| Revision Date: | 2022-05-22 | Version: | 1 |
| Title: | CVE-2016-9013 |
| Description: |
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually specify a password in the database settings TEST dictionary.
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | CVE-2016-9013
Mitre CVE-2016-9013
SUSE CVE-2016-9013
openSUSE-SU-2018:0824-1
openSUSE-SU-2018:0824-1
openSUSE-SU-2018:0826-1
openSUSE-SU-2018:0826-1
SUSE-SU-2018:0973-1
SUSE-SU-2018:0973-1
SUSE-SU-2018:1102-1
SUSE-SU-2018:1102-1
|
| Platform(s): | openSUSE Leap 42.3
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
| Product(s): | |
| Definition Synopsis |
| SUSE OpenStack Cloud 7 is installed AND python-Django-1.8.19-3.4.1 is installed
|
| Definition Synopsis |
| SUSE OpenStack Cloud 6 is installed
AND python-Django-1.8.19-3.6 is installed
|
| Definition Synopsis |
| openSUSE Leap 42.3 is installed
AND Package Information
python-Django-1.8.19-6.4 is installed
AND python-Django is signed with openSUSE key
OR
python3-Django-1.8.19-5.3 is installed
AND python3-Django is signed with openSUSE key
|
| Definition Synopsis |
| Release Information
SUSE OpenStack Cloud 8 is installed
OR SUSE OpenStack Cloud Crowbar 8 is installed
AND python-Django is not affected
|
| Definition Synopsis |
| Release Information
SUSE OpenStack Cloud 9 is installed
OR SUSE OpenStack Cloud Crowbar 9 is installed
AND python-Django1 is not affected
|