FLAT-AK4N2 – Vulnerability | Fluid Attacks Database

Database

Description

cross-site request forgery

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
pypi	django	>=0 <1.8.15 \|\| >=1.9 <1.9.10	1.8.15, 1.9.10
debian 12	python-django	>=0 <1:1.10-1	1:1.10-1
debian 13	python-django	>=0 <1:1.10-1	1:1.10-1
debian 14	python-django	>=0 <1:1.10-1	1:1.10-1
debian 11	python-django	>=0 <1:1.10-1	1:1.10-1
alpm rolling_release	python-django	>=1.9.9-1 <1.10.1-1	1.10.1-1

Aliases

1. CVE-2016-74012. NVD-2016-74013. OSV-2016-74014. OSV-DEBIAN-2016-74015. GCVE-2016-74016. SECURITY-TRACKER-CVE-2016-7401

References

1. https://github.com/django/django/commit/6118ab7d0676f0d622278e5be215f14fb5410b6a2. https://github.com/django/django/commit/6fe846a8f08dc959003f298b5407e321c6fe37353. https://github.com/django/django/commit/d1bc980db1c0fffd6d60677e62f70beadb9fe64a4. https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2016-3.yaml5. https://web.archive.org/web/20200227223637/http://www.securityfocus.com/bid/931826. https://web.archive.org/web/20210927195154/http://www.securitytracker.com/id/10368997. https://www.djangoproject.com/weblog/2016/sep/26/security-releases8. http://rhn.redhat.com/errata/RHSA-2016-2038.html9. http://rhn.redhat.com/errata/RHSA-2016-2039.html10. http://rhn.redhat.com/errata/RHSA-2016-2040.html11. http://rhn.redhat.com/errata/RHSA-2016-2041.html12. http://rhn.redhat.com/errata/RHSA-2016-2042.html13. http://rhn.redhat.com/errata/RHSA-2016-2043.html14. http://www.debian.org/security/2016/dsa-367815. http://www.ubuntu.com/usn/USN-3089-1

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.