CVE-2015-0222

Publication date 13 January 2015

Last updated 24 July 2024


Ubuntu priority

ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.

Status

Package Ubuntu Release Status
python-django 14.10 utopic
Fixed 1.6.6-1ubuntu2.1
14.04 LTS trusty
Fixed 1.6.1-2ubuntu0.6
12.04 LTS precise
Not affected
10.04 LTS lucid
Not affected

References

Related Ubuntu Security Notices (USN)

    • USN-2469-1
    • Django vulnerabilities
    • 13 January 2015

Other references