Vulnerability-Lookup

CVE-2011-4140 (GCVE-0-2011-4140)

Vulnerability from cvelistv5 – Published: 2011-10-19 10:00 – Updated: 2024-08-07 00:01

Summary

The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://hermes.opensuse.org/messages/14700881	vendor-advisoryx_refsource_SUSE
	http://www.debian.org/security/2011/dsa-2332	vendor-advisoryx_refsource_DEBIAN
	https://bugzilla.redhat.com/show_bug.cgi?id=737366	x_refsource_CONFIRM
	http://secunia.com/advisories/46614	third-party-advisoryx_refsource_SECUNIA
	http://openwall.com/lists/oss-security/2011/09/11/1	mailing-listx_refsource_MLIST
	https://www.djangoproject.com/weblog/2011/sep/10/127/	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2011/09/13/2	mailing-listx_refsource_MLIST
	https://www.djangoproject.com/weblog/2011/sep/09/	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:01:51.120Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2012:0653",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "https://hermes.opensuse.org/messages/14700881"
          },
          {
            "name": "DSA-2332",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2332"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366"
          },
          {
            "name": "46614",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/46614"
          },
          {
            "name": "[oss-security] 20110911 CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/09/11/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.djangoproject.com/weblog/2011/sep/10/127/"
          },
          {
            "name": "[oss-security] 20110913 Re: CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/09/13/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.djangoproject.com/weblog/2011/sep/09/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-09-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-17T19:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2012:0653",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "https://hermes.opensuse.org/messages/14700881"
        },
        {
          "name": "DSA-2332",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2332"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366"
        },
        {
          "name": "46614",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/46614"
        },
        {
          "name": "[oss-security] 20110911 CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/09/11/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.djangoproject.com/weblog/2011/sep/10/127/"
        },
        {
          "name": "[oss-security] 20110913 Re: CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/09/13/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.djangoproject.com/weblog/2011/sep/09/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-4140",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2012:0653",
              "refsource": "SUSE",
              "url": "https://hermes.opensuse.org/messages/14700881"
            },
            {
              "name": "DSA-2332",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2332"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=737366",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366"
            },
            {
              "name": "46614",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/46614"
            },
            {
              "name": "[oss-security] 20110911 CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/09/11/1"
            },
            {
              "name": "https://www.djangoproject.com/weblog/2011/sep/10/127/",
              "refsource": "CONFIRM",
              "url": "https://www.djangoproject.com/weblog/2011/sep/10/127/"
            },
            {
              "name": "[oss-security] 20110913 Re: CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/09/13/2"
            },
            {
              "name": "https://www.djangoproject.com/weblog/2011/sep/09/",
              "refsource": "CONFIRM",
              "url": "https://www.djangoproject.com/weblog/2011/sep/09/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-4140",
    "datePublished": "2011-10-19T10:00:00.000Z",
    "dateReserved": "2011-10-19T00:00:00.000Z",
    "dateUpdated": "2024-08-07T00:01:51.120Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

PYSEC-2011-5

Vulnerability from pysec - Published: 2011-10-19 10:55 - Updated: 2021-07-05 00:01

Details

Impacted products

Name	purl
django	pkg:pypi/django

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "django",
        "purl": "pkg:pypi/django"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.7"
            },
            {
              "introduced": "1.3"
            },
            {
              "fixed": "1.3.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.0.1",
        "1.0.2",
        "1.0.3",
        "1.0.4",
        "1.1",
        "1.1.1",
        "1.1.2",
        "1.1.3",
        "1.1.4",
        "1.2",
        "1.2.1",
        "1.2.2",
        "1.2.3",
        "1.2.4",
        "1.2.5",
        "1.2.6",
        "1.3"
      ]
    }
  ],
  "aliases": [
    "CVE-2011-4140",
    "GHSA-h95j-h2rv-qrg4"
  ],
  "details": "The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code.",
  "id": "PYSEC-2011-5",
  "modified": "2021-07-05T00:01:18.129041Z",
  "published": "2011-10-19T10:55:00Z",
  "references": [
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/09/11/1"
    },
    {
      "type": "ARTICLE",
      "url": "https://www.djangoproject.com/weblog/2011/sep/09/"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/09/13/2"
    },
    {
      "type": "ARTICLE",
      "url": "https://www.djangoproject.com/weblog/2011/sep/10/127/"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/46614"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.debian.org/security/2011/dsa-2332"
    },
    {
      "type": "WEB",
      "url": "https://hermes.opensuse.org/messages/14700881"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-h95j-h2rv-qrg4"
    }
  ]
}

GHSA-H95J-H2RV-QRG4

Vulnerability from github – Published: 2018-07-23 19:51 – Updated: 2024-09-16 22:05

