VulnerableCode Package Details - pkg:alpm/archlinux/python-django@2.1.2-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/python-django@2.1.2-1

Essentials
History (1)

purl	pkg:alpm/archlinux/python-django@2.1.2-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-6hfy-2gcp-1uh4	An issue was discovered in Django 2.1 before 2.1.2, in which unprivileged users can read the password hashes of arbitrary accounts. The read-only password widget used by the Django Admin to display an obfuscated password hash was bypassed if a user has only the "view" permission (new in Django 2.1), resulting in display of the entire password hash to those users. This may result in a vulnerability for sites with legacy user accounts using insecure hashes.	CVE-2018-16984 GHSA-6mx3-3vqg-hpp2 PYSEC-2018-3

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:27:04.076755+00:00	Arch Linux Importer	Fixing	VCID-6hfy-2gcp-1uh4	https://security.archlinux.org/AVG-773	38.0.0