Lucene search
K

5 matches found

OSV
OSV
added 2020/07/27 12:15 p.m.7 views

CVE-2020-7694

This affects all versions of package uvicorn. The request logger provided by the package is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour of uvicorn is to log its details to either the console or a log file. When attackers request craft...

7.5CVSS7.7AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2020/07/27 12:15 p.m.4 views

aiida-graphql (>=0.0.1 <=0.0.2), annhub-python (>=0.1.5 <=0.1.6) +31 more potentially affected by CVE-2020-7694 via uvicorn (>=0.10.0 <=0.11.5)

uvicorn PYPI version =0.10.0, =0.0.1, =0.1.5, =1.0.0, =22.70.0, =0.31.0, =0.0.14, =0.8.0, =2.0.0, =1.0.0a1, =0.0.2, =0.0.1a0, =0.0.1a1 and more Source cves: CVE-2020-7694 Source advisory: OSV:PYSEC-2020-150...

7.5CVSS7.1AI score0.01345EPSS
Exploits1
Cvelist
Cvelist
added 2020/07/27 11:25 a.m.20 views

CVE-2020-7694 Log Injection

This affects all versions of package uvicorn. The request logger provided by the package is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour of uvicorn is to log its details to either the console or a log file. When attackers request craft...

3.7CVSS7.7AI score0.01345EPSS
Exploits1References2
CVE
CVE
added 2020/07/27 11:25 a.m.94 views

CVE-2020-7694

This CVE affects all versions of uvicorn. The request logger is vulnerable to ASNI escape sequence injection: when handling HTTP requests, the logger logs the URL after urllib.parse.unquote processes percent-encoded characters, enabling special-meaning ANSI codes to affect terminal emulators disp...

7.5CVSS5.8AI score0.01345EPSS
Exploits1References2Affected Software1
vulnersOsv
vulnersOsv
added 2020/07/10 9:29 a.m.4 views

aiida-graphql (>=0.0.1 <=0.0.2), annhub-python (>=0.1.5 <=0.1.6) +31 more potentially affected by CVE-2020-7694 via uvicorn (>=0.10.0 <=0.11.5)

uvicorn PYPI version =0.10.0, =0.0.1, =0.1.5, =1.0.0, =22.70.0, =0.31.0, =0.0.14, =0.8.0, =2.0.0, =1.0.0a1, =0.0.2, =0.0.1a0, =0.0.1a1 and more Source cves: CVE-2020-7694 Source advisory: SNYK:PYTHON-UVICORN-575560...

7.5CVSS7.1AI score0.01345EPSS
Exploits1
Rows per page
Query Builder