Summary

Django Cross-Site Request Forgery vulnerability

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

8.7 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "Django"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.2.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "Django"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.3"
            },
            {
              "last_affected": "1.3.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2011-4140"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:39:45Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code.",
  "id": "GHSA-h95j-h2rv-qrg4",
  "modified": "2024-09-16T22:05:38Z",
  "published": "2018-07-23T19:51:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4140"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-h95j-h2rv-qrg4"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/django/django"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2011-5.yaml"
    },
    {
      "type": "WEB",
      "url": "https://hermes.opensuse.org/messages/14700881"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20140806062902/http://secunia.com/advisories/46614"
    },
    {
      "type": "WEB",
      "url": "https://www.djangoproject.com/weblog/2011/sep/09"
    },
    {
      "type": "WEB",
      "url": "https://www.djangoproject.com/weblog/2011/sep/10/127"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/09/11/1"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2011/09/13/2"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2011/dsa-2332"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Django Cross-Site Request Forgery vulnerability"
}

FKIE_CVE-2011-4140

Vulnerability from fkie_nvd - Published: 2011-10-19 10:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://openwall.com/lists/oss-security/2011/09/11/1	Patch
cve@mitre.org	http://openwall.com/lists/oss-security/2011/09/13/2	Patch
cve@mitre.org	http://secunia.com/advisories/46614
cve@mitre.org	http://www.debian.org/security/2011/dsa-2332
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=737366	Patch
cve@mitre.org	https://hermes.opensuse.org/messages/14700881
cve@mitre.org	https://www.djangoproject.com/weblog/2011/sep/09/	Patch, Vendor Advisory
cve@mitre.org	https://www.djangoproject.com/weblog/2011/sep/10/127/	Patch
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2011/09/11/1	Patch
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2011/09/13/2	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/46614
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2011/dsa-2332
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=737366	Patch
af854a3a-2127-422b-91ae-364da2661108	https://hermes.opensuse.org/messages/14700881
af854a3a-2127-422b-91ae-364da2661108	https://www.djangoproject.com/weblog/2011/sep/09/	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.djangoproject.com/weblog/2011/sep/10/127/	Patch

Impacted products

Vendor	Product	Version
djangoproject	django	*
djangoproject	django	0.91
djangoproject	django	0.95
djangoproject	django	0.95.1
djangoproject	django	0.96
djangoproject	django	1.0
djangoproject	django	1.0.1
djangoproject	django	1.0.2
djangoproject	django	1.1
djangoproject	django	1.1.0
djangoproject	django	1.1.2
djangoproject	django	1.1.3
djangoproject	django	1.2
djangoproject	django	1.2.1
djangoproject	django	1.2.1
djangoproject	django	1.2.2
djangoproject	django	1.2.3
djangoproject	django	1.2.4
djangoproject	django	1.2.5
djangoproject	django	1.3
djangoproject	django	1.3
djangoproject	django	1.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96EC0AAD-1199-4CDB-B599-A7959A160CB6",
              "versionEndIncluding": "1.2.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "C40AD94B-AC89-4404-973F-5E60468D06EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:0.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "529CD787-1C98-4F20-8A3D-90BF2B0BD790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:0.95.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "65A952FB-3A74-4A39-8870-1F37059C9D12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:0.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E79CFED-F8BF-48E7-897D-D1FB508DC9E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9023348-07A7-46E8-B45A-CC19563C5961",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "883C9BEA-8B02-42F7-90BB-F31CBCBF8B1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "59302184-7805-4D50-B25C-73E59DAA1E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "56846659-96C8-497C-8404-3975E5B6385B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DAB4639-B81D-412A-A081-EFF46737CA5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF068CD9-B33A-4C51-9FBA-CFDAE91E174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "26D338D9-1504-4933-B833-BD7F1864E89D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD257D91-EF31-4103-9007-944603ABA271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "99387F31-9E04-4A73-A1C6-C05F96A8DB38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2.1:2:*:*:*:*:*:*",
              "matchCriteriaId": "F75FE4BB-2C64-404F-9347-25289556BE56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "064C9403-8A43-42C7-A1FD-03CC49A32FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BCDB95B-88F2-466A-A4F9-4C080183E39B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "17B99C62-A653-45C1-A061-05A8FAD52107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFA5071B-808F-490E-B407-37CD24ACCA47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F5428AE-6B63-4D27-BCC4-F228264A6F0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.3:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "06F122AC-B9BF-4E27-A7C0-F3E7B5E8A907",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.3:alpha2:*:*:*:*:*:*",
              "matchCriteriaId": "AF1504F2-968F-4E1A-A143-BE494E658DF0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code."
    },
    {
      "lang": "es",
      "value": "El mecanismo de protecci\u00f3n ante CSRF de Django hasta la versi\u00f3n 1.2.7 y 1.3.x hasta la 1.3.1 no maneja apropiadamente las configuraciones del servidor web que soportan cabeceras HTTP Host arbitrarias, lo que permite a atacantes remotos provocar peticiones falsificadas sin autenticar a trav\u00e9s de vectores que involucran un registro DNS CNAME y una p\u00e1gina web que contenga c\u00f3digo JavaScript."
    }
  ],
  "id": "CVE-2011-4140",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-10-19T10:55:04.643",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/09/11/1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/09/13/2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/46614"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2011/dsa-2332"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://hermes.opensuse.org/messages/14700881"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.djangoproject.com/weblog/2011/sep/09/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://www.djangoproject.com/weblog/2011/sep/10/127/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/09/11/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/09/13/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/46614"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://hermes.opensuse.org/messages/14700881"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.djangoproject.com/weblog/2011/sep/09/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://www.djangoproject.com/weblog/2011/sep/10/127/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2011-4140

