CVE-2020-17495

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-17495

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-17495.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-17495

Aliases

Downstream

DEBIAN-CVE-2020-17495

UBUNTU-CVE-2020-17495

Published

2020-08-11T21:15:10Z

Modified

2025-10-15T12:06:09.725567Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

django-celery-results through 1.2.1 stores task results in the database. Among the data it stores are the variables passed into the tasks. The variables may contain sensitive cleartext information that does not belong unencrypted in the database.

References

https://github.com/celery/django-celery-results/issues/142

Affected packages

Git / github.com/celery/django-celery-results

Affected ranges

Type: GIT
Repo: https://github.com/celery/django-celery-results
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

890a9632bb548248ff4d3d3ace47e2f31dc3e1c7

Affected versions

1.*

1.1.0

1.1.1

1.1.2

1.2.0

1.2.1

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4