AVG-1176 log

Package python-django
Status Fixed
Severity Medium
Type multiple issues
Affected 3.0.6-2
Fixed 3.0.7-1
Current 3.1-1 [testing]
3.0.9-1 [extra]
Ticket None
Created Fri Jun 5 13:22:41 2020
Issue Severity Remote Type Description
CVE-2020-13596 Medium Yes Cross-site scripting
A possible XSS has been found in Django before 3.0.7, via admin ForeignKeyRawIdWidget. Query parameters for the admin ForeignKeyRawIdWidget were not...
CVE-2020-13254 Medium Yes Information disclosure
An information disclosure issue has been found in Django before 3.0.7, via malformed memcached keys. In cases where a memcached backend does not perform key...
Date Advisory Package Description
06 Jun 2020 ASA-202006-8 python-django multiple issues
References
https://www.djangoproject.com/weblog/2020/jun/03/security-releases/