← Back

Django Mfa2

django-mfa2

Vendor: Django Mfa2 Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-42731
1Django Mfa2 Project
1Django Mfa2
May 20, 2025
Oct 11, 2022
N/A· v4
7.5 HIGH· v3
N/A· v2
mfa/FIDO2.py in django-mfa2 before 2.5.1 and 2.6.x before 2.6.1 allows a replay attack that could be used to register another device for a user. The device registration challenge is not invalidated after usage.