CVE-2015-0219 Medium Severity Vulnerability detected by WhiteSource #21
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2015-0219 - Medium Severity Vulnerability
A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
path: /test1111/requirements.txt
Library home page: https://pypi.python.org/packages/e6/3f/f3e67d9c2572765ffe4268fc7f9997ce3b02e78fd144733f337d72dabb12/Django-1.4.1.tar.gz
Dependency Hierarchy:
Found in HEAD commit: ea978d1774903e4022b7273f99c76e52271d67fa
Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X-Auth_User header.
Publish Date: 2015-01-16
URL: CVE-2015-0219
Base Score Metrics not available
Type: Change files
Origin: django/django@316b8d4
Release Date: 2015-01-13
Fix Resolution: Replace or update the following files: basehttp.py, test_basehttp.py
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: