From a46742e738b91f79dd7b2e6ecba6dd1604e14d05 Mon Sep 17 00:00:00 2001 From: Tim Graham Date: Mon, 26 Sep 2016 15:37:08 -0400 Subject: [PATCH] Added a CVE role for Sphinx. --- docs/_ext/cve_role.py | 27 +++ docs/conf.py | 4 +- docs/releases/security.txt | 428 ++++++++++++++++++++----------------- 3 files changed, 258 insertions(+), 201 deletions(-) create mode 100644 docs/_ext/cve_role.py diff --git a/docs/_ext/cve_role.py b/docs/_ext/cve_role.py new file mode 100644 index 0000000000..254d3e679f --- /dev/null +++ b/docs/_ext/cve_role.py @@ -0,0 +1,27 @@ +""" +An interpreted text role to link docs to CVE issues. To use: :cve:`XXXXX` +""" +from docutils import nodes, utils +from docutils.parsers.rst import roles + + +def cve_role(name, rawtext, text, lineno, inliner, options=None, content=None): + if options is None: + options = {} + + url_pattern = inliner.document.settings.env.app.config.cve_url + if url_pattern is None: + msg = inliner.reporter.warning("cve not configured: please configure cve_url in conf.py") + prb = inliner.problematic(rawtext, rawtext, msg) + return [prb], [msg] + + url = url_pattern % text + roles.set_classes(options) + node = nodes.reference(rawtext, utils.unescape('CVE-%s' % text), refuri=url, **options) + return [node], [] + + +def setup(app): + app.add_config_value('cve_url', None, 'env') + app.add_role('cve', cve_role) + return {'parallel_read_safe': True} diff --git a/docs/conf.py b/docs/conf.py index 5cb5734f36..f25ea37158 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -45,6 +45,7 @@ extensions = [ "sphinx.ext.intersphinx", "sphinx.ext.viewcode", "ticket_role", + "cve_role", ] # Spelling check needs an additional module that is not installed by default. @@ -376,5 +377,6 @@ epub_cover = ('', 'epub-cover.html') # If false, no index is generated. # epub_use_index = True -# -- ticket options ------------------------------------------------------------ +# -- custom extension options -------------------------------------------------- +cve_url = 'https://web.nvd.nist.gov/view/vuln/detail?vulnId=%s' ticket_url = 'https://code.djangoproject.com/ticket/%s' diff --git a/docs/releases/security.txt b/docs/releases/security.txt index 509ef7f244..8a9d73de36 100644 --- a/docs/releases/security.txt +++ b/docs/releases/security.txt @@ -37,10 +37,11 @@ Some security issues were handled before Django had a formalized security process in use. For these, new releases may not have been issued at the time and CVEs may not have been assigned. -August 16, 2006 - CVE-2007-0404 -------------------------------- +August 16, 2006 - :cve:`2007-0404` +---------------------------------- -`CVE-2007-0404 `_: Filename validation issue in translation framework. `Full description `__ +Filename validation issue in translation framework. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -49,10 +50,11 @@ Versions affected * Django 0.91 `(patch) `__ * Django 0.95 `(patch) `__ (released January 21 2007) -January 21, 2007 - CVE-2007-0405 --------------------------------- +January 21, 2007 - :cve:`2007-0405` +----------------------------------- -`CVE-2007-0405 `_: Apparent "caching" of authenticated user. `Full description `__ +Apparent "caching" of authenticated user. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -65,10 +67,11 @@ Issues under Django's security process All other security issues have been handled under versions of Django's security process. These are listed below. -October 26, 2007 - CVE-2007-5712 --------------------------------- +October 26, 2007 - :cve:`2007-5712` +----------------------------------- -`CVE-2007-5712 `_: Denial-of-service via arbitrarily-large ``Accept-Language`` header. `Full description `__ +Denial-of-service via arbitrarily-large ``Accept-Language`` header. `Full +description `__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -77,10 +80,11 @@ Versions affected * Django 0.95 `(patch) `__ * Django 0.96 `(patch) `__ -May 14, 2008 - CVE-2008-2302 ----------------------------- +May 14, 2008 - :cve:`2008-2302` +------------------------------- -`CVE-2008-2302 `_: XSS via admin login redirect. `Full description `__ +XSS via admin login redirect. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -89,10 +93,11 @@ Versions affected * Django 0.95 `(patch) `__ * Django 0.96 `(patch) `__ -September 2, 2008 - CVE-2008-3909 ---------------------------------- +September 2, 2008 - :cve:`2008-3909` +------------------------------------ -`CVE-2008-3909 `_: CSRF via preservation of POST data during admin login. `Full description `__ +CSRF via preservation of POST data during admin login. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -101,10 +106,11 @@ Versions affected * Django 0.95 `(patch) `__ * Django 0.96 `(patch) `__ -July 28, 2009 - CVE-2009-2659 ------------------------------ +July 28, 2009 - :cve:`2009-2659` +-------------------------------- -`CVE-2009-2659 `_: Directory-traversal in development server media handler. `Full description `__ +Directory-traversal in development server media handler. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -112,10 +118,11 @@ Versions affected * Django 0.96 `(patch) `__ * Django 1.0 `(patch) `__ -October 9, 2009 - CVE-2009-3965 -------------------------------- +October 9, 2009 - :cve:`2009-3965` +---------------------------------- -`CVE-2009-3965 `_: Denial-of-service via pathological regular expression performance. `Full description `__ +Denial-of-service via pathological regular expression performance. `Full +description `__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -123,20 +130,22 @@ Versions affected * Django 1.0 `(patch) `__ * Django 1.1 `(patch) `__ -September 8, 2010 - CVE-2010-3082 ---------------------------------- +September 8, 2010 - :cve:`2010-3082` +------------------------------------ -`CVE-2010-3082 `_: XSS via trusting unsafe cookie value. `Full description `__ +XSS via trusting unsafe cookie value. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ * Django 1.2 `(patch) `__ -December 22, 2010 - CVE-2010-4534 ---------------------------------- +December 22, 2010 - :cve:`2010-4534` +------------------------------------ -`CVE-2010-4534 `_: Information leakage in administrative interface. `Full description `__ +Information leakage in administrative interface. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -144,10 +153,11 @@ Versions affected * Django 1.1 `(patch) `__ * Django 1.2 `(patch) `__ -December 22, 2010 - CVE-2010-4535 ---------------------------------- +December 22, 2010 - :cve:`2010-4535` +------------------------------------ -`CVE-2010-4535 `_: Denial-of-service in password-reset mechanism. `Full description `__ +Denial-of-service in password-reset mechanism. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -155,10 +165,11 @@ Versions affected * Django 1.1 `(patch) `__ * Django 1.2 `(patch) `__ -February 8, 2011 - CVE-2011-0696 --------------------------------- +February 8, 2011 - :cve:`2011-0696` +----------------------------------- -`CVE-2011-0696 `_: CSRF via forged HTTP headers. `Full description `__ +CSRF via forged HTTP headers. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -166,10 +177,11 @@ Versions affected * Django 1.1 `(patch) `__ * Django 1.2 `(patch) `__ -February 8, 2011 - CVE-2011-0697 --------------------------------- +February 8, 2011 - :cve:`2011-0697` +----------------------------------- -`CVE-2011-0697 `_: XSS via unsanitized names of uploaded files. `Full description `__ +XSS via unsanitized names of uploaded files. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -177,10 +189,11 @@ Versions affected * Django 1.1 `(patch) `__ * Django 1.2 `(patch) `__ -February 8, 2011 - CVE-2011-0698 --------------------------------- +February 8, 2011 - :cve:`2011-0698` +----------------------------------- -`CVE-2011-0698 `_: Directory-traversal on Windows via incorrect path-separator handling. `Full description `__ +Directory-traversal on Windows via incorrect path-separator handling. `Full +description `__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -188,10 +201,11 @@ Versions affected * Django 1.1 `(patch) `__ * Django 1.2 `(patch) `__ -September 9, 2011 - CVE-2011-4136 ---------------------------------- +September 9, 2011 - :cve:`2011-4136` +------------------------------------ -`CVE-2011-4136 `_: Session manipulation when using memory-cache-backed session. `Full description `__ +Session manipulation when using memory-cache-backed session. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -199,10 +213,11 @@ Versions affected * Django 1.2 `(patch) `__ * Django 1.3 `(patch) `__ -September 9, 2011 - CVE-2011-4137 ---------------------------------- +September 9, 2011 - :cve:`2011-4137` +------------------------------------ -`CVE-2011-4137 `_: Denial-of-service via ``URLField.verify_exists``. `Full description `__ +Denial-of-service via ``URLField.verify_exists``. