First published: Wed Feb 07 2018(Updated: )
It was discovered that Django incorrectly handled certain requests. An attacker could possibly use this to access sensitive information. (CVE-2017-12794, CVE-2018-6188)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/python3-django | <1:1.11.4-1ubuntu1.1 | 1:1.11.4-1ubuntu1.1 |
=17.10 | ||
All of | ||
ubuntu/python-django | <1:1.11.4-1ubuntu1.1 | 1:1.11.4-1ubuntu1.1 |
=17.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerabilities addressed in USN-3559-1 are CVE-2017-12794 and CVE-2018-6188.
An attacker could exploit these vulnerabilities to access sensitive information.
The affected software is python3-django version up to 1.11.4-1ubuntu1.1 on Ubuntu 17.10.
To fix these vulnerabilities, update python3-django to version 1.11.4-1ubuntu1.1 or later on Ubuntu 17.10.
More information about these vulnerabilities can be found at the following references: [CVE-2017-12794](https://ubuntu.com/security/CVE-2017-12794) and [CVE-2018-6188](https://ubuntu.com/security/CVE-2018-6188).