wangchunlin
/
cvat
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '23d7c33667'
${ noResults }
cvat/cvat
History
Nikita Manovich 23d7c33667
Fix security issues (#519) 
CVE-2019-12308 More information

moderate severity
Vulnerable versions: >= 2.1.0, < 2.1.9
Patched version: 2.1.9
An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link.

WS-2019-0037 More information

moderate severity
Vulnerable versions: < 3.9.1
Patched version: 3.9.1
Django-Rest-Framework, before 3.9.1, has a XSS vulnerability caused by disabled autoescaping in the default DRF Browsable API view templates.
 		7 years ago
..
apps Advanced Auto Annotation Handling for Admins (#514) 7 years ago
requirements Fix security issues (#519) 7 years ago
settings RESTful API (#389) 7 years ago
utils RESTful API (#389) 7 years ago
__init__.py Critical fix for version number (build error) 7 years ago
simpleworker.py RESTful API (#389) 7 years ago
urls.py Semi Automatic Segmentation (#332) 7 years ago
wsgi.py Moved development on public github. 8 years ago