Vulnerability CVE-2015-5145: Information

Description

validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.

Severity: HIGH (7.8)

URL: https://nvd.nist.gov/vuln/detail/CVE-2015-5145
Published: July 14, 2015
Modified: Sept. 22, 2017
Error type identifier: CWE-399

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
python-module-djangop91.8.5-alt11.11.29-alt2ALT-PU-2015-1872-1151377Fixed
python-module-djangoc9f21.8.5-alt11.11.23-alt1ALT-PU-2015-1872-1151377Fixed
python-module-djangoc71.8.7-alt1.11.8.18-alt0.M70C.1ALT-PU-2016-1155-1160046Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
  • Vendor Advisory
75691
    GLSA-201510-06
      1032820

          1. Configuration 1

            cpe:2.3:a:djangoproject:django:1.8.2:*:*:*:*:*:*:*
            cpe:2.3:a:djangoproject:django:1.8.1:*:*:*:*:*:*:*
            cpe:2.3:a:djangoproject:django:1.8.0:*:*:*:*:*:*:*
        VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
        Version: v24.5.3
        Back to top