Lucene search
GitHub Advisory DatabaseGHSA-5VCC-86WM-547QHistoryMar 16, 2024 - 9:30 a.m.
Improper Privilege Management in djangorestframework-simplejwt
2024-03-1609:30:35
CWE-269
GitHub Advisory Database
github.com
59
vulnerability
information disclosure
privilege management
user validation checks
for_user method
djangorestframework-simplejwt
djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the for_user method.
Affected configurations
Node
djangorestframeworksimplejwtRange≤5.3.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| djangorestframework-simplejwt | le | 5.3.1 |
Related
packetstorm
packetstorm
Django REST Framework SimpleJWT 5.3.1 Information Disclosure
2024-04-15 00:00:00
debiancve
debiancve
CVE-2024-22513
2024-03-16 07:15:06
redhatcve
redhatcve
CVE-2024-22513
2024-03-16 18:23:29
osv
osv
Improper Privilege Management in djangorestframework-simplejwt
2024-03-16 09:30:35
nvd
nvd
CVE-2024-22513
2024-03-16 07:15:06
veracode
veracode
Missing Authorization Check
2024-03-22 11:44:24
zdt
zdt
djangorestframework-simplejwt 5.3.1 - Information Disclosure Exploit
2024-04-15 00:00:00
cvelist
cvelist
CVE-2024-22513
2024-03-16 00:00:00
ubuntucve
ubuntucve
CVE-2024-22513
2024-03-16 00:00:00
cve
cve
CVE-2024-22513
2024-03-16 07:15:06
exploitdb
exploitdb
djangorestframework-simplejwt 5.3.1 - Information Disclosure
2024-04-15 00:00:00