EUVD-2021-0080

Malware in sbrugna...

CVE-2025-49126

Visionatrix is an AI Media processing tool using ComfyUI. In versions 1.5.0 to before 2.5.1, the /docs/flows endpoint is vulnerable to a Reflected XSS Cross-Site Scripting attack allowing full takeover of the application and exfiltration of secrets stored in the application. The implementation us...

CVE-2025-0182

A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory exhaustion. The issue arises from the use of a vulnerable version of the starlette package =0.49 via fastapi, which was patched in fastapi version 0.115.3. The vulnerability can be exploited by sending...

CVE-2025-0182 Denial of Service in danswer-ai/danswer

A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory exhaustion. The issue arises from the use of a vulnerable version of the starlette package =0.49 via fastapi, which was patched in fastapi version 0.115.3. The vulnerability can be exploited by sending...

PYSEC-2021-100

FastAPI is a web framework for building APIs with Python 3.6+ based on standard Python type hints. FastAPI versions lower than 0.65.2 that used cookies for authentication in path operations that received JSON payloads sent by browsers were vulnerable to a Cross-Site Request Forgery CSRF attack. I...

PT-2021-4289 · Fastapi +1 · Fastapi +1

Name of the Vulnerable Software and Affected Versions: FastAPI versions prior to 0.65.2 Description: The issue is related to a Cross-Site Request Forgery CSRF attack in FastAPI, a web framework for building APIs with Python. In versions lower than 0.65.2, FastAPI would try to read the request...