AVG-1176 log
| Package | python-django |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 3.0.6-2 |
| Fixed | 3.0.7-1 |
| Current | 5.1.14-2 [extra] |
| Ticket | None |
| Created | Fri Jun 5 13:22:41 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-13596 | Medium | Yes | Cross-site scripting | A possible XSS has been found in Django before 3.0.7, via admin ForeignKeyRawIdWidget. Query parameters for the admin ForeignKeyRawIdWidget were not... |
| CVE-2020-13254 | Medium | Yes | Information disclosure | An information disclosure issue has been found in Django before 3.0.7, via malformed memcached keys. In cases where a memcached backend does not perform key... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 06 Jun 2020 | ASA-202006-8 | python-django | multiple issues |
| References |
|---|
https://www.djangoproject.com/weblog/2020/jun/03/security-releases/ |