PYSEC-2018-2

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2018-2.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2018-2

Aliases

CVE-2018-14574
GHSA-5hg3-6c2f-f3wr

Published

2018-08-03T17:29:00Z

Modified

2023-11-01T05:43:06.715178Z

Summary

[none]

Details

django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.

References

https://www.djangoproject.com/weblog/2018/aug/01/security-releases/
https://usn.ubuntu.com/3726-1/
http://www.securitytracker.com/id/1041403
https://www.debian.org/security/2018/dsa-4264
http://www.securityfocus.com/bid/104970
https://access.redhat.com/errata/RHSA-2019:0265
https://github.com/advisories/GHSA-5hg3-6c2f-f3wr

Affected packages

PyPI / django

Package

Name: django; View open source insights on deps.dev
Purl: pkg:pypi/django

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.0

Fixed

2.0.8

Introduced

1.11

Fixed

1.11.15

Affected versions

1.*

1.11

1.11.1

1.11.2

1.11.3

1.11.4

1.11.5

1.11.6

1.11.7

1.11.8

1.11.9

1.11.10

1.11.11

1.11.12

1.11.13

1.11.14

2.*

2.0

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5

2.0.6

2.0.7

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2018-2.yaml"