| Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-3442 | 4.3 |
The (1) django.http.HttpResponseRedirect and (2) django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site
|
11-04-2013 - 03:29 | 31-07-2012 - 17:55 | |
| CVE-2012-3444 | 5.0 |
The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service (proces
|
11-04-2013 - 03:29 | 31-07-2012 - 17:55 | |
| CVE-2012-3443 | 5.0 |
The django.forms.ImageField class in the form system in Django before 1.3.2 and 1.4.x before 1.4.1 completely decompresses image data during image validation, which allows remote attackers to cause a denial of service (memory consumption) by uploadin
|
11-04-2013 - 03:29 | 31-07-2012 - 17:55 |