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -210,10 +225,12 @@ Versions affected * Django 1.2 `(patch) `__ * Django 1.3 `(patch) `__ -September 9, 2011 - CVE-2011-4138 ---------------------------------- +September 9, 2011 - :cve:`2011-4138` +------------------------------------ -`CVE-2011-4138 `_: Information leakage/arbitrary request issuance via ``URLField.verify_exists``. `Full description `__ +Information leakage/arbitrary request issuance via ``URLField.verify_exists``. +`Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -221,10 +238,11 @@ Versions affected * Django 1.2: `(patch) `__ * Django 1.3: `(patch) `__ -September 9, 2011 - CVE-2011-4139 ---------------------------------- +September 9, 2011 - :cve:`2011-4139` +------------------------------------ -`CVE-2011-4139 `_: ``Host`` header cache poisoning. `Full description `__ +``Host`` header cache poisoning. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -232,10 +250,11 @@ Versions affected * Django 1.2 `(patch) `__ * Django 1.3 `(patch) `__ -September 9, 2011 - CVE-2011-4140 ---------------------------------- +September 9, 2011 - :cve:`2011-4140` +------------------------------------ -`CVE-2011-4140 `_: Potential CSRF via ``Host`` header. `Full description `__ +Potential CSRF via ``Host`` header. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -245,10 +264,11 @@ This notification was an advisory only, so no patches were issued. * Django 1.2 * Django 1.3 -July 30, 2012 - CVE-2012-3442 ------------------------------ +July 30, 2012 - :cve:`2012-3442` +-------------------------------- -`CVE-2012-3442 `_: XSS via failure to validate redirect scheme. `Full description `__ +XSS via failure to validate redirect scheme. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -256,10 +276,11 @@ Versions affected * Django 1.3: `(patch) `__ * Django 1.4: `(patch) `__ -July 30, 2012 - CVE-2012-3443 ------------------------------ +July 30, 2012 - :cve:`2012-3443` +-------------------------------- -`CVE-2012-3443 `_: Denial-of-service via compressed image files. `Full description `__ +Denial-of-service via compressed image files. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -267,10 +288,11 @@ Versions affected * Django 1.3: `(patch) `__ * Django 1.4: `(patch) `__ -July 30, 2012 - CVE-2012-3444 ------------------------------ +July 30, 2012 - :cve:`2012-3444` +-------------------------------- -`CVE-2012-3444 `_: Denial-of-service via large image files. `Full description `__ +Denial-of-service via large image files. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -278,10 +300,11 @@ Versions affected * Django 1.3 `(patch) `__ * Django 1.4 `(patch) `__ -October 17, 2012 - CVE-2012-4520 --------------------------------- +October 17, 2012 - :cve:`2012-4520` +----------------------------------- -`CVE-2012-4520 `_: ``Host`` header poisoning. `Full description `__ +``Host`` header poisoning. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -292,7 +315,8 @@ Versions affected December 10, 2012 - No CVE 1 ---------------------------- -Additional hardening of ``Host`` header handling. `Full description `__ +Additional hardening of ``Host`` header handling. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -303,7 +327,8 @@ Versions affected December 10, 2012 - No CVE 2 ---------------------------- -Additional hardening of redirect validation. `Full description `__ +Additional hardening of redirect validation. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -314,7 +339,8 @@ Versions affected February 19, 2013 - No CVE -------------------------- -Additional hardening of ``Host`` header handling. `Full description `__ +Additional hardening of ``Host`` header handling. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -322,10 +348,11 @@ Versions affected * Django 1.3 `(patch) `__ * Django 1.4 `(patch) `__ -February 19, 2013 - CVE-2013-1664/1665 --------------------------------------- +February 19, 2013 - :cve:`2013-1664` / :cve:`2013-1665` +------------------------------------------------------- -`CVE-2013-1664 `_ and `CVE-2013-1665 `_: Entity-based attacks against Python XML libraries. `Full description `__ +Entity-based attacks against Python XML libraries. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -333,10 +360,11 @@ Versions affected * Django 1.3 `(patch) `__ * Django 1.4 `(patch) `__ -February 19, 2013 - CVE-2013-0305 ---------------------------------- +February 19, 2013 - :cve:`2013-0305` +------------------------------------ -`CVE-2013-0305 `_: Information leakage via admin history log. `Full description `__ +Information leakage via admin history log. