FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
597d02ce-a66c-11ea-af32-080027846a02Django -- multiple vulnerabilities

Django security release reports:

CVE-2020-13254: Potential data leakage via malformed memcached keys

In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage. In order to avoid this vulnerability, key validation is added to the memcached cache backends.

CVE-2020-13596: Possible XSS via admin ForeignKeyRawIdWidget

Query parameters for the admin ForeignKeyRawIdWidget were not properly URL encoded, posing an XSS attack vector. ForeignKeyRawIdWidget now ensures query parameters are correctly URL encoded.


Discovery 2020-06-01
Entry 2020-06-04
py36-django22
py37-django22
py38-django22
lt 2.2.13

py36-django30
py37-django30
py38-django30
lt 3.0.7

https://www.djangoproject.com/weblog/2020/jun/03/security-releases/
CVE-2020-13254
CVE-2020-13596