VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-shuh-ae95-aaah

Essentials
Severities (140)
References (72)
Severity details (56)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-shuh-ae95-aaah
Aliases	CVE-2016-9014 GHSA-3f2c-jm6v-cr35 PYSEC-2016-18
Summary	Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-264	Permissions, Privileges, and Access Controls
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9014.html
cvssv3	7.4	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9014.json
epss	0.00898	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.00898	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.00898	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.00898	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.00898	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.00898	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01477	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01477	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01477	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01656	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01656	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01656	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01656	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01656	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01656	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01656	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01656	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01656	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.01656	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.02211	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.04242	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.04296	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.04296	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.04296	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
epss	0.04296	https://api.first.org/data/v1/epss?cve=CVE-2016-9014
rhbs	low	https://bugzilla.redhat.com/show_bug.cgi?id=1389417
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9013
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9014
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7233
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7234
cvssv2	4	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	CRITICAL	https://github.com/advisories/GHSA-3f2c-jm6v-cr35
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-3f2c-jm6v-cr35
cvssv3.1	3.7	https://github.com/django/django
cvssv3.1	8.1	https://github.com/django/django
generic_textual	CRITICAL	https://github.com/django/django
generic_textual	MODERATE	https://github.com/django/django
cvssv3.1	8.1	https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19
generic_textual	CRITICAL	https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19
generic_textual	HIGH	https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19
cvssv3.1	8.1	https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472
generic_textual	CRITICAL	https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472
generic_textual	HIGH	https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472
cvssv3.1	8.1	https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587
generic_textual	CRITICAL	https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587
generic_textual	HIGH	https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587
cvssv3.1	8.1	https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-18.yaml
generic_textual	CRITICAL	https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-18.yaml
generic_textual	HIGH	https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-18.yaml
cvssv3.1	8.1	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ
generic_textual	CRITICAL	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ
cvssv3.1	8.1	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S
generic_textual	CRITICAL	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S
cvssv2	6.8	https://nvd.nist.gov/vuln/detail/CVE-2016-9014
cvssv3	8.1	https://nvd.nist.gov/vuln/detail/CVE-2016-9014
cvssv3.1	8.1	https://nvd.nist.gov/vuln/detail/CVE-2016-9014
generic_textual	CRITICAL	https://nvd.nist.gov/vuln/detail/CVE-2016-9014
archlinux	High	https://security.archlinux.org/AVG-57
generic_textual	Medium	https://ubuntu.com/security/notices/USN-3115-1
cvssv3.1	8.1	https://web.archive.org/web/20210123185619/http://www.securityfocus.com/bid/94068
generic_textual	CRITICAL	https://web.archive.org/web/20210123185619/http://www.securityfocus.com/bid/94068
generic_textual	HIGH	https://web.archive.org/web/20210123185619/http://www.securityfocus.com/bid/94068
cvssv3.1	8.1	https://web.archive.org/web/20211204043252/http://www.securitytracker.com/id/1037159
generic_textual	CRITICAL	https://web.archive.org/web/20211204043252/http://www.securitytracker.com/id/1037159
generic_textual	HIGH	https://web.archive.org/web/20211204043252/http://www.securitytracker.com/id/1037159
cvssv3.1	8.1	https://www.djangoproject.com/weblog/2016/nov/01/security-releases
generic_textual	CRITICAL	https://www.djangoproject.com/weblog/2016/nov/01/security-releases
generic_textual	HIGH	https://www.djangoproject.com/weblog/2016/nov/01/security-releases
generic_textual	Medium	https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
cvssv3.1	6.1	http://www.debian.org/security/2017/dsa-3835
cvssv3.1	8.1	http://www.debian.org/security/2017/dsa-3835
generic_textual	CRITICAL	http://www.debian.org/security/2017/dsa-3835
generic_textual	MODERATE	http://www.debian.org/security/2017/dsa-3835
cvssv3.1	9.8	http://www.securitytracker.com/id/1037159
generic_textual	CRITICAL	http://www.securitytracker.com/id/1037159
cvssv3.1	8.1	http://www.ubuntu.com/usn/USN-3115-1
generic_textual	CRITICAL	http://www.ubuntu.com/usn/USN-3115-1
generic_textual	HIGH	http://www.ubuntu.com/usn/USN-3115-1

Reference id	Reference type	URL
		http://benmmurphy.github.io/blog/2016/07/11/rails-webconsole-dns-rebinding/
		http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9014.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9014.json
		https://api.first.org/data/v1/epss?cve=CVE-2016-9014
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9013
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9014
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7233
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7234
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/django/django
		https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19
		https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472
		https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587
		https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-18.yaml
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/
		https://ubuntu.com/security/notices/USN-3115-1
		https://web.archive.org/web/20210123185619/http://www.securityfocus.com/bid/94068
		https://web.archive.org/web/20211204043252/http://www.securitytracker.com/id/1037159
		https://www.djangoproject.com/weblog/2016/nov/01/security-releases
		https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
		http://www.debian.org/security/2017/dsa-3835
		http://www.securityfocus.com/bid/94068
		http://www.securitytracker.com/id/1037159
		http://www.ubuntu.com/usn/USN-3115-1
1389417		https://bugzilla.redhat.com/show_bug.cgi?id=1389417
842856		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842856
ASA-201611-15		https://security.archlinux.org/ASA-201611-15
AVG-57		https://security.archlinux.org/AVG-57
cpe:2.3:a:djangoproject:django:1.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.10:::::::*
cpe:2.3:a:djangoproject:django:1.10.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.10.1:::::::*
cpe:2.3:a:djangoproject:django:1.10.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.10.2:::::::*
cpe:2.3:a:djangoproject:django:1.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8:::::::*
cpe:2.3:a:djangoproject:django:1.8.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.1:::::::*
cpe:2.3:a:djangoproject:django:1.8.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.10:::::::*
cpe:2.3:a:djangoproject:django:1.8.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.11:::::::*
cpe:2.3:a:djangoproject:django:1.8.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.12:::::::*
cpe:2.3:a:djangoproject:django:1.8.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.13:::::::*
cpe:2.3:a:djangoproject:django:1.8.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.14:::::::*
cpe:2.3:a:djangoproject:django:1.8.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.15:::::::*
cpe:2.3:a:djangoproject:django:1.8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.2:::::::*
cpe:2.3:a:djangoproject:django:1.8.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.3:::::::*
cpe:2.3:a:djangoproject:django:1.8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.4:::::::*
cpe:2.3:a:djangoproject:django:1.8.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.5:::::::*
cpe:2.3:a:djangoproject:django:1.8.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.6:::::::*
cpe:2.3:a:djangoproject:django:1.8.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.7:::::::*
cpe:2.3:a:djangoproject:django:1.8.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.8:::::::*
cpe:2.3:a:djangoproject:django:1.8.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.9:::::::*
cpe:2.3:a:djangoproject:django:1.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9:::::::*
cpe:2.3:a:djangoproject:django:1.9.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.1:::::::*
cpe:2.3:a:djangoproject:django:1.9.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.10:::::::*
cpe:2.3:a:djangoproject:django:1.9.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.2:::::::*
cpe:2.3:a:djangoproject:django:1.9.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.3:::::::*
cpe:2.3:a:djangoproject:django:1.9.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.4:::::::*
cpe:2.3:a:djangoproject:django:1.9.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.5:::::::*
cpe:2.3:a:djangoproject:django:1.9.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.6:::::::*
cpe:2.3:a:djangoproject:django:1.9.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.7:::::::*
cpe:2.3:a:djangoproject:django:1.9.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.8:::::::*
cpe:2.3:a:djangoproject:django:1.9.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.9:::::::*
cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.10:::::::*
cpe:2.3:o:fedoraproject:fedora:24:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:::::::*
cpe:2.3:o:fedoraproject:fedora:25:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:::::::*
CVE-2016-9014		https://nvd.nist.gov/vuln/detail/CVE-2016-9014
GHSA-3f2c-jm6v-cr35		https://github.com/advisories/GHSA-3f2c-jm6v-cr35
USN-3115-1		https://usn.ubuntu.com/3115-1/

No exploits are available.

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9014.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/django/django

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/django/django

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-18.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2016-9014

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-9014

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-9014

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://web.archive.org/web/20210123185619/http://www.securityfocus.com/bid/94068

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://web.archive.org/web/20211204043252/http://www.securitytracker.com/id/1037159

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.djangoproject.com/weblog/2016/nov/01/security-releases

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at http://www.debian.org/security/2017/dsa-3835

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.debian.org/security/2017/dsa-3835

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.securitytracker.com/id/1037159

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.ubuntu.com/usn/USN-3115-1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.74481
EPSS Score	0.00898
Published At	May 1, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

Reference id	Reference type	URL
		http://benmmurphy.github.io/blog/2016/07/11/rails-webconsole-dns-rebinding/
		http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9014.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9014.json
		https://api.first.org/data/v1/epss?cve=CVE-2016-9014
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9013
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9014
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7233
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7234
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/django/django
		https://github.com/django/django/commit/45acd6d836895a4c36575f48b3fb36a3dae98d19
		https://github.com/django/django/commit/884e113838e5a72b4b0ec9e5e87aa480f6aa4472
		https://github.com/django/django/commit/c401ae9a7dfb1a94a8a61927ed541d6f93089587
		https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-18.yaml
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/
		https://ubuntu.com/security/notices/USN-3115-1
		https://web.archive.org/web/20210123185619/http://www.securityfocus.com/bid/94068
		https://web.archive.org/web/20211204043252/http://www.securitytracker.com/id/1037159
		https://www.djangoproject.com/weblog/2016/nov/01/security-releases
		https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
		http://www.debian.org/security/2017/dsa-3835
		http://www.securityfocus.com/bid/94068
		http://www.securitytracker.com/id/1037159
		http://www.ubuntu.com/usn/USN-3115-1
1389417		https://bugzilla.redhat.com/show_bug.cgi?id=1389417
842856		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842856
ASA-201611-15		https://security.archlinux.org/ASA-201611-15
AVG-57		https://security.archlinux.org/AVG-57
cpe:2.3:a:djangoproject:django:1.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.10:::::::*
cpe:2.3:a:djangoproject:django:1.10.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.10.1:::::::*
cpe:2.3:a:djangoproject:django:1.10.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.10.2:::::::*
cpe:2.3:a:djangoproject:django:1.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8:::::::*
cpe:2.3:a:djangoproject:django:1.8.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.1:::::::*
cpe:2.3:a:djangoproject:django:1.8.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.10:::::::*
cpe:2.3:a:djangoproject:django:1.8.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.11:::::::*
cpe:2.3:a:djangoproject:django:1.8.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.12:::::::*
cpe:2.3:a:djangoproject:django:1.8.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.13:::::::*
cpe:2.3:a:djangoproject:django:1.8.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.14:::::::*
cpe:2.3:a:djangoproject:django:1.8.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.15:::::::*
cpe:2.3:a:djangoproject:django:1.8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.2:::::::*
cpe:2.3:a:djangoproject:django:1.8.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.3:::::::*
cpe:2.3:a:djangoproject:django:1.8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.4:::::::*
cpe:2.3:a:djangoproject:django:1.8.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.5:::::::*
cpe:2.3:a:djangoproject:django:1.8.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.6:::::::*
cpe:2.3:a:djangoproject:django:1.8.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.7:::::::*
cpe:2.3:a:djangoproject:django:1.8.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.8:::::::*
cpe:2.3:a:djangoproject:django:1.8.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.8.9:::::::*
cpe:2.3:a:djangoproject:django:1.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9:::::::*
cpe:2.3:a:djangoproject:django:1.9.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.1:::::::*
cpe:2.3:a:djangoproject:django:1.9.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.10:::::::*
cpe:2.3:a:djangoproject:django:1.9.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.2:::::::*
cpe:2.3:a:djangoproject:django:1.9.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.3:::::::*
cpe:2.3:a:djangoproject:django:1.9.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.4:::::::*
cpe:2.3:a:djangoproject:django:1.9.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.5:::::::*
cpe:2.3:a:djangoproject:django:1.9.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.6:::::::*
cpe:2.3:a:djangoproject:django:1.9.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.7:::::::*
cpe:2.3:a:djangoproject:django:1.9.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.8:::::::*
cpe:2.3:a:djangoproject:django:1.9.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:djangoproject:django:1.9.9:::::::*
cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.10:::::::*
cpe:2.3:o:fedoraproject:fedora:24:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:::::::*
cpe:2.3:o:fedoraproject:fedora:25:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:::::::*
CVE-2016-9014		https://nvd.nist.gov/vuln/detail/CVE-2016-9014
GHSA-3f2c-jm6v-cr35		https://github.com/advisories/GHSA-3f2c-jm6v-cr35
USN-3115-1		https://usn.ubuntu.com/3115-1/