Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python requests vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-4409
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board prior to 1.7.15 when parsing JSON requests.
Reviewboard Review Board
Reviewboard Djblets 0.7.21
Fedoraproject Fedora 18
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Redhat Enterprise Linux 6.0
NA
CVE_2023_29489
XSS_1312 Mass Scaning vulnerability in Cpanel [XSS] KALI LINUX sudo pip install BeautifulSoup sudo pip install shodan sudo pip install pystyle git clone https://github.com/tucommenceapousser/XSS_1312.git cd XSS_1312 python cve_2023_29489.py TERMUX pkg install BeautifulSoup pkg in...
1 Github repository
5
CVSSv2
CVE-2016-10561
Bitty is a development web server tool that functions similar to `python -m SimpleHTTPServer`. Version 0.2.10 has a directory traversal vulnerability that is exploitable via the URL path in GET requests.
Bitty Project Bitty 0.2.10
5
CVSSv2
CVE-2013-1665
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote malicious users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, ...
Openstack Folsom -
Openstack Keystone Essex -
NA
CVE-2023-46136
Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal bytearray and lookup for boundary is perform...
Palletsprojects Werkzeug 3.0.0
Palletsprojects Werkzeug
1 Github repository
NA
CVE-2023-26051
Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staf...
Saleor Saleor
4.9
CVSSv2
CVE-2021-21392
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when tra...
Matrix Synapse
Fedoraproject Fedora 34
NA
CVE-2023-26052
Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in ...
Saleor Saleor
4
CVSSv2
CVE-2020-15720
In Dogtag PKI up to and including 10.8.3, the pki.client.PKIConnection class did not enable python-requests certificate validation. Since the verify parameter was hard-coded in all request functions, it was not possible to override the setting. As a result, tools making use of th...
Dogtagpki Dogtagpki
4.3
CVSSv2
CVE-2021-21274
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large fi...
Matrix Synapse
Fedoraproject Fedora 34
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »