Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2013-4315

Опубликовано: 16 сент. 2013
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5

Описание

Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting followed by a .. (dot dot) in a ssi template tag.

РелизСтатусПримечание
devel

not-affected

1.5.4-1
lucid

released

1.1.1-2ubuntu1.9
precise

released

1.3.1-4ubuntu1.8
quantal

released

1.4.1-2ubuntu0.4
raring

released

1.4.5-1ubuntu0.1
upstream

released

1.5.3-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 76%
0.00983
Низкий

5 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2013-4315

redhat
больше 12 лет назад

Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting followed by a .. (dot dot) in a ssi template tag.

nvd логотип

CVE-2013-4315

nvd
около 12 лет назад

Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_ROOTS setting followed by a .. (dot dot) in a ssi template tag.

debian логотип

CVE-2013-4315

debian
около 12 лет назад

Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x ...

github логотип

GHSA-vjjp-9r83-22rc

CVSS3: 8.6
github
больше 3 лет назад

Django Directory Traversal via ssi template tag

EPSS

Процентиль: 76%
0.00983
Низкий

5 Medium

CVSS2