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-4140

Aliases

CVE-2011-4140

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-4140",
    "description": "The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code.",
    "id": "GSD-2011-4140",
    "references": [
      "https://www.suse.com/security/cve/CVE-2011-4140.html",
      "https://www.debian.org/security/2011/dsa-2332"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-4140"
      ],
      "details": "The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code.",
      "id": "GSD-2011-4140",
      "modified": "2023-12-13T01:19:06.096585Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2011-4140",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "openSUSE-SU-2012:0653",
            "refsource": "SUSE",
            "url": "https://hermes.opensuse.org/messages/14700881"
          },
          {
            "name": "DSA-2332",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2011/dsa-2332"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=737366",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366"
          },
          {
            "name": "46614",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/46614"
          },
          {
            "name": "[oss-security] 20110911 CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws",
            "refsource": "MLIST",
            "url": "http://openwall.com/lists/oss-security/2011/09/11/1"
          },
          {
            "name": "https://www.djangoproject.com/weblog/2011/sep/10/127/",
            "refsource": "CONFIRM",
            "url": "https://www.djangoproject.com/weblog/2011/sep/10/127/"
          },
          {
            "name": "[oss-security] 20110913 Re: CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws",
            "refsource": "MLIST",
            "url": "http://openwall.com/lists/oss-security/2011/09/13/2"
          },
          {
            "name": "https://www.djangoproject.com/weblog/2011/sep/09/",
            "refsource": "CONFIRM",
            "url": "https://www.djangoproject.com/weblog/2011/sep/09/"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c1.2.7||\u003e=1.3.0,\u003c1.3.1",
          "affected_versions": "All versions before 1.2.7, all versions starting from 1.3.0 before 1.3.1",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "cwe_ids": [
            "CWE-1035",
            "CWE-352",
            "CWE-352",
            "CWE-937"
          ],
          "date": "2021-09-14",
          "description": "The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code.",
          "fixed_versions": [
            "1.2.7",
            "1.3.1"
          ],
          "identifier": "CVE-2011-4140",
          "identifiers": [
            "GHSA-h95j-h2rv-qrg4",
            "CVE-2011-4140"
          ],
          "not_impacted": "All versions starting from 1.2.7 before 1.3.0, all versions starting from 1.3.1",
          "package_slug": "pypi/Django",
          "pubdate": "2018-07-23",
          "solution": "Upgrade to versions 1.2.7, 1.3.1 or above.",
          "title": "Cross-Site Request Forgery ",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2011-4140",
            "https://bugzilla.redhat.com/show_bug.cgi?id=737366",
            "https://github.com/advisories/GHSA-h95j-h2rv-qrg4",
            "https://hermes.opensuse.org/messages/14700881",
            "https://www.djangoproject.com/weblog/2011/sep/09/",
            "https://www.djangoproject.com/weblog/2011/sep/10/127/",
            "http://openwall.com/lists/oss-security/2011/09/11/1",
            "http://openwall.com/lists/oss-security/2011/09/13/2",
            "http://secunia.com/advisories/46614",
            "http://www.debian.org/security/2011/dsa-2332"
          ],
          "uuid": "40946326-e6bf-4587-8c44-116ac9ade2b0"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:0.95:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:0.95.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.3:alpha1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.3:alpha2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.2.1:2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.2.6",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:0.91:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:djangoproject:django:0.96:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-4140"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=737366",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366"
            },
            {
              "name": "[oss-security] 20110911 CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws",
              "refsource": "MLIST",
              "tags": [
                "Patch"
              ],
              "url": "http://openwall.com/lists/oss-security/2011/09/11/1"
            },
            {
              "name": "https://www.djangoproject.com/weblog/2011/sep/09/",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://www.djangoproject.com/weblog/2011/sep/09/"
            },
            {
              "name": "[oss-security] 20110913 Re: CVE Request -- Django: v1.3.1, v1.2.7 multiple security flaws",
              "refsource": "MLIST",
              "tags": [
                "Patch"
              ],
              "url": "http://openwall.com/lists/oss-security/2011/09/13/2"
            },
            {
              "name": "https://www.djangoproject.com/weblog/2011/sep/10/127/",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://www.djangoproject.com/weblog/2011/sep/10/127/"
            },
            {
              "name": "46614",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/46614"
            },
            {
              "name": "DSA-2332",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2011/dsa-2332"
            },
            {
              "name": "openSUSE-SU-2012:0653",
              "refsource": "SUSE",
              "tags": [],
              "url": "https://hermes.opensuse.org/messages/14700881"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-01-18T02:29Z",
      "publishedDate": "2011-10-19T10:55Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-4140 (GCVE-0-2011-4140)

PYSEC-2011-5

GHSA-H95J-H2RV-QRG4

FKIE_CVE-2011-4140

GSD-2011-4140

Tags

Sightings

Nomenclature