13 matches found
EUVD-2023-0063
Malicious code in bioql PyPI...
CVE-2023-33185
Django-SES is a drop-in mail backend for Django. The djangoses library implements a mail backend for Django using AWS Simple Email Service. The library exports the SESEventWebhookView class intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
CVE-2023-33185
Django-SES is a drop-in mail backend for Django. The djangoses library implements a mail backend for Django using AWS Simple Email Service. The library exports the SESEventWebhookView class intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
PYSEC-2023-82
Django-SES is a drop-in mail backend for Django. The djangoses library implements a mail backend for Django using AWS Simple Email Service. The library exports the SESEventWebhookView class intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
Code injection
Django-SES is a drop-in mail backend for Django. The djangoses library implements a mail backend for Django using AWS Simple Email Service. The library exports the SESEventWebhookView class intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
django-ses-sns-tracker (=1.1.5), speedpycom (=0.1.5) +1 more potentially affected by CVE-2023-33185 via django-ses (>=0.7.1 <=2.6.1)
django-ses PYPI version =0.7.1, =11.0.0, =14.4.0 Source cves: CVE-2023-33185 Source advisory: OSV:PYSEC-2023-82...
CVE-2023-33185 Incorrect signature verification in django-ses
Django-SES is a drop-in mail backend for Django. The djangoses library implements a mail backend for Django using AWS Simple Email Service. The library exports the SESEventWebhookView class intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
CVE-2023-33185
Django-SES (django_ses) exposes a SESEventWebhookView to verify AWS-signed requests for bounces/subscriptions. The vulnerability was due to a flawed signature verification that allowed specifying arbitrary public certificates. The issue affects django_ses up to version prior to 3.5.0 and was fixe...
CVE-2023-33185 Incorrect signature verification in django-ses
Django-SES is a drop-in mail backend for Django. The djangoses library implements a mail backend for Django using AWS Simple Email Service. The library exports the SESEventWebhookView class intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
Django-SES 数据伪造问题漏洞
Django-SES is the Django email backend for Amazon Simple Email Service. A security vulnerability exists in Django-SES versions prior to 3.5.0 that stems from allowing users to specify arbitrary public certificates...
GHSA-QG36-9JXH-FJ25 Incorrect signature verification in django-ses
The djangoses library implements a mail backend for Django using AWS Simple Email Service. The library exports the SESEventWebhookView class intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests are signed by AWS and are verified by djangoses,...
django-ses-sns-tracker (=1.1.5), speedpycom (=0.1.5) +1 more potentially affected by CVE-2023-33185 via django-ses (>=0.7.1 <=2.6.1)
django-ses PYPI version =0.7.1, =11.0.0, =14.4.0 Source cves: CVE-2023-33185 Source advisory: OSV:GHSA-QG36-9JXH-FJ25...
PT-2023-24202 · Unknown · Django-Ses
Name of the Vulnerable Software and Affected Versions: Django-SES versions prior to 3.5.0 Description: The django ses library, a mail backend for Django using AWS Simple Email Service, has a flaw in the verification of signed requests from AWS. The SESEventWebhookView class is intended to handle...