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -344,10 +372,11 @@ Versions affected * Django 1.3 `(patch) `__ * Django 1.4 `(patch) `__ -February 19, 2013 - CVE-2013-0306 ---------------------------------- +February 19, 2013 - :cve:`2013-0306` +------------------------------------ -`CVE-2013-0306 `_: Denial-of-service via formset ``max_num`` bypass. `Full description `__ +Denial-of-service via formset ``max_num`` bypass. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -355,20 +384,22 @@ Versions affected * Django 1.3 `(patch) `__ * Django 1.4 `(patch) `__ -August 13, 2013 - CVE-2013-4249 -------------------------------- +August 13, 2013 - :cve:`2013-4249` +---------------------------------- -`CVE-2013-4249 `_: XSS via admin trusting ``URLField`` values. `Full description `__ +XSS via admin trusting ``URLField`` values. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ * Django 1.5 `(patch) `__ -August 13, 2013 - CVE-2013-6044 -------------------------------- +August 13, 2013 - :cve:`2013-6044` +---------------------------------- -`CVE-2013-6044 `_: Possible XSS via unvalidated URL redirect schemes. `Full description `__ +Possible XSS via unvalidated URL redirect schemes. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -376,10 +407,11 @@ Versions affected * Django 1.4 `(patch) `__ * Django 1.5 `(patch) `__ -September 10, 2013 - CVE-2013-4315 ----------------------------------- +September 10, 2013 - :cve:`2013-4315` +------------------------------------- -`CVE-2013-4315 `_ Directory-traversal via ``ssi`` template tag. `Full description `__ +Directory-traversal via ``ssi`` template tag. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -387,10 +419,11 @@ Versions affected * Django 1.4 `(patch) `__ * Django 1.5 `(patch) `__ -September 14, 2013 - CVE-2013-1443 ----------------------------------- +September 14, 2013 - :cve:`2013-1443` +------------------------------------- -CVE-2013-1443: Denial-of-service via large passwords. `Full description `__ +Denial-of-service via large passwords. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -398,10 +431,11 @@ Versions affected * Django 1.4 `(patch `__ and `Python compatibility fix) `__ * Django 1.5 `(patch) `__ -April 21, 2014 - CVE-2014-0472 ------------------------------- +April 21, 2014 - :cve:`2014-0472` +--------------------------------- -`CVE-2014-0472 `_: Unexpected code execution using ``reverse()``. `Full description `__ +Unexpected code execution using ``reverse()``. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -411,10 +445,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -April 21, 2014 - CVE-2014-0473 ------------------------------- +April 21, 2014 - :cve:`2014-0473` +--------------------------------- -`CVE-2014-0473 `_: Caching of anonymous pages could reveal CSRF token. `Full description `__ +Caching of anonymous pages could reveal CSRF token. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -424,10 +459,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -April 21, 2014 - CVE-2014-0474 ------------------------------- +April 21, 2014 - :cve:`2014-0474` +--------------------------------- -`CVE-2014-0474 `_: MySQL typecasting causes unexpected query results. `Full description `__ +MySQL typecasting causes unexpected query results. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -437,10 +473,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -May 18, 2014 - CVE-2014-1418 ----------------------------- +May 18, 2014 - :cve:`2014-1418` +------------------------------- -`CVE-2014-1418 `_: Caches may be allowed to store and serve private data. `Full description `__ +Caches may be allowed to store and serve private data. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -450,10 +487,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -May 18, 2014 - CVE-2014-3730 ----------------------------- +May 18, 2014 - :cve:`2014-3730` +------------------------------- -`CVE-2014-3730 `_: Malformed URLs from user input incorrectly validated. `Full description `__ +Malformed URLs from user input incorrectly validated. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -463,10 +501,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -August 20, 2014 - CVE-2014-0480 -------------------------------- +August 20, 2014 - :cve:`2014-0480` +---------------------------------- -`CVE-2014-0480 `_: reverse() can generate URLs pointing to other hosts. `Full description `__ +``reverse()`` can generate URLs pointing to other hosts. