Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2018/02/08 12:0 a.m.17 views

Debian DSA-4107-1 : django-anymail - security update

It was discovered that the webhook validation of Anymail, a Django email backends for multiple ESPs, is prone to a timing attack. A remote attacker can take advantage of this flaw to obtain a WEBHOOKAUTHORIZATION secret and post arbitrary email tracking events. C Tenable Network Security, Inc. Th...

9.1CVSS8.4AI score0.02659EPSS
Exploits0References5
Debian
Debian
added 2018/02/07 9:59 p.m.29 views

[SECURITY] [DSA 4107-1] django-anymail security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4107-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 07, 2018 https://www.debian.org/security/faq -...

6.4CVSS1.8AI score0.02659EPSS
Exploits0
Debian
Debian
added 2018/02/07 9:59 p.m.19 views

[SECURITY] [DSA 4107-1] django-anymail security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4107-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 07, 2018 https://www.debian.org/security/faq -...

9.1CVSS9.2AI score0.02659EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/02/03 9:29 p.m.5 views

anymail-history (=0.1.8), bmds-ui (>=24.1.0 <=25.1.0) +31 more potentially affected by CVE-2018-6596 via django-anymail (>=0.9.0 <=15.0.0)

django-anymail PYPI version =0.9.0, =24.1.0, =0.4.10, =2.18.0, =0.1.3, =1.0.5, =0.1.0, =0.5.34, =0.1.0a1, =0.0.1, =1.2.0, =2.1.0, =1.0.0, =1.4.3 and more Source cves: CVE-2018-6596 Source advisory: OSV:PYSEC-2018-7...

9.1CVSS7.2AI score0.02659EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2018/02/03 9:29 p.m.28 views

CVE-2018-6596

webhooks/base.py in Anymail aka django-anymail before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOKAUTHORIZATION secret, which allows remote attackers to post arbitrary e-mail tracking events...

9.1CVSS7.3AI score0.02659EPSS
Exploits0References8
OSV
OSV
added 2018/02/03 9:29 p.m.1 views

DEBIAN-CVE-2018-6596

webhooks/base.py in Anymail aka django-anymail before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOKAUTHORIZATION secret, which allows remote attackers to post arbitrary e-mail tracking events...

9.1CVSS8.9AI score0.02659EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/02/03 9:0 p.m.15 views

CVE-2018-6596

webhooks/base.py in Anymail aka django-anymail before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOKAUTHORIZATION secret, which allows remote attackers to post arbitrary e-mail tracking events...

9.1AI score0.02659EPSS
Exploits0References6
CVE
CVE
added 2018/02/03 9:0 p.m.100 views

CVE-2018-6596

CVE-2018-6596 affects Anymail (django-anymail) webhooks/base.py, where a timing attack on the WEBHOOK_AUTHORIZATION secret can let remote attackers post arbitrary email tracking events. Affected versions are before 1.2.1. Remediation as per sources: upgrade to Django-Anymail 1.2.1 or later; Debia...

9.1CVSS8.9AI score0.02659EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2018/02/03 9:0 p.m.18 views

CVE-2018-6596

webhooks/base.py in Anymail aka django-anymail before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOKAUTHORIZATION secret, which allows remote attackers to post arbitrary e-mail tracking events...

9.1CVSS9.2AI score0.02659EPSS
Exploits0
Rows per page
Query Builder