EUVD-2021-0080

Malware in sbrugna...

CVE-2025-49126

Visionatrix is an AI Media processing tool using ComfyUI. In versions 1.5.0 to before 2.5.1, the /docs/flows endpoint is vulnerable to a Reflected XSS Cross-Site Scripting attack allowing full takeover of the application and exfiltration of secrets stored in the application. The implementation us...

CVE-2025-0182

A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory exhaustion. The issue arises from the use of a vulnerable version of the starlette package =0.49 via fastapi, which was patched in fastapi version 0.115.3. The vulnerability can be exploited by sending...

CVE-2025-0182 Denial of Service in danswer-ai/danswer

A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory exhaustion. The issue arises from the use of a vulnerable version of the starlette package =0.49 via fastapi, which was patched in fastapi version 0.115.3. The vulnerability can be exploited by sending...

abuse-whois (>=0.7.0 <=0.7.2), ad-sdl-wei (>=0.5.1 <=0.5.4) +680 more potentially affected by CVE-2024-24762 via fastapi (>=0.100.0 <=0.109.0)

fastapi PYPI version =0.100.0, =0.7.0, =0.5.1, =1.11.0, =0.0.1, =1.0.0, =0.1.0, =0.10.2, =0.2.0, =0.1.0, =0.1.0, =0.0.2, =0.0.3 and more Source cves: CVE-2024-24762 Source advisory: OSV:PYSEC-2024-38...

PYSEC-2021-100

FastAPI is a web framework for building APIs with Python 3.6+ based on standard Python type hints. FastAPI versions lower than 0.65.2 that used cookies for authentication in path operations that received JSON payloads sent by browsers were vulnerable to a Cross-Site Request Forgery CSRF attack. I...

PT-2021-4289 · Fastapi +1 · Fastapi +1

Name of the Vulnerable Software and Affected Versions: FastAPI versions prior to 0.65.2 Description: The issue is related to a Cross-Site Request Forgery CSRF attack in FastAPI, a web framework for building APIs with Python. In versions lower than 0.65.2, FastAPI would try to read the request...