django-nopassword before 5.0.0 stores cleartext secrets in the database.
References
Link | Resource |
---|---|
https://github.com/relekang/django-nopassword/blob/8e8cfc765ee00adfed120c2c79bf71ef856e9022/nopassword/models.py#L14 | Third Party Advisory |
https://github.com/relekang/django-nopassword/commit/d8b4615f5fbfe3997d96cf4cb3e342406396193c | Patch Third Party Advisory |
https://github.com/relekang/django-nopassword/compare/v4.0.1...v5.0.0 | Third Party Advisory |
https://github.com/relekang/django-nopassword/blob/8e8cfc765ee00adfed120c2c79bf71ef856e9022/nopassword/models.py#L14 | Third Party Advisory |
https://github.com/relekang/django-nopassword/commit/d8b4615f5fbfe3997d96cf4cb3e342406396193c | Patch Third Party Advisory |
https://github.com/relekang/django-nopassword/compare/v4.0.1...v5.0.0 | Third Party Advisory |
Configurations
History
21 Nov 2024, 04:19
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/relekang/django-nopassword/blob/8e8cfc765ee00adfed120c2c79bf71ef856e9022/nopassword/models.py#L14 - Third Party Advisory | |
References | () https://github.com/relekang/django-nopassword/commit/d8b4615f5fbfe3997d96cf4cb3e342406396193c - Patch, Third Party Advisory | |
References | () https://github.com/relekang/django-nopassword/compare/v4.0.1...v5.0.0 - Third Party Advisory |
Information
Published : 2020-03-18 15:15
Updated : 2024-11-21 04:19
NVD link : CVE-2019-10682
Mitre link : CVE-2019-10682
CVE.ORG link : CVE-2019-10682
JSON object : View
Products Affected
django-nopassword_project
- django-nopassword
CWE
CWE-312
Cleartext Storage of Sensitive Information