django-embed-video@0.1.0 vulnerabilities

Django app for easy embedding YouTube and Vimeo videos and music from SoundCloud.

latest version

1.4.10
latest non vulnerable version

1.4.10
first published

11 years ago
latest version published

a month ago
licenses detected
- MIT
  [0,)
View django-embed-video package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the django-embed-video package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Open Redirect `django-embed-video` is for easy embeding YouTube and Vimeo videos and music fromSoundCloud. Affected versions of this package are vulnerable to Open Redirect attacks due to no detection of faked urls.	[,0.3)
M Open Redirect `django` is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to Open Redirect. It relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely `django.utils.http.is_safe_url()`) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on `is_safe_url()` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack. How to fix Open Redirect? Upgrade `django` to version 1.8.18, 1.9.13, 1.10.7 or higher.	[,0.3)

Open Redirect

django-embed-video is for easy embeding YouTube and Vimeo videos and music fromSoundCloud.

Affected versions of this package are vulnerable to Open Redirect attacks due to no detection of faked urls.

[,0.3)

Open Redirect

django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design.

Affected versions of this package are vulnerable to Open Redirect. It relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely django.utils.http.is_safe_url()) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on is_safe_url() to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.

How to fix Open Redirect?

Upgrade django to version 1.8.18, 1.9.13, 1.10.7 or higher.

[,0.3)

Go back to all versions of this package

django-embed-video@0.1.0 vulnerabilities

Django app for easy embedding YouTube and Vimeo videos and music from SoundCloud.

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities