Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-3443HistoryJul 31, 2012 - 5:55 p.m.
CVE-2012-3443
2012-07-3117:55:04
Debian Security Bug Tracker
security-tracker.debian.org
16
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.021
Percentile
89.1%
The django.forms.ImageField class in the form system in Django before 1.3.2 and 1.4.x before 1.4.1 completely decompresses image data during image validation, which allows remote attackers to cause a denial of service (memory consumption) by uploading an image file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | python-django | <Β 1.4.1-1 | python-django_1.4.1-1_all.deb |
| Debian | 11 | all | python-django | <Β 1.4.1-1 | python-django_1.4.1-1_all.deb |
| Debian | 999 | all | python-django | <Β 1.4.1-1 | python-django_1.4.1-1_all.deb |
| Debian | 13 | all | python-django | <Β 1.4.1-1 | python-django_1.4.1-1_all.deb |
Related
prion
prion
Design/Logic Flaw
2012-07-31 17:55:00
nvd
nvd
CVE-2012-3443
2012-07-31 17:55:04
gitlab
gitlab
Improper Input Validation
2022-05-17 00:00:00
cvelist
cvelist
CVE-2012-3443
2012-07-31 17:00:00
osv
osv
PYSEC-2012-3
2012-07-31 17:55:00
Django Image Field Vulnerable to Image Decompression Bombs
2022-05-17 05:12:01
python-django - several
2012-08-14 00:00:00
ubuntucve
ubuntucve
CVE-2012-3443
2012-07-31 00:00:00
github
github
Django Image Field Vulnerable to Image Decompression Bombs
2022-05-17 05:12:01
cve
cve
CVE-2012-3443
2012-07-31 17:55:04
nessus
nessus
Fedora 17 : Django-1.4.1-1.fc17 (2012-11415)
2012-08-13 00:00:00
Mandriva Linux Security Advisory : python-django (MDVSA-2012:143)
2012-09-06 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2529-1)
2013-09-18 00:00:00
Fedora Update for Django FEDORA-2012-11416
2012-08-14 00:00:00
Ubuntu: Security Advisory (USN-1560-1)
2012-09-11 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: Django-1.4.1-1.fc17
2012-08-10 22:27:19
[SECURITY] Fedora 17 Update: Django-1.4.3-1.fc17
2012-12-20 03:20:48
[SECURITY] Fedora 16 Update: Django-1.3.2-1.fc16
2012-08-10 22:34:03
debian
debian
[SECURITY] [DSA 2529-1] python-django security update
2012-08-14 20:05:21
securityvulns
securityvulns
[ MDVSA-2012:143 ] python-django
2012-09-03 00:00:00
seebug
seebug
Djangoθ·¨η«θζ¬ζ§θ‘εδΈ€δΈͺζη»ζε‘ζΌζ΄
2012-08-03 00:00:00
ubuntu
ubuntu
Django vulnerabilities
2012-09-10 00:00:00
freebsd
freebsd
django -- multiple vulnerabilities
2012-07-30 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.021
Percentile
89.1%
Related for DEBIANCVE:CVE-2012-3443