57 matches found
CVE-2025-64481
Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ the trailing slash is required will redirect the user to...
PYSEC-2025-73
Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ the trailing slash is required will redirect the user to...
CVE-2025-64481
Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ the trailing slash is required will redirect the user to...
PYSEC-2025-73
Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ the trailing slash is required will redirect the user to...
CVE-2025-64481 Open redirect endpoint in Datasette
Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ the trailing slash is required will redirect the user to...
CVE-2025-64481 Open redirect endpoint in Datasette
Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ the trailing slash is required will redirect the user to...
EUVD-2025-38040
Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ the trailing slash is required will redirect the user to...
CVE-2025-64481
CVE-2025-64481 affects Datasette, an open-source data exploration/publishing tool. The vulnerability is an open redirect in deployed instances of Datasette versions 0.65.1 and earlier, and 1.0a0 through 1.0a19, triggered by requests to a path containing double slashes (for example, //example.com/...
CVE-2025-64481 Open redirect endpoint in Datasette
Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ the trailing slash is required will redirect the user to...
Datasette 输入验证错误漏洞
Datasette is an open source multi-purpose tool for exploring and distributing data in Simon Willison's personal development applications. An input validation error vulnerability exists in Datasette versions 0.65.1 and earlier and versions 1.0a0 through 1.0a19, which stems from improper path...
Open redirect endpoint in Datasette
Impact Deployed instances of Datasette prior to 0.65.2 and 1.0a21 include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ the trailing slash is required will redirect the user to https://example.com/foo/bar. Patches This problem has been patched in both Datasette 0.65.2 an...
aws-session-recorder (>=0.2.0 <=0.2.2), chasten (>=0.1.0 <=1.0.0) +10 more potentially affected by CVE-2025-64481 via datasette (>=0.37.1 <=0.64.8)
datasette PYPI version =0.37.1, =0.2.0, =0.1.0, =0.1.1a0, =2.0.0, =0.2.0, =0.1.0, =0.1.8 Source cves: CVE-2025-64481 Source advisory: SNYK:PYTHON-DATASETTE-13849308...
Open Redirect
Overview datasette is an An open source multi-tool for exploring and publishing data Affected versions of this package are vulnerable to Open Redirect via the handling of URLs containing double slashes followed by a domain and a trailing slash. An attacker can redirect users to arbitrary external...
GHSA-W832-GG5G-X44M Open redirect endpoint in Datasette
Impact Deployed instances of Datasette prior to 0.65.2 and 1.0a21 include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ the trailing slash is required will redirect the user to https://example.com/foo/bar. Patches This problem has been patched in both Datasette 0.65.2 an...
aws-session-recorder (>=0.2.0 <=0.2.2), chasten (>=0.1.0 <=1.0.0) +10 more potentially affected by CVE-2025-64481 via datasette (>=0.37.1 <=0.64.8)
datasette PYPI version =0.37.1, =0.2.0, =0.1.0, =0.1.1a0, =2.0.0, =0.2.0, =0.1.0, =0.1.8 Source cves: CVE-2025-64481 Source advisory: OSV:GHSA-W832-GG5G-X44M...
PT-2025-45441
Name of the Vulnerable Software and Affected Versions Datasette versions 0.65.1 and below Datasette versions 1.0a0 through 1.0a19 Description Datasette, an open source multi-tool for exploring and publishing data, contains an open redirect issue in deployed instances. Requests to paths like...
EUVD-2021-0051
Malware in sbrugna...
EUVD-2023-0061
Malicious code in bioql PyPI...
CVE-2021-32670
Datasette is an open source multi-tool for exploring and publishing data. The ?trace=1 debugging feature in Datasette does not correctly escape generated HTML, resulting in a reflected cross-site scripting vulnerability. This vulnerability is particularly relevant if your Datasette installation...
datasette-sqlite-vec (>=0.1.1 <=0.1.10a3), memorylayer-server (>=0.0.3 <=0.0.5) +2 more potentially affected by CVE-2024-46488 via sqlite-vec (>=0.1.1 <=0.1.2a9)
sqlite-vec PYPI version =0.1.1, =0.1.1, =0.0.3, =0.1.1, =0.1.10a3 - zf-memician =0.1.3 Source cves: CVE-2024-46488 Source advisory: OSV:GHSA-VRCX-GX3G-J3H8...