CVE-2014-0472: Unexpected code execution using reverse()
(updated )
Django incorrectly handle dotted Python paths when using the django.core.urlresolvers.reverse
function. An attacker can use this issue to cause Django to import arbitrary modules from the Python path, resulting in possible code execution.
References
Detect and mitigate CVE-2014-0472 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →