Search for packages
| purl | pkg:deb/debian/python-django@1:1.10.3-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-k6s1-gnmc-e3ed | Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS. |
CVE-2016-9014
GHSA-3f2c-jm6v-cr35 PYSEC-2016-18 |
| VCID-uk1w-hehw-dyda | Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually specify a password in the database settings TEST dictionary. |
CVE-2016-9013
GHSA-mv8g-fhh6-6267 PYSEC-2016-17 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T09:12:16.012635+00:00 | Debian Importer | Fixing | VCID-uk1w-hehw-dyda | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T08:52:39.211618+00:00 | Debian Importer | Fixing | VCID-k6s1-gnmc-e3ed | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-11T18:09:32.017030+00:00 | Debian Importer | Fixing | VCID-uk1w-hehw-dyda | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T17:57:32.673824+00:00 | Debian Importer | Fixing | VCID-k6s1-gnmc-e3ed | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:50:41.779440+00:00 | Debian Importer | Fixing | VCID-k6s1-gnmc-e3ed | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:50:41.730797+00:00 | Debian Importer | Fixing | VCID-uk1w-hehw-dyda | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |