Fluid Attacks Database

Description

multiple issues

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.10	py-django	=1.10.5-r0 \|\| =1.10.7-r0 \|\| =1.11-r0 \|\| =1.11-r1 \|\| =1.11.10-r0 \|\| =1.11.11-r0 \|\| =1.11.12-r0 \|\| =1.11.13-r0 \|\| =1.11.15-r0 \|\| =1.11.18-r0 \|\| =1.11.20-r0 \|\| =1.11.20-r1 \|\| =1.11.21-r0 \|\| =1.11.22-r0 \|\| =1.11.23-r0 \|\| =1.11.27-r0 \|\| =1.11.28-r0 \|\| =1.11.29-r0 \|\| =1.11.5-r0 \|\| =1.11.9-r0 \|\| =1.2.5-r0 \|\| =1.2.5-r1 \|\| =1.4.1-r0 \|\| =1.5-r0 \|\| =1.5.1-r0 \|\| =1.5.5-r0 \|\| =1.5.6-r0 \|\| =1.5.7-r0 \|\| =1.5.8-r0 \|\| =1.6.5-r0 \|\| =1.6.6-r0 \|\| =1.7-r0 \|\| =1.8-r0 \|\| =1.8.10-r0 \|\| =1.8.12-r0 \|\| =1.8.14-r0 \|\| =1.8.15-r0 \|\| =1.8.16-r0 \|\| =1.8.3-r0 \|\| =1.8.4-r0 \|\| =1.8.6-r0 \|\| =1.8.7-r0 \|\| =1.8.8-r0 \|\| >=0 <1.11.29-r1	1.11.29-r1
alpine v3.11	py3-django	=1.10.5-r0 \|\| =1.10.7-r0 \|\| =1.11-r0 \|\| =1.11-r1 \|\| =1.11.10-r0 \|\| =1.11.11-r0 \|\| =1.11.12-r0 \|\| =1.11.13-r0 \|\| =1.11.15-r0 \|\| =1.11.18-r0 \|\| =1.11.20-r0 \|\| =1.11.20-r1 \|\| =1.11.21-r0 \|\| =1.11.22-r0 \|\| =1.11.23-r0 \|\| =1.11.23-r1 \|\| =1.11.23-r2 \|\| =1.11.27-r0 \|\| =1.11.28-r0 \|\| =1.11.29-r0 \|\| =1.11.5-r0 \|\| =1.11.9-r0 \|\| =1.2.5-r0 \|\| =1.2.5-r1 \|\| =1.4.1-r0 \|\| =1.5-r0 \|\| =1.5.1-r0 \|\| =1.5.5-r0 \|\| =1.5.6-r0 \|\| =1.5.7-r0 \|\| =1.5.8-r0 \|\| =1.6.5-r0 \|\| =1.6.6-r0 \|\| =1.7-r0 \|\| =1.8-r0 \|\| =1.8.10-r0 \|\| =1.8.12-r0 \|\| =1.8.14-r0 \|\| =1.8.15-r0 \|\| =1.8.16-r0 \|\| =1.8.3-r0 \|\| =1.8.4-r0 \|\| =1.8.6-r0 \|\| =1.8.7-r0 \|\| =1.8.8-r0 \|\| >=0 <1.11.29-r1	1.11.29-r1
alpine v3.9	py-django	=1.10.5-r0 \|\| =1.10.7-r0 \|\| =1.11-r0 \|\| =1.11-r1 \|\| =1.11.10-r0 \|\| =1.11.11-r0 \|\| =1.11.12-r0 \|\| =1.11.13-r0 \|\| =1.11.15-r0 \|\| =1.11.18-r0 \|\| =1.11.20-r0 \|\| =1.11.21-r0 \|\| =1.11.22-r0 \|\| =1.11.23-r0 \|\| =1.11.27-r0 \|\| =1.11.28-r0 \|\| =1.11.29-r0 \|\| =1.11.5-r0 \|\| =1.11.9-r0 \|\| =1.2.5-r0 \|\| =1.2.5-r1 \|\| =1.4.1-r0 \|\| =1.5-r0 \|\| =1.5.1-r0 \|\| =1.5.5-r0 \|\| =1.5.6-r0 \|\| =1.5.7-r0 \|\| =1.5.8-r0 \|\| =1.6.5-r0 \|\| =1.6.6-r0 \|\| =1.7-r0 \|\| =1.8-r0 \|\| =1.8.10-r0 \|\| =1.8.12-r0 \|\| =1.8.14-r0 \|\| =1.8.15-r0 \|\| =1.8.16-r0 \|\| =1.8.3-r0 \|\| =1.8.4-r0 \|\| =1.8.6-r0 \|\| =1.8.7-r0 \|\| =1.8.8-r0 \|\| >=0 <1.11.29-r1	1.11.29-r1
alpine v3.12	py3-django	=1.10.5-r0 \|\| =1.10.7-r0 \|\| =1.11-r0 \|\| =1.11-r1 \|\| =1.11.10-r0 \|\| =1.11.11-r0 \|\| =1.11.12-r0 \|\| =1.11.13-r0 \|\| =1.11.15-r0 \|\| =1.11.18-r0 \|\| =1.11.20-r0 \|\| =1.11.20-r1 \|\| =1.11.21-r0 \|\| =1.11.22-r0 \|\| =1.11.23-r0 \|\| =1.11.23-r1 \|\| =1.11.23-r2 \|\| =1.11.27-r0 \|\| =1.11.28-r0 \|\| =1.11.29-r0 \|\| =1.11.5-r0 \|\| =1.11.9-r0 \|\| =1.2.5-r0 \|\| =1.2.5-r1 \|\| =1.4.1-r0 \|\| =1.5-r0 \|\| =1.5.1-r0 \|\| =1.5.5-r0 \|\| =1.5.6-r0 \|\| =1.5.7-r0 \|\| =1.5.8-r0 \|\| =1.6.5-r0 \|\| =1.6.6-r0 \|\| =1.7-r0 \|\| =1.8-r0 \|\| =1.8.10-r0 \|\| =1.8.12-r0 \|\| =1.8.14-r0 \|\| =1.8.15-r0 \|\| =1.8.16-r0 \|\| =1.8.3-r0 \|\| =1.8.4-r0 \|\| =1.8.6-r0 \|\| =1.8.7-r0 \|\| =1.8.8-r0 \|\| >=0 <1.11.29-r1	1.11.29-r1
pypi	django	>=2.2 <2.2.16 \|\| >=3.0 <3.0.10 \|\| >=3.1 <3.1.1	2.2.16, 3.0.10, 3.1.1
debian 11	python-django	>=0 <2:2.2.16-1	2:2.2.16-1
debian 13	python-django	>=0 <2:2.2.16-1	2:2.2.16-1
debian 12	python-django	>=0 <2:2.2.16-1	2:2.2.16-1
debian 14	python-django	>=0 <2:2.2.16-1	2:2.2.16-1
alpm rolling_release	python-django	>=3.1-1 <3.1.1-1	3.1.1-1

