Red Hat Security Advisory 2021-5070-02 - An update for python-django20 is now available for Red Hat OpenStack Platform 16.1 (Train). Issues addressed include local file inclusion, remote file inclusion, server-side request forgery, and traversal vulnerabilities.
ffda29beeea0e12945c6104476712c3a616df43c26b412c9ebce4eee73c3f2a8Red Hat Security Advisory 2021-4702-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include XML injection, code execution, denial of service, information leakage, local file inclusion, man-in-the-middle, memory leak, open redirection, password leak, remote file inclusion, remote shell upload, and traversal vulnerabilities.
8add47f95e7029cc9b29e159ddcedaf8b823cd7f438afa063e0aa09ebed5c91aRed Hat Security Advisory 2021-3490-01 - An update for python-django20 is now available for Red Hat OpenStack Platform 16.2 (Train). Issues addressed include local file inclusion, remote file inclusion, server-side request forgery, and traversal vulnerabilities.
7acd802c838e14356fda2dd84f235e3bbe000e4229b9386b3483399a41ad00f5Ubuntu Security Notice 4975-1 - It was discovered that the Django URLValidator function incorrectly handled newlines and tabs. A remote attacker could possibly use this issue to perform a header injection attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Rasmus Lerchedahl Petersen and Rasmus Wriedt Larsen discovered that Django incorrectly handled path sanitation in admindocs. A remote attacker could possibly use this issue to determine the existence of arbitrary files and in certain configurations obtain their contents. Various other issues were also addressed.
23dda5ba935125c5afba517c657a63caaeaad0e6c1d85a6b3a1006d40d42023b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed