CVE-2015-0221 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2015-0221 Interim 1 15 2022-10-15T17:08:38Z current 2021-05-30T13:25:45Z 2022-10-15T17:08:38Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2015-0221 The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service (memory consumption) via a long line in a file. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2015-March/001310.html E-Mail link for SUSE-SU-2015:0563-1 https://lists.suse.com/pipermail/sle-security-updates/2015-June/001452.html E-Mail link for SUSE-SU-2015:1109-1 https://lists.suse.com/pipermail/sle-security-updates/2015-June/001453.html E-Mail link for SUSE-SU-2015:1112-1 https://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html E-Mail link for openSUSE-SU-2015:0643-1 https://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html E-Mail link for openSUSE-SU-2015:1598-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Cloud 4 SUSE Enterprise Storage 1.0 SUSE OpenStack Cloud 4 python-Django-1.6.11-4.1 python-django python-django-1.5.12-0.7.1 python-Django-1.6.11-4.1 as a component of SUSE Enterprise Storage 1.0 python-django-1.5.12-0.7.1 as a component of SUSE OpenStack Cloud 4 python-django as a component of SUSE Cloud 4 The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service (memory consumption) via a long line in a file. CVE-2015-0221 SUSE Enterprise Storage 1.0:python-Django-1.6.11-4.1 SUSE OpenStack Cloud 4:python-django-1.5.12-0.7.1 SUSE Cloud 4:python-django moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P