This repository has been archived by the owner on Apr 28, 2020. It is now read-only.
CVE-2017-7234 Medium Severity Vulnerability detected by WhiteSource #10
Labels
security vulnerability
Security vulnerability detected by WhiteSource
CVE-2017-7234 - Medium Severity Vulnerability
Vulnerable Library - Django-1.8.5-py2.py3-none-any.whl
A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
path: /django-settings-startup/requirements.txt
Library home page: https://pypi.python.org/packages/69/cc/9aa13faa16849cdf0b27e5ad9b1a9f82d1c1136c88382f24fe07b4290e35/Django-1.8.5-py2.py3-none-any.whl
Dependency Hierarchy:
Vulnerability Details
A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the
django.views.static.serve()
view could redirect to any other domain, aka an open redirect vulnerability.Publish Date: 2017-04-04
URL: CVE-2017-7234
CVSS 3 Score Details (6.1)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-7234
Release Date: 2017-04-04
Fix Resolution: 1.10.7,1.9.13,1.8.18
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: