Lucene search
K

4 matches found

Veracode
Veracode
added 2019/07/03 5:12 a.m.19 views

Verification Process Spoofing

django-rest-registration is vulnerable to verification process spoofing. The misuse of django signing API and just relying on static string for signatures leads to easily guessable signatures used for email verification...

9.8CVSS9.2AI score0.01621EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2019/07/02 10:15 p.m.6 views

PYSEC-2019-20

verification.py in django-rest-registration aka Django REST Registration library before 0.5.0 relies on a static string for signatures i.e., the Django Signing API is misused, which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to...

9.8CVSS7.2AI score0.01621EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2019/07/02 10:15 p.m.35 views

PYSEC-2019-20

verification.py in django-rest-registration aka Django REST Registration library before 0.5.0 relies on a static string for signatures i.e., the Django Signing API is misused, which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to...

9.8CVSS5.9AI score0.01621EPSS
Exploits1References2
Prion
Prion
added 2019/07/02 10:15 p.m.15 views

Design/Logic Flaw

verification.py in django-rest-registration aka Django REST Registration library before 0.5.0 relies on a static string for signatures i.e., the Django Signing API is misused, which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to...

7.5CVSS9.3AI score0.01621EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder