Lucene search
+L

6 matches found

vulnersOsv
vulnersOsv
added 2021/03/19 9:29 p.m.6 views

feature-toggle-manager (>=0.0.1 <=0.0.2), hazard-feed (>=0.2.0 <=0.2.5) potentially affected by CVE-2020-35681 via channels (>=3.0.0 <=3.0.2)

channels PYPI version =3.0.0, =0.0.1, =0.2.0, =0.2.5 Source cves: CVE-2020-35681 Source advisory: OSV:GHSA-V542-8Q9X-CFFC...

7.4CVSS7.1AI score0.02658EPSS
Exploits1
NVD
NVD
added 2021/02/22 3:15 a.m.36 views

CVE-2020-35681

Django Channels 3.x before 3.0.3 allows remote attackers to obtain sensitive information from a different request scope. The legacy channels.http.AsgiHandler class, used for handling HTTP type requests in an ASGI environment prior to Django 3.0, did not correctly separate request scopes in Channe...

7.4CVSS0.02658EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2021/02/22 3:15 a.m.21 views

CVE-2020-35681

Django Channels 3.x before 3.0.3 allows remote attackers to obtain sensitive information from a different request scope. The legacy channels.http.AsgiHandler class, used for handling HTTP type requests in an ASGI environment prior to Django 3.0, did not correctly separate request scopes in Channe...

7.4CVSS7.1AI score0.02658EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2021/02/22 3:15 a.m.15 views

feature-toggle-manager (>=0.0.1 <=0.0.2), hazard-feed (>=0.2.0 <=0.2.5) potentially affected by CVE-2020-35681 via channels (>=3.0.0 <=3.0.2)

channels PYPI version =3.0.0, =0.0.1, =0.2.0, =0.2.5 Source cves: CVE-2020-35681 Source advisory: OSV:PYSEC-2021-113...

7.4CVSS7.1AI score0.02658EPSS
Exploits1
Debian CVE
Debian CVE
added 2021/02/22 2:3 a.m.63 views

CVE-2020-35681

Django Channels 3.x before 3.0.3 allows remote attackers to obtain sensitive information from a different request scope. The legacy channels.http.AsgiHandler class, used for handling HTTP type requests in an ASGI environment prior to Django 3.0, did not correctly separate request scopes in Channe...

7.4CVSS7.2AI score0.02658EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2020/12/30 1:59 p.m.22 views

CVE-2020-35681

Django Channels 3.x before 3.0.3 allows remote attackers to obtain sensitive information from a different request scope. The legacy channels.http.AsgiHandler class, used for handling HTTP type requests in an ASGI environment prior to Django 3.0, did not correctly separate request scopes in Channe...

7.4CVSS1.2AI score0.02658EPSS
Exploits1References3
Rows per page
Query Builder