django-celery-results through 1.2.1 stores task results in the database. Among the data it stores are the variables passed into the tasks. The variables may contain sensitive cleartext information that does not belong unencrypted in the database.
References
Link | Resource |
---|---|
https://github.com/celery/django-celery-results/issues/142 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2020-08-11 21:15
Updated : 2024-02-28 17:47
NVD link : CVE-2020-17495
Mitre link : CVE-2020-17495
CVE.ORG link : CVE-2020-17495
JSON object : View
Products Affected
django-celery-results_project
- django-celery-results
CWE
CWE-312
Cleartext Storage of Sensitive Information