CVE-2014-0474
CRITICAL
10.0
CVSS Severity Score
Vulnerability Description
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting."
Affected Platforms (CPE)
💻
Canonical
Ubuntu Linux
= 10.04💻
Canonical
Ubuntu Linux
= 12.04💻
Canonical
Ubuntu Linux
= 12.10💻
Canonical
Ubuntu Linux
= 13.10💻
Canonical
Ubuntu Linux
= 14.04📦
Djangoproject
Django
= 1.6📦
Djangoproject
Django
= 1.6.1📦
Djangoproject
Django
= 1.6.2📦
Djangoproject
Django
<= 1.4.10📦
Djangoproject
Django
= 1.4📦
Djangoproject
Django
= 1.4.1📦
Djangoproject
Django
= 1.4.2📦
Djangoproject
Django
= 1.4.3📦
Djangoproject
Django
= 1.4.4📦
Djangoproject
Django
= 1.4.5📦
Djangoproject
Django
= 1.4.6📦
Djangoproject
Django
= 1.4.7📦
Djangoproject
Django
= 1.4.8📦
Djangoproject
Django
= 1.4.9📦
Djangoproject
Django
= 1.7📦
Djangoproject
Django
= 1.7📦
Djangoproject
Django
= 1.7📦
Djangoproject
Django
= 1.5📦
Djangoproject
Django
= 1.5.1📦
Djangoproject
Django
= 1.5.2📦
Djangoproject
Django
= 1.5.3📦
Djangoproject
Django
= 1.5.4📦
Djangoproject