CVE-2014-3730 Medium Severity Vulnerability detected by WhiteSource #14
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2014-3730 - Medium Severity Vulnerability
A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
path: /example-python/requirements.txt
Library home page: https://pypi.python.org/packages/d2/29/1935a5825b8820d1e398ab83f0730d483ec731fae34745ddac8318cf6ac8/Django-1.7.1-py2.py3-none-any.whl
Dependency Hierarchy:
The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly validate URLs, which allows remote attackers to conduct open redirect attacks via a malformed URL, as demonstrated by "http:\\djangoproject.com."
Publish Date: 2014-05-16
URL: CVE-2014-3730
Base Score Metrics not available
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2014-3730
Release Date: 2014-05-16
Fix Resolution: 1.4.13,1.5.8,1.6.5,1.7b4
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: