10
CVE-2014-0474
- EPSS 5.94%
- Published 23.04.2014 15:55:03
- Last modified 12.04.2025 10:46:40
- Source security@debian.org
- Teams watchlist Login
- Open Login
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting."
Data is provided by the National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version10.04 Update- Editionlts
Canonical ≫ Ubuntu Linux Version12.04 Update- Editionlts
Canonical ≫ Ubuntu Linux Version12.10
Canonical ≫ Ubuntu Linux Version13.10
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Djangoproject ≫ Django Version1.6
Djangoproject ≫ Django Version1.6.1
Djangoproject ≫ Django Version1.6.2
Djangoproject ≫ Django Version <= 1.4.10
Djangoproject ≫ Django Version1.4
Djangoproject ≫ Django Version1.4.1
Djangoproject ≫ Django Version1.4.2
Djangoproject ≫ Django Version1.4.3
Djangoproject ≫ Django Version1.4.4
Djangoproject ≫ Django Version1.4.5
Djangoproject ≫ Django Version1.4.6
Djangoproject ≫ Django Version1.4.7
Djangoproject ≫ Django Version1.4.8
Djangoproject ≫ Django Version1.4.9
Djangoproject ≫ Django Version1.7 Updatealpha1
Djangoproject ≫ Django Version1.7 Updatealpha2
Djangoproject ≫ Django Version1.7 Updatebeta1
Djangoproject ≫ Django Version1.5
Djangoproject ≫ Django Version1.5.1
Djangoproject ≫ Django Version1.5.2
Djangoproject ≫ Django Version1.5.3
Djangoproject ≫ Django Version1.5.4
Djangoproject ≫ Django Version1.5.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.94% | 0.903 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|