020-8161, CVE-2020-8184, CVE-2020-8840, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548
SHA-256 | c691cbaa83066b8d59e5188ddbfb88ab178e4310136cd824c67d6356f9911b5b
Download | Favorite | View
Red Hat Security Advisory 2020-1324-01
Posted Apr 6, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1324-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Issues addressed include denial of service, memory exhaustion, and remote SQL injection vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, sql injection, python
systems | linux, redhat
advisories | CVE-2019-12781, CVE-2019-14232, CVE-2019-14233, CVE-2019-14234, CVE-2019-14235
SHA-256 | 2fc65aca7c721672bcd1ad2728442682f05f53d75519f7b999663f63ac6bc6a1
Download | Favorite | View
Debian Security Advisory 4476-1
Posted Jul 8, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4476-1 - Three security issues were found in Django, a Python web development framework, which could result in denial of service, incomplete sanitization of clickable links or missing redirects of HTTP requests to HTTPS.

tags | advisory, web, denial of service, python
systems | linux, debian
advisories | CVE-2019-12308, CVE-2019-12781, CVE-2019-6975
SHA-256 | 2980e0b9827eedf44d267a77048e49db5ae44d769d25f09eef68b40f05f9b3e5
Download | Favorite | View
Ubuntu Security Notice USN-4043-1
Posted Jul 1, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4043-1 - It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10 and Ubuntu 19.04. Gavin Wahl discovered that Django incorrectly handled certain requests. An attacker could possibly use this issue to bypass credentials and access administrator interface. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-12308, CVE-2019-12781
SHA-256 | 9d727ca527dbc3931a26a95f493eb01a514019c9b6b3aa5f02a0adbe357ecec5
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    0 Files
  • 10
    May 10th
    0 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close