https://ryu22e.org/en/Recent content on ryu22eBlogHugo -- 0.143.1en2013-2025 Ryuji TsutsuiMon, 28 Sep 2020 10:30:00 +0900https://ryu22e.org/en/posts/2020/09/28/django-cve-2020-24583-and-cve-2020-24584/Mon, 28 Sep 2020 10:30:00 +0900https://ryu22e.org/en/posts/2020/09/28/django-cve-2020-24583-and-cve-2020-24584/<p><a href="https://ryu22e.org/posts/2020/09/28/django-cve-2020-24583-and-cve-2020-24584/">Japanese edition</a></p> <p>This article describes the Django vulnerabilities CVE-2020-24583 and CVE-2020-24584, which were fixed on September 1, 2020.</p> <figure> <img loading="lazy" src="https://ryu22e.org/media/2020/09/28/django-cve-2020-24583-and-cve-2020-24584.jpg" alt="This vulnerability can give extra permissions to directories created by the application"/> <figcaption> <p>This vulnerability can give extra permissions to directories created by the application</p> </figcaption> </figure> <p>See below for release information on the official website:</p> <p><a href="https://www.djangoproject.com/weblog/2020/sep/01/security-releases/">Django security releases issued: 3.1.1, 3.0.10 and 2.2.16 | Weblog | Django</a></p>https://ryu22e.org/en/posts/2020/06/09/django-cve-2020-13254-and-cve-2020-13596/Tue, 09 Jun 2020 10:30:00 +0900https://ryu22e.org/en/posts/2020/06/09/django-cve-2020-13254-and-cve-2020-13596/<p><a href="https://ryu22e.org/posts/2020/06/09/django-cve-2020-13254-and-cve-2020-13596/">Japanese edition</a></p> <p>This article describes the Django vulnerabilities CVE-2020-13254 and CVE-2020-13596, which were fixed on June 3, 2020.</p> <figure> <img loading="lazy" src="https://ryu22e.org/media/2020/06/09/CVE-2020-1359.en.png" alt="CVE-2020-13254 is a potential data breach"/> <figcaption> <p>CVE-2020-13254 is a potential data breach</p> </figcaption> </figure> <figure> <img loading="lazy" src="https://ryu22e.org/media/2020/06/09/CVE-2020-13596.png" alt="CVE-2020-13596 is a vulnerability related to XSS"/> <figcaption> <p>CVE-2020-13596 is a vulnerability related to XSS</p> </figcaption> </figure> <p>See below for release information on the official website:</p> <p><a href="https://www.djangoproject.com/weblog/2020/jun/03/security-releases/">Django security releases issued: 3.0.7 and 2.2.13 | Weblog | Django</a></p>https://ryu22e.org/en/posts/2020/02/06/django-cve-2020-7471/Thu, 06 Feb 2020 10:30:00 +0900https://ryu22e.org/en/posts/2020/02/06/django-cve-2020-7471/<p><a href="https://ryu22e.org/posts/2020/02/06/django-cve-2020-7471/">Japanese edition</a></p> <p>This article describes the Django vulnerability CVE-2020-7471, which was fixed on February 3, 2020.</p> <figure> <img loading="lazy" src="https://ryu22e.org/media/2020/02/06/sql-injection.png" alt="This vulnerability allows SQL injection"/> <figcaption> <p>This vulnerability allows SQL injection</p> </figcaption> </figure> <p>Please refer to the following for release information on the official website.</p> <p><a href="https://www.djangoproject.com/weblog/2020/feb/03/security-releases/">Django security releases issued: 3.0.3, 2.2.10, and 1.11.28 | Weblog | Django</a></p>https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/Wed, 25 Dec 2019 10:30:00 +0900https://ryu22e.org/en/posts/2019/12/25/django-cve-2019-19844/<p><a href="https://ryu22e.org/posts/2019/12/25/django-cve-2019-19844/">Japanese edition</a></p> <p>This article describes the Django vulnerability CVE-2019-19844, which was fixed on December 18, 2019.</p> <figure> <img loading="lazy" src="https://ryu22e.org/media/2019/12/25/account-hijack.png" alt="This vulnerability allows for account hijacking"/> <figcaption> <p>This vulnerability allows for account hijacking</p> </figcaption> </figure> <p>Please refer to the following for release information on the official website.</p> <p><a href="https://www.djangoproject.com/weblog/2019/dec/18/security-releases/">Django security releases issued: 3.0.1, 2.2.9, and 1.11.27 | Weblog | Django</a></p>https://ryu22e.org/en/privacy-policy/Sat, 14 Dec 2013 00:00:00 +0900https://ryu22e.org/en/privacy-policy/<!-- textlint-disable --> <p>ryu22eBlog (hereinafter called &ldquo;this site&rdquo;) uses Google&rsquo;s service Google Analytics to acquire user information.</p> <p>Google Analytics uses first-party cookies to collect anonymous traffic data.</p> <p>First-party cookies store the following information.</p> <ul> <li>The start time of the current session</li> <li>Whether you have visited our site in the past</li> <li>From which site you accessed the site</li> </ul> <p>In this site, we use the information obtained by Google Analytics to the extent necessary to achieve the following usage purposes.</p>