Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2015-5964

The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors.

  • Published: Aug 24, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-5964
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
djangoproject / django 1.4.12 1.4.12.x
djangoproject / django 1.7.5 1.7.5.x
djangoproject / django 1.7.9 1.7.9.x
djangoproject / django 1.7.3 1.7.3.x
djangoproject / django 1.4.9 1.4.9.x
djangoproject / django 1.8.2 1.8.2.x
djangoproject / django 1.7-rc2 1.7-rc2.x
djangoproject / django 1.7-beta1 1.7-beta1.x
djangoproject / django 1.7-beta3 1.7-beta3.x
djangoproject / django 1.7.7 1.7.7.x
djangoproject / django 1.8.1 1.8.1.x
djangoproject / django 1.8-beta1 1.8-beta1.x
djangoproject / django 1.4.10 1.4.10.x
djangoproject / django 1.8.3 1.8.3.x
djangoproject / django 1.4.6 1.4.6.x
djangoproject / django 1.4.20 1.4.20.x
djangoproject / django 1.7.2 1.7.2.x
djangoproject / django 1.7.4 1.7.4.x
djangoproject / django 1.4.4 1.4.4.x
djangoproject / django 1.7.8 1.7.8.x
djangoproject / django 1.4.13 1.4.13.x
djangoproject / django 1.4.5 1.4.5.x
djangoproject / django 1.4.2 1.4.2.x
djangoproject / django 1.4.11 1.4.11.x
djangoproject / django 1.7.6 1.7.6.x
djangoproject / django 1.8.0 1.8.0.x
djangoproject / django 1.7-rc3 1.7-rc3.x
djangoproject / django 1.4.7 1.4.7.x
djangoproject / django 1.4.8 1.4.8.x
djangoproject / django 1.7-rc1 1.7-rc1.x
djangoproject / django 1.4 1.4.x
djangoproject / django 1.4.19 1.4.19.x
djangoproject / django 1.4.21 1.4.21.x
djangoproject / django 1.4.1 1.4.1.x
djangoproject / django 1.7.1 1.7.1.x
djangoproject / django 1.7-beta2 1.7-beta2.x
djangoproject / django 1.4.14 1.4.14.x
djangoproject / django 1.4.17 1.4.17.x
djangoproject / django 1.7-beta4 1.7-beta4.x
canonical / ubuntu_linux 12.04 12.04.x
canonical / ubuntu_linux 14.04 14.04.x
canonical / ubuntu_linux 15.04 15.04.x
oracle / solaris 11.3 11.3.x