Lucene search
RedhatCVE-2013-0306HistoryMay 02, 2013 - 2:55 p.m.
CVE-2013-0306
2013-05-0214:55:05
CWE-189
redhat
web.nvd.nist.gov
64
cve-2013-0306
django
form library
remote attackers
resource limits
denial of service
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.5
Confidence
Low
EPSS
0.009
Percentile
82.9%
The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service (memory consumption) or trigger server errors via a modified max_num parameter.
Affected configurations
Node
djangoprojectdjangoMatch1.3
ORdjangoprojectdjangoMatch1.3alpha1
ORdjangoprojectdjangoMatch1.3beta1
ORdjangoprojectdjangoMatch1.3.1
ORdjangoprojectdjangoMatch1.3.2
ORdjangoprojectdjangoMatch1.3.3
Node
djangoprojectdjangoMatch1.4
ORdjangoprojectdjangoMatch1.4alpha
ORdjangoprojectdjangoMatch1.4beta
ORdjangoprojectdjangoMatch1.4.1
ORdjangoprojectdjangoMatch1.4.2
Node
djangoprojectdjangoMatch1.5alpha
ORdjangoprojectdjangoMatch1.5beta
Node
canonicalubuntu_linuxMatch10.04-lts
ORcanonicalubuntu_linuxMatch11.10
ORcanonicalubuntu_linuxMatch12.04-lts
ORcanonicalubuntu_linuxMatch12.10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| djangoproject | django | 1.3 | cpe:/a:djangoproject:django:1.3::: |
| djangoproject | django | 1.3 | cpe:/a:djangoproject:django:1.3:alpha1:: |
| djangoproject | django | 1.3.2 | cpe:/a:djangoproject:django:1.3.2::: |
| djangoproject | django | 1.3.1 | cpe:/a:djangoproject:django:1.3.1::: |
| djangoproject | django | 1.3 | cpe:/a:djangoproject:django:1.3:beta1:: |
| djangoproject | django | 1.3.3 | cpe:/a:djangoproject:django:1.3.3::: |
Related
gitlab
gitlab
Django is vulnerable to Denial of Service attack in formset
2022-05-05 00:00:00
debiancve
debiancve
CVE-2013-0306
2013-05-02 14:55:05
github
github
Django is vulnerable to Denial of Service attack in formset
2022-05-05 02:48:45
osv
osv
PYSEC-2013-17
2013-05-02 14:55:00
Django is vulnerable to Denial of Service attack in formset
2022-05-05 02:48:45
python-django - several vulnerabilities
2013-02-27 00:00:00
prion
prion
Design/Logic Flaw
2013-05-02 14:55:00
nvd
nvd
CVE-2013-0306
2013-05-02 14:55:05
cvelist
cvelist
CVE-2013-0306
2013-05-02 14:00:00
ubuntucve
ubuntucve
CVE-2013-0306
2013-02-20 00:00:00
openvas
openvas
Fedora Update for python-django FEDORA-2013-2843
2013-03-15 00:00:00
Fedora Update for python-django FEDORA-2013-2843
2013-03-15 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: python-django-1.4.5-2.fc18
2013-03-12 08:49:59
[SECURITY] Fedora 17 Update: Django-1.4.5-1.fc17
2013-03-12 08:54:04
nessus
nessus
Fedora 18 : python-django-1.4.5-2.fc18 (2013-2843)
2013-03-13 00:00:00
Fedora 17 : Django-1.4.5-1.fc17 (2013-2874)
2013-03-13 00:00:00
Debian DSA-2634-1 : python-django - several vulnerabilities
2013-02-27 00:00:00
seebug
seebug
Django 1.3/1.4 ćçťćĺĄĺ俥ćŻćłé˛ćźć´
2013-02-22 00:00:00
debian
debian
[SECURITY] [DSA 2634-1] python-django security update
2013-02-26 23:58:40
securityvulns
securityvulns
[SECURITY] [DSA 2634-1] python-django security update
2013-03-03 00:00:00
freebsd
freebsd
django -- multiple vulnerabilities
2013-02-21 00:00:00
redhat
redhat
(RHSA-2013:0670) Moderate: Django security update
2013-03-21 00:00:00
ubuntu
ubuntu
Django vulnerabilities
2013-03-07 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.5
Confidence
Low
EPSS
0.009
Percentile
82.9%
Related for CVE-2013-0306