DEPRECATED: Code

CVE-2015-0222

Medium

5/10

Summary

ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries. Branches prior to 1.6.x are unsupported and might be vulnerable as well.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: NONE
Availability Impact: PARTIAL

CWE-17 - DEPRECATED: Code

This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.

References

Advisory
Release Note

Advisory Timeline

Published Jan 16, 2015

DEPRECATED: Code

CVE-2015-0222

Summary

CWE-17 - DEPRECATED: Code

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS