Описание
Django before 1.2.7 and 1.3.x before 1.3.1 uses a request's HTTP Host header to construct a full URL in certain circumstances, which allows remote attackers to conduct cache poisoning attacks via a crafted request.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.3.1-1ubuntu1 |
| hardy | ignored | end of life |
| lucid | released | 1.1.1-2ubuntu1.4 |
| maverick | released | 1.2.3-1ubuntu0.2.10.10.3 |
| natty | released | 1.2.5-1ubuntu1.1 |
| oneiric | released | 1.3-2ubuntu1.1 |
| upstream | released | 1.3.1-1 |
Показывать по
10
EPSS
Процентиль: 68%
0.00567
Низкий
5 Medium
CVSS2
Связанные уязвимости
nvd
почти 14 лет назад
Django before 1.2.7 and 1.3.x before 1.3.1 uses a request's HTTP Host header to construct a full URL in certain circumstances, which allows remote attackers to conduct cache poisoning attacks via a crafted request.
debian
почти 14 лет назад
Django before 1.2.7 and 1.3.x before 1.3.1 uses a request's HTTP Host ...
EPSS
Процентиль: 68%
0.00567
Низкий
5 Medium
CVSS2