Lucene search
+L

12 matches found

opensuse
opensuse
added 2025/11/09 12:0 a.m.3 views

Security update for python-djangorestframework-simplejwt (moderate)

openSUSE Security Update: Security update for python-djangorestframework-simplejwt Announcement ID: openSUSE-SU-2025:0425-1 Rating: moderate References: 1221568 Cross-References: CVE-2024-22513 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now availabl...

5.5CVSS6.6AI score0.00804EPSS
Exploits4References1
packetstorm
packetstorm
added 2024/04/15 12:0 a.m.508 views

Django REST Framework SimpleJWT 5.3.1 Information Disclosure

Exploit Title: djangorestframework-simplejwt 5.3.1 - Information Disclosure Date: 26/01/2024 Exploit Author: Dhrumil Mistry dmdhrumilmistry Vendor Homepage: https://github.com/jazzband/djangorestframework-simplejwt/ Software...

7.4AI score0.00804EPSS
Exploits4
redhatcve
redhatcve
added 2024/03/16 6:23 p.m.35 views

CVE-2024-22513

A flaw was found in djangorestframework-simplejwt. Affected versions of this package are vulnerable to information disclosure. This flaw allows a user to access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS6AI score0.00804EPSS
Exploits4References3
vulnersosv
vulnersosv
added 2024/03/16 9:30 a.m.4 views

alcali (>=2018.3.1 <=3006.3.0), arccanet (>=0.0.1 <=0.0.7) +69 more potentially affected by CVE-2024-22513 via djangorestframework-simplejwt (>=4.3.0 <=5.5.0)

djangorestframework-simplejwt PYPI version =4.3.0, =2018.3.1, =0.0.1, =0.0.6, =0.0.8, =1.0.0, =0.0.3, =1.0.0, =0.1.7, =0.4.0, =0.0.1, =1.0.1, =1.0.0, =1.0.0, =0.2.1, =1.0.0, =1.3.8 and more Source cves: CVE-2024-22513 Source advisory: OSV:GHSA-5VCC-86WM-547Q...

5.5CVSS6AI score0.00804EPSS
Exploits4
github
github
added 2024/03/16 9:30 a.m.127 views

Improper Privilege Management in djangorestframework-simplejwt

djangorestframework-simplejwt before version 5.5.1 is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS5.2AI score0.00804EPSS
Exploits4References11Affected Software1
osv
osv
added 2024/03/16 7:15 a.m.9 views

CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS5.2AI score0.00804EPSS
Exploits4References1
osv
osv
added 2024/03/16 7:15 a.m.5 views

UBUNTU-CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS6AI score0.00804EPSS
Exploits4References3
debiancve
debiancve
added 2024/03/16 12:0 a.m.20 views

CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

5.5CVSS5.2AI score0.00804EPSS
Exploits4
vulnrichment
vulnrichment
added 2024/03/16 12:0 a.m.22 views

CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

6.7AI score0.00804EPSS
Exploits4References1
cvelist
cvelist
added 2024/03/16 12:0 a.m.29 views

CVE-2024-22513

djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...

6.2AI score0.00804EPSS
Exploits4References1
cve
cve
added 2024/03/16 12:0 a.m.95 views

CVE-2024-22513

The CVE-2024-22513 vulnerability affects djangorestframework-simplejwt up to and including 5.3.1, where information disclosure can occur because the for_user validation path is missing for inactive users. Multiple connected advisories confirm the issue and link it to inactive-user access of resou...

5.5CVSS6AI score0.00804EPSS
Exploits4References1
ptsecurity
ptsecurity
added 2024/03/15 12:0 a.m.7 views

PT-2024-3946

Name of the Vulnerable Software and Affected Versions djangorestframework-simplejwt versions 5.3.1 and before Description The issue is related to information disclosure due to missing user validation checks via the for user method. This allows a user to access web application resources even after...

5.5CVSS6AI score0.00804EPSS
Exploits4References29
Rows per page
Query Builder