FLAT-HAJG2 – Vulnerability | Fluid Attacks Database

Database

Description

privilege escalation

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	python-django	>=0 <2:2.2.8-1	2:2.2.8-1
pypi	django	>=2.1 <2.1.15 \|\| >=2.2 <2.2.8	2.1.15, 2.2.8
debian 12	python-django	>=0 <2:2.2.8-1	2:2.2.8-1
debian 13	python-django	>=0 <2:2.2.8-1	2:2.2.8-1
debian 14	python-django	>=0 <2:2.2.8-1	2:2.2.8-1
alpm rolling_release	python-django	>=2.2.6-2 <2.2.9-1	2.2.9-1

Aliases

1. CVE-2019-191182. NVD-2019-191183. OSV-DEBIAN-2019-191184. OSV-2019-191185. GHSA-hvmf-r92r-27hr6. GCVE-2019-191187. SECURITY-TRACKER-CVE-2019-191188. security.gentoo.org

References

1. https://github.com/django/django/commit/103ebe2b5ff1b2614b85a52c239f471904d262442. https://github.com/django/django/commit/36f580a17f0b3cb087deadf3b65eea024f479c213. https://docs.djangoproject.com/en/dev/releases/security4. https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2019-15.yaml5. https://groups.google.com/forum/#!topic/django-announce/GjGqDvtNmWQ6. https://lists.fedoraproject.org/archives/list/[email protected]/message/6R4HD22PVEVQ45H2JA2NXH443AYJOPL57. https://security.netapp.com/advisory/ntap-20191217-00038. https://www.djangoproject.com/weblog/2019/dec/02/security-releases9. http://www.openwall.com/lists/oss-security/2019/12/02/1

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.