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -476,10 +515,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -August 20, 2014 - CVE-2014-0481 -------------------------------- +August 20, 2014 - :cve:`2014-0481` +---------------------------------- -`CVE-2014-0481 `_: File upload denial of service. `Full description `__ +File upload denial of service. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -489,10 +529,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -August 20, 2014 - CVE-2014-0482 -------------------------------- +August 20, 2014 - :cve:`2014-0482` +---------------------------------- -`CVE-2014-0482 `_: RemoteUserMiddleware session hijacking. `Full description `__ +``RemoteUserMiddleware`` session hijacking. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -502,10 +543,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -August 20, 2014 - CVE-2014-0483 -------------------------------- +August 20, 2014 - :cve:`2014-0483` +---------------------------------- -`CVE-2014-0483 `_: Data leakage via querystring manipulation in admin. `Full description `__ +Data leakage via querystring manipulation in admin. +`Full description `__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -515,12 +557,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -January 13, 2015 - CVE-2015-0219 --------------------------------- +January 13, 2015 - :cve:`2015-0219` +----------------------------------- -`CVE-2015-0219 `_: -WSGI header spoofing via underscore/dash conflation. -`Full description `__ +WSGI header spoofing via underscore/dash conflation. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -529,10 +570,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -January 13, 2015 - CVE-2015-0220 --------------------------------- +January 13, 2015 - :cve:`2015-0220` +----------------------------------- -`CVE-2015-0220 `_: Mitigated possible XSS attack via user-supplied redirect URLs. `Full description `__ +Mitigated possible XSS attack via user-supplied redirect URLs. `Full +description `__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -541,12 +583,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -January 13, 2015 - CVE-2015-0221 --------------------------------- +January 13, 2015 - :cve:`2015-0221` +----------------------------------- -`CVE-2015-0221 `_: -Denial-of-service attack against ``django.views.static.serve()``. -`Full description `__ +Denial-of-service attack against ``django.views.static.serve()``. `Full +description `__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -555,12 +596,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -January 13, 2015 - CVE-2015-0222 --------------------------------- +January 13, 2015 - :cve:`2015-0222` +----------------------------------- -`CVE-2015-0222 `_: -Database denial-of-service with ``ModelMultipleChoiceField``. -`Full description `__ +Database denial-of-service with ``ModelMultipleChoiceField``. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -568,12 +608,11 @@ Versions affected * Django 1.6 `(patch) `__ * Django 1.7 `(patch) `__ -March 9, 2015 - CVE-2015-2241 ------------------------------ +March 9, 2015 - :cve:`2015-2241` +-------------------------------- -`CVE-2015-2241 `_: -XSS attack via properties in ``ModelAdmin.readonly_fields``. -`Full description `__ +XSS attack via properties in ``ModelAdmin.readonly_fields``. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -581,12 +620,11 @@ Versions affected * Django 1.7 `(patch) `__ * Django 1.8 `(patch) `_ -March 18, 2015 - CVE-2015-2316 ------------------------------- +March 18, 2015 - :cve:`2015-2316` +--------------------------------- -`CVE-2015-2316 `_: -Denial-of-service possibility with ``strip_tags()``. -`Full description `__ +Denial-of-service possibility with ``strip_tags()``. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -595,12 +633,11 @@ Versions affected * Django 1.7 `(patch) `__ * Django 1.8 `(patch) `__ -March 18, 2015 - CVE-2015-2317 ------------------------------- +March 18, 2015 - :cve:`2015-2317` +--------------------------------- -`CVE-2015-2317 `_: -Mitigated possible XSS attack via user-supplied redirect URLs. -`Full description `__ +Mitigated possible XSS attack via user-supplied redirect URLs. `Full +description `__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -610,24 +647,22 @@ Versions affected * Django 1.7 `(patch) `__ * Django 1.8 `(patch) `__ -May 20, 2015 - CVE-2015-3982 ----------------------------- +May 20, 2015 - :cve:`2015-3982` +------------------------------- -`CVE-2015-3982 `_: -Fixed session flushing in the cached_db backend. -`Full description `__ +Fixed session flushing in the cached_db backend. