Lucene search
K

12 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2025/11/09 12:0 a.m.3 views

Security update for python-djangorestframework-simplejwt (moderate)

openSUSE Security Update: Security update for python-djangorestframework-simplejwt Announcement ID: openSUSE-SU-2025:0425-1 Rating: moderate References: 1221568 Cross-References: CVE-2024-22513 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now availabl...

5.5CVSS6.6AI score0.00804EPSS
Exploits4References1
Packet Storm
Packet Storm
added 2024/04/15 12:0 a.m.504 views

Django REST Framework SimpleJWT 5.3.1 Information Disclosure

Exploit Title: djangorestframework-simplejwt 5.3.1 - Information Disclosure Date: 26/01/2024 Exploit Author: Dhrumil Mistry dmdhrumilmistry Vendor Homepage: https://github.com/jazzband/djangorestframework-simplejwt/ Software...

7.4AI score0.00804EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2024/03/16 6:23 p.m.34 views

CVE-2024-22513

A flaw was found in djangorestframework-simplejwt. Affected versions of this package are vulnerable to information disclosure. This flaw allows a user to access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS6AI score0.00804EPSS
Exploits4References3
vulnersOsv
vulnersOsv
added 2024/03/16 9:30 a.m.3 views

alcali (>=2018.3.1 <=3006.3.0), arccanet (>=0.0.1 <=0.0.7) +69 more potentially affected by CVE-2024-22513 via djangorestframework-simplejwt (>=4.3.0 <=5.5.0)

djangorestframework-simplejwt PYPI version =4.3.0, =2018.3.1, =0.0.1, =0.0.6, =0.0.8, =1.0.0, =0.0.3, =1.0.0, =0.1.7, =0.4.0, =0.0.1, =1.0.1, =1.0.0, =1.0.0, =0.2.1, =1.0.0, =1.3.8 and more Source cves: CVE-2024-22513 Source advisory: OSV:GHSA-5VCC-86WM-547Q...

5.5CVSS6AI score0.00804EPSS
Exploits4
Github Security Blog
Github Security Blog
added 2024/03/16 9:30 a.m.126 views

Improper Privilege Management in djangorestframework-simplejwt

djangorestframework-simplejwt before version 5.5.1 is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS5.2AI score0.00804EPSS
Exploits4References11Affected Software1
OSV
OSV
added 2024/03/16 7:15 a.m.8 views

CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS5.2AI score0.00804EPSS
Exploits4References1
OSV
OSV
added 2024/03/16 7:15 a.m.3 views

UBUNTU-CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS6AI score0.00804EPSS
Exploits4References3
CVE
CVE
added 2024/03/16 12:0 a.m.93 views

CVE-2024-22513

The CVE-2024-22513 vulnerability affects djangorestframework-simplejwt up to and including 5.3.1, where information disclosure can occur because the for_user validation path is missing for inactive users. Multiple connected advisories confirm the issue and link it to inactive-user access of resou...

5.5CVSS6AI score0.00804EPSS
Exploits4References1
Cvelist
Cvelist
added 2024/03/16 12:0 a.m.25 views

CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

6.2AI score0.00804EPSS
Exploits4References1
Vulnrichment
Vulnrichment
added 2024/03/16 12:0 a.m.21 views

CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

6.7AI score0.00804EPSS
Exploits4References1
Debian CVE
Debian CVE
added 2024/03/16 12:0 a.m.20 views

CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS5.2AI score0.00804EPSS
Exploits4
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.7 views

PT-2024-3946

Name of the Vulnerable Software and Affected Versions djangorestframework-simplejwt versions 5.3.1 and before Description The issue is related to information disclosure due to missing user validation checks via the for user method. This allows a user to access web application resources even after...

5.5CVSS6AI score0.00804EPSS
Exploits4References29
Rows per page
Query Builder