Django prior to 1.8.x prior to 1.8.16, 1.9.x prior to 1.9.11, and 1.10.x prior to 1.10.3, when settings.DEBUG is True, allow remote malicious users to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fedoraproject fedora 25 |
||
fedoraproject fedora 24 |
||
canonical ubuntu linux 16.10 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 14.04 |
||
djangoproject django 1.8.15 |
||
djangoproject django 1.8.2 |
||
djangoproject django 1.8.14 |
||
djangoproject django 1.8.1 |
||
djangoproject django 1.8.7 |
||
djangoproject django 1.8.9 |
||
djangoproject django 1.8.11 |
||
djangoproject django 1.8.3 |
||
djangoproject django 1.8.12 |
||
djangoproject django 1.8.4 |
||
djangoproject django 1.8.6 |
||
djangoproject django 1.8 |
||
djangoproject django 1.8.13 |
||
djangoproject django 1.8.8 |
||
djangoproject django 1.8.5 |
||
djangoproject django 1.8.10 |
||
djangoproject django 1.10 |
||
djangoproject django 1.10.1 |
||
djangoproject django 1.10.2 |
||
djangoproject django 1.9.6 |
||
djangoproject django 1.9.9 |
||
djangoproject django 1.9.5 |
||
djangoproject django 1.9.3 |
||
djangoproject django 1.9.4 |
||
djangoproject django 1.9.7 |
||
djangoproject django 1.9.1 |
||
djangoproject django 1.9 |
||
djangoproject django 1.9.8 |
||
djangoproject django 1.9.2 |
||
djangoproject django 1.9.10 |