Search for vulnerabilities
Vulnerability details: VCID-3neh-g91f-aaap
Vulnerability ID VCID-3neh-g91f-aaap
Aliases CVE-2014-0480
GHSA-f7cm-ccfp-3q4r
PYSEC-2014-4
Summary The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 does not properly validate URLs, which allows remote attackers to conduct phishing attacks via a // (slash slash) in a URL, which triggers a scheme-relative URL to be generated.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-20 Improper Input Validation
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3.1 7.5 http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html
generic_textual MODERATE http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html
generic_textual Low http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0480.html
epss 0.00455 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00455 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00455 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00455 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00455 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00455 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00455 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00455 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00455 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00455 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00455 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00456 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00482 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00482 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00482 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00482 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
epss 0.00483 https://api.first.org/data/v1/epss?cve=CVE-2014-0480
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1129950
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483
cvssv3.1 7.5 http://secunia.com/advisories/61281
generic_textual HIGH http://secunia.com/advisories/61281
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-f7cm-ccfp-3q4r
cvssv3.1 3.7 https://github.com/django/django
generic_textual MODERATE https://github.com/django/django
cvssv3.1 7.5 https://github.com/django/django/commit/45ac9d4fb087d21902469fc22643f5201d41a0cd
generic_textual MODERATE https://github.com/django/django/commit/45ac9d4fb087d21902469fc22643f5201d41a0cd
cvssv3.1 7.5 https://github.com/django/django/commit/c2fe73133b62a1d9e8f7a6b43966570b14618d7e
generic_textual MODERATE https://github.com/django/django/commit/c2fe73133b62a1d9e8f7a6b43966570b14618d7e
cvssv3.1 7.5 https://github.com/django/django/commit/da051da8df5e69944745072611351d4cfc6435d5
generic_textual MODERATE https://github.com/django/django/commit/da051da8df5e69944745072611351d4cfc6435d5
cvssv3.1 7.5 https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-4.yaml
generic_textual HIGH https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-4.yaml
cvssv2 5.8 https://nvd.nist.gov/vuln/detail/CVE-2014-0480
generic_textual Low https://ubuntu.com/security/notices/USN-2347-1
cvssv3.1 7.5 https://web.archive.org/web/20140918034351/http://www.securityfocus.com/bid/69425
generic_textual MODERATE https://web.archive.org/web/20140918034351/http://www.securityfocus.com/bid/69425
cvssv3.1 5.3 https://www.djangoproject.com/weblog/2014/aug/20/security
generic_textual MODERATE https://www.djangoproject.com/weblog/2014/aug/20/security
generic_textual Low https://www.djangoproject.com/weblog/2014/aug/20/security/
cvssv3.1 5.3 http://www.debian.org/security/2014/dsa-3010
generic_textual MODERATE http://www.debian.org/security/2014/dsa-3010
Reference id Reference type URL
http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0480.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0480.json
https://api.first.org/data/v1/epss?cve=CVE-2014-0480
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483
http://secunia.com/advisories/59782
http://secunia.com/advisories/61276
http://secunia.com/advisories/61281
https://github.com/django/django
https://github.com/django/django/commit/45ac9d4fb087d21902469fc22643f5201d41a0cd
https://github.com/django/django/commit/c2fe73133b62a1d9e8f7a6b43966570b14618d7e
https://github.com/django/django/commit/da051da8df5e69944745072611351d4cfc6435d5
https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-4.yaml
https://ubuntu.com/security/notices/USN-2347-1
https://web.archive.org/web/20140918034351/http://www.securityfocus.com/bid/69425
https://www.djangoproject.com/weblog/2014/aug/20/security
https://www.djangoproject.com/weblog/2014/aug/20/security/
http://www.debian.org/security/2014/dsa-3010
http://www.securityfocus.com/bid/69425
1129950 https://bugzilla.redhat.com/show_bug.cgi?id=1129950
cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4.11:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4.12:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.4.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.4.9:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.5:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.5.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.5.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.5.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.5.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.5.5:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.5.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.5.6:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.5.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.5.7:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.5.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.5.8:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.5:alpha:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.5:alpha:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.5:beta:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.5:beta:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.6:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.6:-:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.6.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.6.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.6.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.6.3:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.6.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.6.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.6.5:*:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.6:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.6:beta1:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.6:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.6:beta2:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.6:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.6:beta3:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.6:beta4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.6:beta4:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.7:beta1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.7:beta1:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.7:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.7:beta2:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.7:beta3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.7:beta3:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.7:beta4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.7:beta4:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.7:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.7:rc1:*:*:*:*:*:*
cpe:2.3:a:djangoproject:django:1.7:rc2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.7:rc2:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
CVE-2014-0480 https://nvd.nist.gov/vuln/detail/CVE-2014-0480
GHSA-f7cm-ccfp-3q4r https://github.com/advisories/GHSA-f7cm-ccfp-3q4r
GLSA-201412-22 https://security.gentoo.org/glsa/201412-22
USN-2347-1 https://usn.ubuntu.com/2347-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://lists.opensuse.org/opensuse-updates/2014-09/msg00023.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://secunia.com/advisories/61281
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/django/django
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/django/django/commit/45ac9d4fb087d21902469fc22643f5201d41a0cd
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/django/django/commit/c2fe73133b62a1d9e8f7a6b43966570b14618d7e
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/django/django/commit/da051da8df5e69944745072611351d4cfc6435d5
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2014-4.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2014-0480
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://web.archive.org/web/20140918034351/http://www.securityfocus.com/bid/69425
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://www.djangoproject.com/weblog/2014/aug/20/security
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at http://www.debian.org/security/2014/dsa-3010
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.75741
EPSS Score 0.00455
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.