Safety vulnerability ID: 33074
The information on this page was manually curated by our Cybersecurity Intelligence Team.
The password hasher in contrib/auth/hashers.py in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to enumerate users via a timing attack involving login requests.
Latest version: 5.1.4
A high-level Python web framework that encourages rapid development and clean, pragmatic design.
The password hasher in contrib/auth/hashers.py in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to enumerate users via a timing attack involving login requests.
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application