Django-anymail Project Django-anymail — known CVE vulnerabilities
Every CVE whose affected-product data names Django-anymail Project Django-anymail, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2018-6596 — CVSS 9.1 (critical): webhooks/base.py in Anymail (aka django-anymail) before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOK_AUTHORIZATION…
CVE-2018-1000089 — CVSS 7.4 (high): Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOK_AUTHORIZATION setting value…