CVE-2025-64481 Open redirect endpoint in Datasette

Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ the trailing slash is required will redirect the user to...

PT-2022-25363 · Unknown · Flipper Zero

Name of the Vulnerable Software and Affected Versions: Flipper Zero versions prior to 0.65.2 Description: A buffer overflow in the nfc device load mifare ul data component allows attackers to cause a Denial of Service DoS via a crafted NFC file. Recommendations: For versions prior to 0.65.2, upda...

PYSEC-2021-100

FastAPI is a web framework for building APIs with Python 3.6+ based on standard Python type hints. FastAPI versions lower than 0.65.2 that used cookies for authentication in path operations that received JSON payloads sent by browsers were vulnerable to a Cross-Site Request Forgery CSRF attack. I...