Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-bottle (UTSA-2026-017473)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017473 advisory. The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query...

Astra Linux – Vulnerability in python-bottle

Packages from versions 0 and before 0.12.19 are vulnerable to Web Cache Poisoning, due to a mechanism called “parameter cloaking”. When attackers can separate query parameters using a semicolon ;, they can create a discrepancy in the interpretation of requests between the proxy running with defau...

LlamaIndex SQL注入漏洞

LlamaIndex is a data framework for LLM applications from LlamaIndex open source. A SQL injection vulnerability exists in LlamaIndex version v0.12.19, which stems from improper manipulation of the refdocid parameter leading to SQL injection, which could lead to remote code execution...

GHSA-QHX9-7HX7-CP4R bottle HTTP Request smuggling

The package bottle before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the proxy running with default...

CVE-2020-28473

The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the proxy running with...