This repository has been archived by the owner on Apr 28, 2020. It is now read-only.
CVE-2017-7234 Medium Severity Vulnerability detected by WhiteSource #10
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
CVE-2017-7234 - Medium Severity Vulnerability
A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
path: /django-settings-startup/requirements.txt
Library home page: https://pypi.python.org/packages/69/cc/9aa13faa16849cdf0b27e5ad9b1a9f82d1c1136c88382f24fe07b4290e35/Django-1.8.5-py2.py3-none-any.whl
Dependency Hierarchy:
A maliciously crafted URL to a Django (1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18) site using the
django.views.static.serve()view could redirect to any other domain, aka an open redirect vulnerability.Publish Date: 2017-04-04
URL: CVE-2017-7234
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-7234
Release Date: 2017-04-04
Fix Resolution: 1.10.7,1.9.13,1.8.18
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: