FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 17:01:17 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
dc880d6c-195d-11e7-8c63-0800277dcc69django -- multiple vulnerabilities

Django team reports:

These release addresses two security issues detailed below. We encourage all users of Django to upgrade as soon as possible.

  • Open redirect and possible XSS attack via user-supplied numeric redirect URLs
  • Open redirect vulnerability in django.views.static.serve()

Discovery 2017-04-04
Entry 2017-04-04
py27-django
py33-django
py34-django
py35-django
py36-django
< 1.8.18

py27-django18
py33-django18
py34-django18
py35-django18
py36-django18
< 1.8.18

py27-django19
py33-django19
py34-django19
py35-django19
py36-django19
< 1.9.13

py27-django110
py33-django110
py34-django110
py35-django110
py36-django110
< 1.10.7

https://www.djangoproject.com/weblog/2017/apr/04/security-releases/
CVE-2017-7233
CVE-2017-7234
cb116651-79db-4c09-93a2-c38f9df46724django -- multiple vulnerabilities

The Django project reports:

Today the Django team released Django 1.10.3, Django 1.9.11, and 1.8.16. These releases addresses two security issues detailed below. We encourage all users of Django to upgrade as soon as possible.

  • User with hardcoded password created when running tests on Oracle
  • DNS rebinding vulnerability when DEBUG=True

Discovery 2016-11-01
Entry 2016-11-02
py27-django
py33-django
py34-django
py35-django
< 1.8.16

py27-django18
py33-django18
py34-django18
py35-django18
< 1.8.16

py27-django19
py33-django19
py34-django19
py35-django19
< 1.9.11

py27-django110
py33-django110
py34-django110
py35-django110
< 1.10.3

https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
CVE-2016-9013
CVE-2016-9014