Aliases

1. CVE-2020-245842. NVD-2020-245843. OSV-ALPINE-2020-245844. OSV-2020-245845. OSV-DEBIAN-2020-245846. GHSA-fr28-569j-53c47. GCVE-2020-245848. SECURITY-CVE-2020-245849. SECURITY-TRACKER-CVE-2020-24584

References

1. https://github.com/django/django/commit/1853724acaf17ed7414d54c7d2b5563a25025a712. https://github.com/django/django/commit/2b099caa5923afa8cfb5f1e8c0d56b6e0e81915b3. https://github.com/django/django/commit/a3aebfdc8153dc230686b6d2454ccd32ed4c9e6f4. https://github.com/django/django/commit/cdb367c92a0ba72ddc0cbd13ff42b0e6df7095545. https://www.oracle.com/security-alerts/cpujan2021.html6. https://www.openwall.com/lists/oss-security/2020/09/01/27. https://www.djangoproject.com/weblog/2020/sep/01/security-releases8. https://usn.ubuntu.com/4479-19. https://security.netapp.com/advisory/ntap-20200918-000410. https://lists.fedoraproject.org/archives/list/[email protected]/message/ZCRPQCBTV3RZHKVZ6K6QOAANPRZQD3GI11. https://lists.fedoraproject.org/archives/list/[email protected]/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T12. https://lists.fedoraproject.org/archives/list/[email protected]/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU13. https://groups.google.com/forum/#!topic/django-announce/zFCMdgUnutU14. https://groups.google.com/forum/#!topic/django-announce/Gdqn58RqIDM15. https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2020-34.yaml16. https://docs.djangoproject.com/en/dev/releases/security

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.