Homepage

django-smart-ratelimit@0.4.1 vulnerabilities

A flexible and efficient rate limiting library for Django applications

  • latest version

    0.8.11

  • latest non vulnerable version

    0.8.11

  • first published

    4 months ago

  • latest version published

    16 days ago

  • licenses detected

  • View django-smart-ratelimit package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the django-smart-ratelimit package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Improper Control of Interaction Frequency

    django-smart-ratelimit is an A flexible and efficient rate limiting library for Django applications

    Affected versions of this package are vulnerable to Improper Control of Interaction Frequency due to reliance on hard-coded static and media in the RateLimitMiddleware and the rate_limit decorator. An attacker can send requests evading the enforcement of rate-limiting logic when customized prefixes are used for Django’s STATIC_URL and MEDIA_URL settings.

    How to fix Improper Control of Interaction Frequency?

    Upgrade django-smart-ratelimit to version 0.8.4 or higher.

    [,0.8.4)
    Go back to all versions of this package