Django CVE-2019-6975 Denial of Service Vulnerability
BID:106964
CVE-2019-6975 |Info
Django CVE-2019-6975 Denial of Service Vulnerability
| Bugtraq ID: | 106964 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2019-6975 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 11 2019 12:00AM |
| Updated: | Mar 18 2019 05:00AM |
| Credit: | Sjoerd Job Postmus |
| Vulnerable: |
Ubuntu Ubuntu Linux 18.10 Ubuntu Ubuntu Linux 18.04 LTS Ubuntu Ubuntu Linux 16.04 LTS Redhat OpenStack Platform Operational Tools 9 Redhat OpenStack Platform 9.0 Redhat OpenStack Platform 8.0 (Liberty) Redhat OpenStack Platform 14 Redhat OpenStack Platform 13.0 (Queens) Redhat OpenStack Platform 10 Redhat Gluster Storage 3.0 Redhat Enterprise Linux OpenStack Platform Operational Tools fo 8.0 Redhat Ceph Storage 3 Redhat Ceph Storage 2 Djangoproject Django 2.1.5 Djangoproject Django 2.1.4 Djangoproject Django 2.1.3 Djangoproject Django 2.1.2 Djangoproject Django 2.1.1 Djangoproject Django 2.0.10 Djangoproject Django 2.0.8 Djangoproject Django 2.0.7 Djangoproject Django 2.0.6 Djangoproject Django 2.0.5 Djangoproject Django 2.0.4 Djangoproject Django 2.0.3 Djangoproject Django 2.0.2 Djangoproject Django 2.0.1 Djangoproject Django 1.11.18 Djangoproject Django 1.11.15 Djangoproject Django 1.11.11 Djangoproject Django 1.11.10 Djangoproject Django 1.11.9 Djangoproject Django 1.11.8 Djangoproject Django 1.11.5 Djangoproject Django 1.11.4 Djangoproject Django 1.11.3 Djangoproject Django 1.11.2 Djangoproject Django 1.11.1 Djangoproject Django 1.11 |
| Not Vulnerable: |
Djangoproject Django 2.1.6 Djangoproject Django 2.0.11 Djangoproject Django 1.11.19 |
Discussion
Django CVE-2019-6975 Denial of Service Vulnerability
Django is prone to a denial-of-service vulnerability.
An attacker may exploit this issue to cause memory exhaustion, resulting in denial-of-service conditions.
Versions prior to Django 2.1.6, 2.0.11 and 1.11.19 are vulnerable.
Django is prone to a denial-of-service vulnerability.
An attacker may exploit this issue to cause memory exhaustion, resulting in denial-of-service conditions.
Versions prior to Django 2.1.6, 2.0.11 and 1.11.19 are vulnerable.
Exploit / POC
Django CVE-2019-6975 Denial of Service Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Django CVE-2019-6975 Denial of Service Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Django CVE-2019-6975 Denial of Service Vulnerability
References:
References:
- Django Homepage (Django)
- Bug 1673642 CVE-2019-6975 python-django: memory exhaustion (Redhat)
- CVE-2019-6975 (Redhat)
- Django security releases issued: 2.1.6, 2.0.11 and 1.11.19 (Django)
- USN-3890-1: Django vulnerability (Ubuntu)