USN-2539-1

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2015-2316 CVE-2015-2317 UBUNTU-CVE-2015-2316 UBUNTU-CVE-2015-2317

Published: 23 Mar 2015, 19:02

Last modified:04 Feb 2026, 03:19

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

23 Mar 2015, 19:02

Published

Vulnerability first disclosed

04 Feb 2026, 03:19

Last Modified

Vulnerability information updated

Description

python-django vulnerabilities Andrey Babak discovered that Django incorrectly handled strip_tags. A remote attacker could possibly use this issue to cause Django to enter an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-2316) Daniel Chatfield discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack. (CVE-2015-2317)

Affected Systems

ubuntu•python-django
< 1.6.1-2ubuntu0.8

USN-2539-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)