Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
django-anymail project django-anymail vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-1000089
Anymail django-anymail version version 0.2 up to and including 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOK_AUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable...
Django-anymail Project Django-anymail
570
VMScore
CVE-2018-6596
webhooks/base.py in Anymail (aka django-anymail) prior to 1.2.1 is prone to a timing attack vulnerability on the WEBHOOK_AUTHORIZATION secret, which allows remote malicious users to post arbitrary e-mail tracking events.
Django-anymail Project Django-anymail
Debian Debian Linux 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started