Описание
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting."
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | 1.6.1-2ubuntu0.1 |
| lucid | released | 1.1.1-2ubuntu1.10 |
| precise | released | 1.3.1-4ubuntu1.9 |
| quantal | released | 1.4.1-2ubuntu0.5 |
| saucy | released | 1.5.4-1ubuntu1.1 |
| trusty | released | 1.6.1-2ubuntu0.1 |
| trusty/esm | not-affected | 1.6.1-2ubuntu0.1 |
| upstream | released | 1.4.11,1.5.6,1.6.3 |
Показывать по
EPSS
10 Critical
CVSS2
Связанные уязвимости
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting."
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting."
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressFie ...
EPSS
10 Critical
CVSS2