Количество 2
Количество 2
CVE-2019-13177
verification.py in django-rest-registration (aka Django REST Registration library) before 0.5.0 relies on a static string for signatures (i.e., the Django Signing API is misused), which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to calling a security-critical function with an incorrect argument.
GHSA-p3w6-jcg4-52xh
Improper Verification of Cryptographic Signature in django-rest-registration
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-13177 verification.py in django-rest-registration (aka Django REST Registration library) before 0.5.0 relies on a static string for signatures (i.e., the Django Signing API is misused), which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to calling a security-critical function with an incorrect argument. | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
| GHSA-p3w6-jcg4-52xh Improper Verification of Cryptographic Signature in django-rest-registration | CVSS3: 9.8 | 0% Низкий | больше 6 лет назад |
Уязвимостей на страницу