django-rest-registration@0.3.9 vulnerabilities

User registration REST API, based on django-rest-framework

Direct Vulnerabilities

Known vulnerabilities in the django-rest-registration package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • C
Improper Verification

Affected versions of this package are vulnerable to Improper Verification. verification.py relies on a static string for signatures (i.e., the Django Signing API is misused), which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to calling a security-critical function with an incorrect argument.

How to fix Improper Verification?

Upgrade django-rest-registration to version 0.5.0 or higher.

[,0.5.0)