Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Django Resource Management Errors Vulnerability - CVE-2015-5964 - Vulnerability Database
Django

Django Resource Management Errors Vulnerability - CVE-2015-5964

Medium
Reference: CVE-2015-5964
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-5964
Title: Django Resource Management Errors Vulnerability
Overview:

The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10 1.4.x before 1.4.22 and possibly other versions create empty sessions in certain circumstances which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors.