Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-0219HistoryJan 16, 2015 - 4:59 p.m.
CVE-2015-0219
2015-01-1616:59:18
Debian Security Bug Tracker
security-tracker.debian.org
39
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
0.008
Percentile
82.2%
Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X-Auth_User header.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | python-django | < 1.7.1-1.1 | python-django_1.7.1-1.1_all.deb |
| Debian | 11 | all | python-django | < 1.7.1-1.1 | python-django_1.7.1-1.1_all.deb |
| Debian | 999 | all | python-django | < 1.7.1-1.1 | python-django_1.7.1-1.1_all.deb |
| Debian | 13 | all | python-django | < 1.7.1-1.1 | python-django_1.7.1-1.1_all.deb |
Related
osv
osv
PYSEC-2015-4
2015-01-16 16:59:00
python-bjoern-1.4.2-1.23 on GA media
2024-06-15 00:00:00
Django WSGI Header Spoofing Vulnerability
2022-05-17 03:20:54
cve
cve
CVE-2015-0219
2015-01-16 16:59:18
cvelist
cvelist
CVE-2015-0219
2015-01-16 16:00:00
nvd
nvd
CVE-2015-0219
2015-01-16 16:59:18
github
github
Django WSGI Header Spoofing Vulnerability
2022-05-17 03:20:54
ubuntucve
ubuntucve
CVE-2015-0219
2015-01-13 00:00:00
prion
prion
Design/Logic Flaw
2015-01-16 16:59:00
debian
debian
[SECURITY] [DSA 3151-1] python-django security update
2015-02-03 06:08:47
[SECURITY] [DSA 3151-1] python-django security update
2015-02-03 06:08:47
[SECURITY] [DLA 143-1] python-django security update
2015-01-29 11:15:16
nessus
nessus
Fedora 20 : python-django-1.6.10-1.fc20 (2015-0790)
2015-01-27 00:00:00
Debian DSA-3151-1 : python-django - security update
2015-02-03 00:00:00
Mandriva Linux Security Advisory : python-django (MDVSA-2015:036)
2015-02-09 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3151-1)
2015-02-02 00:00:00
Debian: Security Advisory (DLA-143-1)
2023-03-08 00:00:00
Debian Security Advisory DSA 3151-1 (python-django - security update)
2015-02-03 00:00:00
securityvulns
securityvulns
[ MDVSA-2015:036 ] python-django
2015-02-23 00:00:00
[USN-2469-1] Django vulnerabilities
2015-01-19 00:00:00
ubuntu
ubuntu
Django vulnerabilities
2015-01-13 00:00:00
Django regression
2015-02-04 00:00:00
freebsd
freebsd
django -- multiple vulnerabilities
2015-01-13 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: python-django-1.6.10-1.fc21
2015-01-26 02:32:42
[SECURITY] Fedora 20 Update: python-django14-1.4.18-1.fc20
2015-01-27 03:00:28
[SECURITY] Fedora 20 Update: python-django-1.6.10-1.fc20
2015-01-27 03:06:04
mageia
mageia
Updated python-django and python-django14 packages fix security vulnerabilities
2015-01-18 01:31:08
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
0.008
Percentile
82.2%
Related for DEBIANCVE:CVE-2015-0219