PyPI package
ihatemoney
pkg:pypi/ihatemoney
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-15120 | — | < 4.1.5 | 4.1.5 | Jul 27, 2020 | In "I hate money" before version 4.1.5, an authenticated member of one project can modify and delete members of another project, without knowledge of this other project's private code. This can be further exploited to access all bills of another project without knowledge of this |
- CVE-2020-15120Jul 27, 2020affected < 4.1.5fixed 4.1.5
In "I hate money" before version 4.1.5, an authenticated member of one project can modify and delete members of another project, without knowledge of this other project's private code. This can be further exploited to access all bills of another project without knowledge of this