django is vulnerable to man-in-the-middle attacks. HTTP requests are not redirected to HTTPS in accordance with SECURE_SSL_REDIRECT when deployed behind a reverse-proxy due to incorrect results for is_secure() and build_absolute_uri().

References

www.djangoproject.com/weblog/2019/jul/01/security-releases/

archlinux 2

debiancve 1

freebsd 1

prion 1

nvd 1

osv 8

redhatcve 1

cve 1

alpinelinux 1

github 1

openvas 9

cvelist 1

nessus 8

ubuntucve 1

ubuntu 1

fedora 3

debian 1

redhat 3

suse 2

altlinux 2

archlinux

[ASA-201907-2] python-django: silent downgrade

2019-07-06 00:00:00

[ASA-201907-3] python2-django: silent downgrade

2019-07-06 00:00:00

debiancve

CVE-2019-12781

2019-07-01 14:15:10

freebsd

Django -- Incorrect HTTP detection with reverse-proxy connecting via HTTPS

2019-07-01 00:00:00

prion

Design/Logic Flaw

2019-07-01 14:15:00

nvd

CVE-2019-12781

2019-07-01 14:15:10

osv

CVE-2019-12781

2019-07-01 14:15:10

PYSEC-2019-10

2019-07-01 14:15:00

Django Incorrect HTTP detection with reverse-proxy connecting via HTTPS

2019-07-03 20:37:25

redhatcve

CVE-2019-12781

2020-04-07 11:36:06

cve

CVE-2019-12781

2019-07-01 14:15:10

alpinelinux

CVE-2019-12781

2019-07-01 14:15:10

github

Django Incorrect HTTP detection with reverse-proxy connecting via HTTPS

2019-07-03 20:37:25

openvas

Debian: Security Advisory (DLA-1842-1)

2019-07-02 00:00:00

Django 1.11.x < 1.11.22, 2.1.x < 2.1.10, 2.2.x < 2.2.3 Insecure HTTP Handling Vulnerability - Linux

2019-07-04 00:00:00

Django 1.11.x < 1.11.22, 2.1.x < 2.1.10, 2.2.x < 2.2.3 Insecure HTTP Handling Vulnerability - Windows

2019-07-04 00:00:00

cvelist

CVE-2019-12781

2019-07-01 13:56:37

nessus

Fedora 30 : python-django (2019-d9aa58d863)

2019-07-15 00:00:00

FreeBSD : Django -- Incorrect HTTP detection with reverse-proxy connecting via HTTPS (b805d7b4-9c0c-11e9-97f0-000c29e96db4)

2019-07-02 00:00:00

Ubuntu 16.04 LTS / 18.04 LTS : Django vulnerabilities (USN-4043-1)

2019-07-02 00:00:00

ubuntucve

CVE-2019-12781

2019-07-01 00:00:00

ubuntu

Django vulnerabilities

2019-07-01 00:00:00

fedora

[SECURITY] Fedora 30 Update: python-django-2.1.10-1.fc30

2019-07-13 01:07:30

[SECURITY] Fedora 30 Update: python-django-2.1.11-1.fc30

2019-08-15 18:10:42

[SECURITY] Fedora 31 Update: python-django-2.2.13-1.fc31

2020-06-19 01:07:50

debian

[SECURITY] [DSA 4476-1] python-django security update

2019-07-05 18:03:12

redhat

(RHSA-2020:4390) Moderate: python-django security update

2020-10-28 17:42:01

(RHSA-2020:1324) Moderate: python-django security update

2020-04-06 08:39:12

(RHSA-2020:4366) Important: Satellite 6.8 release

2020-10-27 12:45:25

suse

Security update for python-Django (moderate)

2019-08-08 00:00:00

Security update for python-Django (moderate)

2019-08-14 00:00:00

altlinux

Security fix for the ALT Linux 9 package python3-module-django version 2.2.3-alt1

2019-07-15 00:00:00

Security fix for the ALT Linux 10 package python3-module-django version 2.2.3-alt1

2019-07-15 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.01

Percentile

83.5%

JSON

Related for VERACODE:20644