CVE-2015-8213 Medium Severity Vulnerability detected by WhiteSource #26
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2015-8213 - Medium Severity Vulnerability
A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
path: /example-python/requirements.txt
Library home page: https://pypi.python.org/packages/d2/29/1935a5825b8820d1e398ab83f0730d483ec731fae34745ddac8318cf6ac8/Django-1.7.1-py2.py3-none-any.whl
Dependency Hierarchy:
The get_format function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2 might allow remote attackers to obtain sensitive application secrets via a settings key in place of a date/time format setting, as demonstrated by SECRET_KEY.
Publish Date: 2015-12-07
URL: CVE-2015-8213
Base Score Metrics not available
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-8213
Release Date: 2015-12-07
Fix Resolution: 1.7.x,1.7.11,1.8.7,1.9rc2
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: