Количество 8
Количество 8
GHSA-x7q2-wr7g-xqmf
Django vulnerable to user enumeration attack
CVE-2024-39329
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate() method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password.
CVE-2024-39329
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate() method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password.
CVE-2024-39329
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate() method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password.
CVE-2024-39329
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2. ...
BDU:2024-07168
Уязвимость метода django.contrib.auth.backends.ModelBackend.authenticate() программной платформы для веб-приложений Django, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
SUSE-SU-2024:2577-1
Security update for python-Django
SUSE-SU-2024:2545-1
Security update for python-Django
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-x7q2-wr7g-xqmf Django vulnerable to user enumeration attack | CVSS3: 5.3 | 0% Низкий | 11 месяцев назад |
 | CVE-2024-39329 An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate() method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password. | CVSS3: 5.3 | 0% Низкий | 11 месяцев назад |
 | CVE-2024-39329 An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate() method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password. | CVSS3: 3.7 | 0% Низкий | 12 месяцев назад |
 | CVE-2024-39329 An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate() method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password. | CVSS3: 5.3 | 0% Низкий | 11 месяцев назад |
| CVE-2024-39329 An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2. ... | CVSS3: 5.3 | 0% Низкий | 11 месяцев назад |
 | BDU:2024-07168 Уязвимость метода django.contrib.auth.backends.ModelBackend.authenticate() программной платформы для веб-приложений Django, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 5.3 | 0% Низкий | 12 месяцев назад |
 | SUSE-SU-2024:2577-1 Security update for python-Django | 11 месяцев назад | ||
| SUSE-SU-2024:2545-1 Security update for python-Django | 11 месяцев назад |
Уязвимостей на страницу