Lucene search
RedHatRHSA-2017:1445HistoryJun 14, 2017 - 3:00 p.m.
(RHSA-2017:1445) Moderate: python-django security update
2017-06-1415:00:25
access.redhat.com
16
0.004 Low
EPSS
Percentile
72.6%
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don’t Repeat Yourself) principle.
Security Fix(es):
- A redirect flaw, where the is_safe_url() function did not correctly sanitize numeric-URL user input, was found in python-django. A remote attacker could exploit this flaw to perform XSS attacks against the OpenStack dashboard. (CVE-2017-7233)
Red Hat would like to thank the Django project for reporting this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | noarch | python-django-doc | < 1.6.11-7.el7ost | python-django-doc-1.6.11-7.el7ost.noarch.rpm |
| RedHat | 7 | noarch | python-django-bash-completion | < 1.6.11-7.el7ost | python-django-bash-completion-1.6.11-7.el7ost.noarch.rpm |
| RedHat | 7 | noarch | python-django | < 1.6.11-7.el7ost | python-django-1.6.11-7.el7ost.noarch.rpm |
Related
nvd
nvd
CVE-2017-7233
2017-04-04 17:59:00
redhat
redhat
(RHSA-2017:1451) Moderate: python-django security update
2017-06-14 15:02:31
(RHSA-2017:3093) Moderate: python-django security update
2017-10-31 17:11:39
(RHSA-2017:1470) Moderate: python-django security update
2017-06-14 15:06:01
nessus
nessus
Fedora 26 : python-django (2017-f997e46fa7)
2017-07-17 00:00:00
Fedora 25 : python-django (2017-c0ef6054d7)
2017-04-24 00:00:00
RHEL 7 : python-django (RHSA-2017:3093)
2024-04-27 00:00:00
ubuntucve
ubuntucve
CVE-2017-7233
2017-04-04 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: python-django-1.9.13-1.fc25
2017-04-22 09:23:38
[SECURITY] Fedora 26 Update: python-django-1.10.7-1.fc26
2017-04-21 14:30:34
osv
osv
PYSEC-2017-9
2017-04-04 17:59:00
CVE-2017-7233
2017-04-04 17:59:00
cvelist
cvelist
CVE-2017-7233
2017-04-04 17:00:00
github
github
debiancve
debiancve
CVE-2017-7233
2017-04-04 17:59:00
seebug
seebug
openvas
openvas
Fedora Update for python-django FEDORA-2017-c0ef6054d7
2017-04-23 00:00:00
Debian: Security Advisory (DLA-885-1)
2018-01-16 00:00:00
Ubuntu: Security Advisory (USN-3254-1)
2017-04-05 00:00:00
prion
prion
Open redirect
2017-04-04 17:59:00
myhack58
myhack58
veracode
veracode
Open Redirect And Cross-site Scripting (XSS)
2017-04-05 07:22:14
Open Redirect And Cross-site Scripting (XSS)
2019-01-15 09:17:30
alpinelinux
alpinelinux
CVE-2017-7233
2017-04-04 17:59:00
cve
cve
CVE-2017-7233
2017-04-04 17:59:00
debian
debian
[SECURITY] [DLA 885-1] python-django security update
2017-04-05 09:07:04
[SECURITY] [DSA 3835-1] python-django security update
2017-04-26 20:05:26
[SECURITY] [DSA 3835-1] python-django security update
2017-04-26 20:05:26
archlinux
archlinux
[ASA-201704-2] python-django: multiple issues
2017-04-06 00:00:00
[ASA-201704-1] python2-django: multiple issues
2017-04-06 00:00:00
mageia
mageia
Updated python-django packages fix security vulnerability
2017-04-14 22:40:32
freebsd
freebsd
django -- multiple vulnerabilities
2017-04-04 00:00:00
ubuntu
ubuntu
Django vulnerabilities
2017-04-04 00:00:00
altlinux
altlinux