Total vulnerabilities in the database
ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.
| Software | From | Fixed in |
|---|---|---|
| canonical / ubuntu_linux | 12.04 | 12.04.x |
| canonical / ubuntu_linux | 14.10 | 14.10.x |
| canonical / ubuntu_linux | 14.04 | 14.04.x |
| canonical / ubuntu_linux | 10.04 | 10.04.x |
| djangoproject / django | - | 1.4.17.x |
| djangoproject / django | 1.6.7 | 1.6.7.x |
| djangoproject / django | 1.6.5 | 1.6.5.x |
| djangoproject / django | 1.6.8 | 1.6.8.x |
| djangoproject / django | 1.6.6 | 1.6.6.x |
| djangoproject / django | 1.7.2 | 1.7.2.x |
| djangoproject / django | 1.6.3 | 1.6.3.x |
| djangoproject / django | 1.6 | 1.6.x |
| djangoproject / django | 1.6.4 | 1.6.4.x |
| djangoproject / django | 1.6.1 | 1.6.1.x |
| djangoproject / django | 1.6.2 | 1.6.2.x |
| djangoproject / django | 1.7 | 1.7.x |
| djangoproject / django | 1.6.9 | 1.6.9.x |
| djangoproject / django | 1.7.1 | 1.7.1.x |