CVE-2022-1499 Inappropriate implementation in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy.
CVE-2017-5244 In the WebAuthn authenticator, the handling of unverified requests during the initial interaction flow has been improved. This issue is known as ' Interaction
CVE-2022-1636 An attacker in Google Chrome before 101.0.4951.64 could exploit heap corruption after an AF in Performance APIs.
CVE-2018-6042 — A remote attacker could leverage mishandling of resources in a HTML page to execute arbitrary code by leveraging use of the WebRender API. This
CVE-2022-36412 Before 11023, V3 API requests are vulnerable to authentication bypass.
To be authenticated, a user needs to go through the process of adding a new credential to his/her user profile, which means the user
CVE-2022-1314 Confusion in V8 allowed a remote attacker to exploit heap corruption.
CVE-2018-5407 In certain circumstances, Google Chrome incorrectly applied a type attribute to an input element when parsing HTML. This could result in a cross-site scripting
CVE-2018-25045 REST framework before 3.9.1 allows XSS because the default Browsable API view templates disable autoescaping.
This issue has been fixed in django-rest-framework 3.9.2 and later. We recommend updating your project to django-rest-framework 3.9.2 or later as
Episode
00:00:00
00:00:00