Lucene search
Ubuntu.comUB:CVE-2024-22513HistoryMar 16, 2024 - 12:00 a.m.
CVE-2024-22513
2024-03-1600:00:00
ubuntu.com
ubuntu.com
5
information disclosure
web application
resources
account disabled
user validation checks
unix
djangorestframework-simplejwt version 5.3.1 and before is vulnerable to
information disclosure. A user can access web application resources even
after their account has been disabled due to missing user validation checks
via the for_user method.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 22.04 | noarch | python-djangorestframework-simplejwt | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | python-djangorestframework-simplejwt | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | python-djangorestframework-simplejwt | < any | UNKNOWN |
Related
debiancve
debiancve
CVE-2024-22513
2024-03-16 07:15:06
redhatcve
redhatcve
CVE-2024-22513
2024-03-16 18:23:29
osv
osv
Improper Privilege Management in djangorestframework-simplejwt
2024-03-16 09:30:35
github
github
Improper Privilege Management in djangorestframework-simplejwt
2024-03-16 09:30:35
packetstorm
packetstorm
Django REST Framework SimpleJWT 5.3.1 Information Disclosure
2024-04-15 00:00:00
nvd
nvd
CVE-2024-22513
2024-03-16 07:15:06
veracode
veracode
Missing Authorization Check
2024-03-22 11:44:24
zdt
zdt
djangorestframework-simplejwt 5.3.1 - Information Disclosure Exploit
2024-04-15 00:00:00
cvelist
cvelist
CVE-2024-22513
2024-03-16 00:00:00
cve
cve
CVE-2024-22513
2024-03-16 07:15:06
exploitdb
exploitdb
djangorestframework-simplejwt 5.3.1 - Information Disclosure
2024-04-15 00:00:00