CVE-2020-13254

MEDIUM

Django <2.2.13, <3.0.7 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-13254. PoCs published by danpalmer.

AI-analyzed exploit summary This repository demonstrates CVE-2020-13254, a cache poisoning vulnerability in Django's memcached backend. The PoC includes a web interface and a failing test case to show how invalid cache keys can corrupt the cache state.

Description

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.

Exploits (1)

nomisec WORKING POC 2 stars

by danpalmer · poc

https://github.com/danpalmer/django-cve-2020-13254

View Code ZIP pw:eip

This repository demonstrates CVE-2020-13254, a cache poisoning vulnerability in Django's memcached backend. The PoC includes a web interface and a failing test case to show how invalid cache keys can corrupt the cache state.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Django with memcached backend (PyLibMCCache)

No auth needed

Prerequisites: Django application using memcached as cache backend · Ability to send crafted cache keys

MITRE ATT&CK

T1499.004 - Application or System Exploitation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10

Core References

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/4381-1/

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/4381-2/

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2020/06/msg00016.html

Third Party Advisory vendor-advisory x_refsource_debian

https://www.debian.org/security/2020/dsa-4705

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4A2AP4T7RKPBCLTI2NNQG3T6MINDUUMZ/

Patch, Third Party Advisory x_refsource_misc

https://www.oracle.com/security-alerts/cpujan2021.html

Release Notes, Vendor Advisory x_refsource_misc

https://docs.djangoproject.com/en/3.0/releases/security/

Mailing List, Release Notes, Third Party Advisory x_refsource_misc

https://groups.google.com/d/msg/django-announce/pPEmb2ot4Fo/X-SMalYSBAAJ

Release Notes, Vendor Advisory x_refsource_confirm

https://www.djangoproject.com/weblog/2020/jun/03/security-releases/

Third Party Advisory x_refsource_confirm

https://security.netapp.com/advisory/ntap-20200611-0002/

Scores

CVSS v3 5.9

EPSS 0.0471

EPSS Percentile 89.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-295

Status published

Products (14)

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 18.04

canonical/ubuntu_linux 19.10

canonical/ubuntu_linux 20.04

debian/debian_linux 8.0

debian/debian_linux 9.0

debian/debian_linux 10.0

djangoproject/django 2.2 - 2.2.13

fedoraproject/fedora 32

... and 4 more

Published Jun 03, 2020

Tracked Since Feb 18, 2026