[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Django Python web framework - (bulletinoct2018)

ID: oval:org.secpod.oval:def:2103380Date: (C)2020-01-19   (M)2023-12-14
Class: PATCHFamily: unix




django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.

Platform:
Sun Solaris 11
Product:
library/python/django
library/python/django-27
Reference:
bulletinoct2018
CVE-2018-6188
CVE-2017-12794
CVE-2018-7536
CVE-2018-7537
CVE    4
CVE-2017-12794
CVE-2018-6188
CVE-2018-7536
CVE-2018-7537
...
CPE    1
cpe:/o:oracle:solaris:11

© SecPod Technologies