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ * Django 1.8 `(patch) `__ -July 8, 2015 - CVE-2015-5143 ----------------------------- +July 8, 2015 - :cve:`2015-5143` +------------------------------- -`CVE-2015-5143 `_: -Denial-of-service possibility by filling session store. -`Full description `__ +Denial-of-service possibility by filling session store. `Full +description `__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -636,12 +671,11 @@ Versions affected * Django 1.7 `(patch) `__ * Django 1.4 `(patch) `__ -July 8, 2015 - CVE-2015-5144 ----------------------------- +July 8, 2015 - :cve:`2015-5144` +------------------------------- -`CVE-2015-5144 `_: -Header injection possibility since validators accept newlines in input. -`Full description `__ +Header injection possibility since validators accept newlines in input. `Full +description `__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -650,24 +684,20 @@ Versions affected * Django 1.7 `(patch) `__ * Django 1.4 `(patch) `__ -July 8, 2015 - CVE-2015-5145 ----------------------------- +July 8, 2015 - :cve:`2015-5145` +------------------------------- -`CVE-2015-5145 `_: -Denial-of-service possibility in URL validation. -`Full description `__ +Denial-of-service possibility in URL validation. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ * Django 1.8 `(patch) `__ -August 18, 2015 - CVE-2015-5963/CVE-2015-5964 ---------------------------------------------- +August 18, 2015 - :cve:`2015-5963` / :cve:`2015-5964` +----------------------------------------------------- -`CVE-2015-5963 `_ -and -`CVE-2015-5964 `_: Denial-of-service possibility in ``logout()`` view by filling session store. `Full description `__ @@ -678,12 +708,11 @@ Versions affected * Django 1.7 `(patch) `__ * Django 1.4 `(patch) `__ -November 24, 2015 - CVE-2015-8213 ---------------------------------- +November 24, 2015 - :cve:`2015-8213` +------------------------------------ -`CVE-2015-8213 `_: -Settings leak possibility in ``date`` template filter. -`Full description `__ +Settings leak possibility in ``date`` template filter. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -691,24 +720,24 @@ Versions affected * Django 1.8 `(patch) `__ * Django 1.7 `(patch) `__ -February 1, 2016 - CVE-2016-2048 --------------------------------- +February 1, 2016 - :cve:`2016-2048` +----------------------------------- -`CVE-2016-2048 `_: -User with "change" but not "add" permission can create objects for ``ModelAdmin``’s with ``save_as=True``. -`Full description `__ +User with "change" but not "add" permission can create objects for +``ModelAdmin``’s with ``save_as=True``. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ * Django 1.9 `(patch) `__ -March 1, 2016 - CVE-2016-2512 ------------------------------ +March 1, 2016 - :cve:`2016-2512` +-------------------------------- -`CVE-2016-2512 `_: -Malicious redirect and possible XSS attack via user-supplied redirect URLs containing basic auth. -`Full description `__ +Malicious redirect and possible XSS attack via user-supplied redirect URLs +containing basic auth. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -716,12 +745,12 @@ Versions affected * Django 1.9 `(patch) `__ * Django 1.8 `(patch) `__ -March 1, 2016 - CVE-2016-2513 ------------------------------ +March 1, 2016 - :cve:`2016-2513` +-------------------------------- -`CVE-2016-2513 `_: -User enumeration through timing difference on password hasher work factor upgrade. -`Full description `__ +User enumeration through timing difference on password hasher work factor +upgrade. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~ @@ -729,12 +758,11 @@ Versions affected * Django 1.9 `(patch) `__ * Django 1.8 `(patch) `__ -July 18, 2016 - CVE-2016-6186 ------------------------------ +July 18, 2016 - :cve:`2016-6186` +-------------------------------- -`CVE-2016-6186 `_: -XSS in admin's add/change related popup. -`Full description `__ +XSS in admin's add/change related popup. `Full description +`__ Versions affected ~~~~~~~~~~~~~~~~~