47 matches found
EUVD-2018-0034
Malware in sbrugna...
EUVD-2016-7711
Malware in sbrugna...
EUVD-2018-0033
Malware in sbrugna...
GHSA-QH9X-MC42-VG4G django-anymail Includes Sensitive Information in Log Files
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...
django-anymail Includes Sensitive Information in Log Files
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...
anymail-history (=0.1.8), bmds-ui (>=24.1.0 <=25.1.0) +30 more potentially affected by CVE-2018-1000089 via django-anymail (>=0.9.0 <=15.0.0)
django-anymail PYPI version =0.9.0, =24.1.0, =0.4.10, =0.1.3, =1.0.5, =0.1.0, =0.5.34, =0.1.0a1, =0.0.1, =1.2.0, =2.1.0, =1.0.0, =2026.3.27, =2026.3.28 and more Source cves: CVE-2018-1000089 Source advisory: OSV:GHSA-QH9X-MC42-VG4G...
anymail-history (=0.1.8), bmds-ui (>=24.1.0 <=25.1.0) +30 more potentially affected by CVE-2018-6596 via django-anymail (>=0.9.0 <=15.0.0)
django-anymail PYPI version =0.9.0, =24.1.0, =0.4.10, =0.1.3, =1.0.5, =0.1.0, =0.5.34, =0.1.0a1, =0.0.1, =1.2.0, =2.1.0, =1.0.0, =2026.3.27, =2026.3.28 and more Source cves: CVE-2018-6596 Source advisory: OSV:GHSA-HXF9-7H4C-F5JV...
Django-Anymail prone to a timing attack
webhooks/base.py in Anymail aka django-anymail before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOKAUTHORIZATION secret, which allows remote attackers to post arbitrary e-mail tracking events...
GHSA-HXF9-7H4C-F5JV Django-Anymail prone to a timing attack
webhooks/base.py in Anymail aka django-anymail before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOKAUTHORIZATION secret, which allows remote attackers to post arbitrary e-mail tracking events...
Anymail django-anymail Information Disclosure Vulnerability
Anymail django-anymail is a set of multiple transactional e-mail service provider integrated into Django open source e-mail system . A security vulnerability exists in the WEBHOOKAUTHORIZATION setting value in Anymail django-anymail versions 0.2 through 1.3. An attacker can exploit this...
Information Disclosure
django-anymail is vulnerable to information disclosure. When an error occurs, the value of the WEBHOOKAUTHORIZATION setting is printed in the Django error reports. This may allow anyone with access to the logs to discover the webhook shared secret and send inbound/tracking events to your...
CVE-2018-1000089
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...
CVE-2018-1000089
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...
PYSEC-2018-46
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...
Design/Logic Flaw
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...
anymail-history (=0.1.8), bmds-ui (>=24.1.0 <=25.1.0) +30 more potentially affected by CVE-2018-1000089 via django-anymail (>=0.9.0 <=15.0.0)
django-anymail PYPI version =0.9.0, =24.1.0, =0.4.10, =0.1.3, =1.0.5, =0.1.0, =0.5.34, =0.1.0a1, =0.0.1, =1.2.0, =2.1.0, =1.0.0, =2026.3.27, =2026.3.28 and more Source cves: CVE-2018-1000089 Source advisory: OSV:PYSEC-2018-46...
CVE-2018-1000089
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...
PYSEC-2018-46
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...
UBUNTU-CVE-2018-1000089
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...
CVE-2018-1000089
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOKAUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your...