---

CVE-2020-13254 - log back

CVE-2020-13254 edited at 05 Jun 2020 13:24:51
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Information disclosure
Description	+ An information disclosure issue has been found in Django before 3.0.7, via malformed memcached keys. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage. In order to avoid this vulnerability, key validation is added to the memcached cache backends.
References	+ https://github.com/django/django/commit/84b2da5552e100ae3294f564f6c862fef8d0e693
Notes

CVE-2020-13254 created at 05 Jun 2020 13:22:41