Vulnerability Details : CVE-2018-7536
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable.
Products affected by CVE-2018-7536
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
- cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*
- cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*
- cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-7536
3.21%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-7536
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
|
5.3
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
3.9
|
1.4
|
NIST |
CWE ids for CVE-2018-7536
-
The product specifies a regular expression in a way that causes data to be improperly matched or compared.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-7536
-
https://access.redhat.com/errata/RHSA-2019:0265
RHSA-2019:0265 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://usn.ubuntu.com/3591-1/
USN-3591-1: Django vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://github.com/django/django/commit/abf89d729f210c692a50e0ad3f75fb6bec6fae16
[1.11.x] Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in ur… · django/django@abf89d7 · GitHub
-
https://access.redhat.com/errata/RHSA-2018:2927
RHSA-2018:2927 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:0051
RHSA-2019:0051 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://www.djangoproject.com/weblog/2018/mar/06/security-releases/
Django security releases issued: 2.0.3, 1.11.11, and 1.8.19 | Weblog | DjangoRelease Notes;Vendor Advisory
-
https://www.debian.org/security/2018/dsa-4161
Debian -- Security Information -- DSA-4161-1 python-djangoThird Party Advisory
-
https://github.com/django/django/commit/e157315da3ae7005fa0683ffc9751dbeca7306c8
[2.0.x] Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in url… · django/django@e157315 · GitHub
-
https://access.redhat.com/errata/RHSA-2019:0082
RHSA-2019:0082 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html
[SECURITY] [DLA 1303-1] python-django security updateMailing List;Third Party Advisory
-
https://github.com/django/django/commit/1ca63a66ef3163149ad822701273e8a1844192c2
[1.8.x] Fixed CVE-2018-7536 -- Fixed catastrophic backtracking in url… · django/django@1ca63a6 · GitHub
-
http://www.securityfocus.com/bid/103361
Django CVE-2018-7536 Multiple Denial of Service VulnerabilitiesThird Party Advisory;VDB Entry
Jump to