Описание
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting."
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | released | 1.6.1-2ubuntu0.1 |
| lucid | released | 1.1.1-2ubuntu1.10 |
| precise | released | 1.3.1-4ubuntu1.9 |
| quantal | released | 1.4.1-2ubuntu0.5 |
| saucy | released | 1.5.4-1ubuntu1.1 |
| trusty | released | 1.6.1-2ubuntu0.1 |
| trusty/esm | released | 1.6.1-2ubuntu0.1 |
| upstream | released | 1.4.11,1.5.6,1.6.3 |
Показывать по
10 Critical
CVSS2
Связанные уязвимости
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting."
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting."
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressFie ...
10 Critical
CVSS2