Vulnerability Details CVE-2020-17495
django-celery-results through 1.2.1 stores task results in the database. Among the data it stores are the variables passed into the tasks. The variables may contain sensitive cleartext information that does not belong unencrypted in the database.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2020-17495
-
cpe:2.3:a:django-celery-results_project:django-celery-results:1.0.0
-
cpe:2.3:a:django-celery-results_project:django-celery-results:1.0.1
-
cpe:2.3:a:django-celery-results_project:django-celery-results:1.0.2
-
cpe:2.3:a:django-celery-results_project:django-celery-results:1.0.3
-
cpe:2.3:a:django-celery-results_project:django-celery-results:1.0.4
-
cpe:2.3:a:django-celery-results_project:django-celery-results:1.1.0
-
cpe:2.3:a:django-celery-results_project:django-celery-results:1.1.1
-
cpe:2.3:a:django-celery-results_project:django-celery-results:1.1.2
-
cpe:2.3:a:django-celery-results_project:django-celery-results:1.2.0
-
cpe:2.3:a:django-celery-results_project:django-celery-results:1.2.1