Metrics
Affected Vendors & Products
Wed, 30 Oct 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-203 | |
Metrics |
ssvc
|
ssvc
|
Sat, 19 Oct 2024 01:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Djangoproject
Djangoproject django |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* cpe:2.3:a:djangoproject:django:5.1:*:*:*:*:*:*:* |
|
Vendors & Products |
Djangoproject
Djangoproject django |
|
Metrics |
cvssV3_1
|
cvssV3_1
|
Tue, 08 Oct 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 08 Oct 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A flaw was found in Python's Django package. This flaw allows an attacker to enumerate users' emails by issuing password reset requests. | An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers to enumerate user e-mail addresses by sending password reset requests and observing the outcome (only when e-mail sending is consistently failing). |
References |
|
Thu, 26 Sep 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | A flaw was found in Python's Django package. This flaw allows an attacker to enumerate users' emails by issuing password reset requests. |
Tue, 24 Sep 2024 23:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | |
Title | python-django: Potential user email enumeration via response status on password reset | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Status: PUBLISHED
Assigner: mitre
Published: 2024-10-08T00:00:00
Updated: 2024-10-30T16:37:12.474Z
Reserved: 2024-08-24T00:00:00
Link: CVE-2024-45231
Updated: 2024-10-08T20:06:24.588Z
Status : Modified
Published: 2024-10-08T16:15:11.997
Modified: 2024-10-30T17:35:10.147
Link: CVE-2024-45231