| Added |
CVSS V3 |
|
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
| Added |
CVSS V2 |
|
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
|
| Added |
CWE |
|
CWE-79
|
| Added |
CPE Configuration |
|
OR
*cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* versions from (including) 1.11 up to (excluding) 1.11.21
*cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* versions from (including) 2.1 up to (excluding) 2.1.9
*cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* versions from (including) 2.2 up to (excluding) 2.2.2
|
| Changed |
Reference Type |
http://www.openwall.com/lists/oss-security/2019/06/03/2 No Types Assigned
|
http://www.openwall.com/lists/oss-security/2019/06/03/2 Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
https://docs.djangoproject.com/en/dev/releases/1.11.21/ No Types Assigned
|
https://docs.djangoproject.com/en/dev/releases/1.11.21/ Vendor Advisory
|
| Changed |
Reference Type |
https://docs.djangoproject.com/en/dev/releases/2.1.9/ No Types Assigned
|
https://docs.djangoproject.com/en/dev/releases/2.1.9/ Vendor Advisory
|
| Changed |
Reference Type |
https://docs.djangoproject.com/en/dev/releases/2.2.2/ No Types Assigned
|
https://docs.djangoproject.com/en/dev/releases/2.2.2/ Vendor Advisory
|
| Changed |
Reference Type |
https://docs.djangoproject.com/en/dev/releases/security/ No Types Assigned
|
https://docs.djangoproject.com/en/dev/releases/security/ Vendor Advisory
|
| Changed |
Reference Type |
https://groups.google.com/forum/#!topic/django-announce/GEbHU7YoVz8 No Types Assigned
|
https://groups.google.com/forum/#!topic/django-announce/GEbHU7YoVz8 Mailing List, Vendor Advisory
|
| Changed |
Reference Type |
https://www.djangoproject.com/weblog/2019/jun/03/security-releases/ No Types Assigned
|
https://www.djangoproject.com/weblog/2019/jun/03/security-releases/ Vendor Advisory
|
| Added |
CVSS V2 Metadata |
|
Victim must voluntarily interact with attack mechanism
|
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
