Django 1.8.x prior to 1.8.16, 1.9.x prior to 1.9.11, and 1.10.x prior to 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote malicious users to obtain access to the database server by leveraging failure to manually specify a password in the database settings TEST dictionary.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
djangoproject django 1.10 |
||
djangoproject django 1.10.1 |
||
djangoproject django 1.10.2 |
||
canonical ubuntu linux 16.10 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 14.04 |
||
djangoproject django 1.9.6 |
||
djangoproject django 1.9.9 |
||
djangoproject django 1.9.5 |
||
djangoproject django 1.9.3 |
||
djangoproject django 1.9.4 |
||
djangoproject django 1.9.7 |
||
djangoproject django 1.9.1 |
||
djangoproject django 1.9 |
||
djangoproject django 1.9.8 |
||
djangoproject django 1.9.2 |
||
djangoproject django 1.9.10 |
||
djangoproject django 1.8.15 |
||
djangoproject django 1.8.2 |
||
djangoproject django 1.8.14 |
||
djangoproject django 1.8.1 |
||
djangoproject django 1.8.7 |
||
djangoproject django 1.8.9 |
||
djangoproject django 1.8.11 |
||
djangoproject django 1.8.3 |
||
djangoproject django 1.8.12 |
||
djangoproject django 1.8.4 |
||
djangoproject django 1.8.6 |
||
djangoproject django 1.8 |
||
djangoproject django 1.8.13 |
||
djangoproject django 1.8.8 |
||
djangoproject django 1.8.5 |
||
djangoproject django 1.8.10 |
||
fedoraproject fedora 25 |
||
fedoraproject fedora 24 |