CVE-2015-5143
Published: 8 July 2015
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys.
Priority
Status
Package | Release | Status |
---|---|---|
python-django Launchpad, Ubuntu, Debian |
precise |
Released
(1.3.1-4ubuntu1.17)
|
trusty |
Released
(1.6.1-2ubuntu0.9)
|
|
upstream |
Released
(1.4.21,1.7.9,1.8.3)
|
|
utopic |
Released
(1.6.6-1ubuntu2.3)
|
|
vivid |
Released
(1.7.6-1ubuntu2.1)
|