CVE-2020-13254

Published: 03 June 2020

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.

Priority

Medium

CVSS 3 base score: 5.9

Status

Package Release Status
python-django
Launchpad, Ubuntu, Debian
Upstream
Released (2.2.13,3.0.7)
Ubuntu 20.04 LTS (Focal Fossa)
Released (2:2.2.12-1ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (1:1.11.11-1ubuntu1.9)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (1.8.7-1ubuntu5.13)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1.6.11-0ubuntu1.3+esm1)