Lucene search
K
PypaMost viewed

5612 matches found

PyPA
PyPA
added yesterday2 views

Fickling has a bypass via runpy.run_path() and runpy.run_module()

Fickling's assessmentrunpy was added to the list of unsafe imports https://github.com/trailofbits/fickling/commit/9a2b3f89bd0598b528d62c10a64c1986fcb09f66. Original report SummaryFickling versions up to and including 0.1.6 do not treat Python’s runpy module as unsafe. Because of this, a malicious...

9.3CVSS6.6AI score0.00425EPSS
Exploits1References13Affected Software1
PyPA
PyPA
added yesterday2 views

Fickling Blocklist Bypass: cProfile.run()

Fickling's assessmentcProfile was added to the list of unsafe imports https://github.com/trailofbits/fickling/commit/dc8ae12966edee27a78fe05c5745171a2b138d43. Original report Description SummaryFickling versions up to and including 0.1.6 do not treat Python's cProfile module as unsafe. Because of...

9.3CVSS6.5AI score0.0044EPSS
Exploits1References13Affected Software1
PyPA
PyPA
added yesterday2 views

Fickling has Static Analysis Bypass via Incomplete Dangerous Module Blocklist

Fickling's assessmentctypes, importlib, runpy, code and multiprocessing were added the list of unsafe imports https://github.com/trailofbits/fickling/commit/9a2b3f89bd0598b528d62c10a64c1986fcb09f66, https://github.com/trailofbits/fickling/commit/eb299b453342f1931c787bcb3bc33f3a03a173f9,...

9.3CVSS6.4AI score0.00554EPSS
Exploits1References13Affected Software1
PyPA
PyPA
added yesterday2 views

NiceGUI is vulnerable to XSS via Unescaped URL in ui.navigate.history.push() / replace()

SummaryXSS risk exists in NiceGUI when developers pass attacker-controlled strings into ui.navigate.history.push or ui.navigate.history.replace. These helpers are documented as History API wrappers for updating the browser URL without page reload. However, if the URL argument is embedded into...

6.1CVSS6.2AI score0.00243EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

AcademySoftwareFoundation OpenColorIO has an out-of-bounds vulnerability

A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...

4.8CVSS5.2AI score0.00165EPSS
Exploits0References12Affected Software1
PyPA
PyPA
added yesterday2 views

Authlib has 1-click Account Takeover vulnerability

Security Advisory: Cache-Backed State Storage CSRF in AuthlibThe Security Labs team at Snyk has reported a security issue affecting Authlib, identified during a recent research project.The Snyk Security Labs team has identified a vulnerability that can result in a one-click account takeover in...

8.8CVSS6AI score0.00237EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday2 views

Fickling vulnerable to detection bypass due to "builtins" blindness

Fickling's assessmentFickling started emitting AST nodes for builtins imports in order to match them during analysis https://github.com/trailofbits/fickling/commit/9f309ab834797f280cb5143a2f6f987579fa7cdf. Original report SummaryFickling works byPickle bytecode -- AST -- Security analysisHowever...

9.3CVSS6.2AI score0.00264EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added yesterday2 views

LIEF is vulnerable to segmentation fault

A security flaw has been discovered in lief-project LIEF up to 0.17.1. Affected by this issue is the function Parser::parsebinary of the file src/ELF/Parser.tcc of the component ELF Binary Parser. The manipulation results in null pointer dereference. The attack must be initiated from a local...

5.5CVSS5.3AI score0.00242EPSS
Exploits1References12Affected Software1
PyPA
PyPA
added yesterday2 views

NiceGUI apps which use `ui.sub_pages` vulnerable to zero-click XSS

SummaryAn unsafe implementation in the pushstate event listener used by ui.subpages allows an attacker to manipulate the fragment identifier of the URL, which they can do despite being cross-site, using an iframe. DetailsThe problem is traced as follows:1. On pushstate, handleStateEvent is...

7.2CVSS5.9AI score0.00233EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

NiceGUI has Redis connection leak via tab storage causes service degradation

SummaryAn unauthenticated attacker can exhaust Redis connections by repeatedly opening and closing browser tabs on any NiceGUI application using Redis-backed storage. Connections are never released, leading to service degradation when Redis hits its connection limit.NiceGUI continues accepting ne...

5.3CVSS6AI score0.0051EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday2 views

pypdf has possible long runtimes for missing /Root object with large /Size values

ImpactAn attacker who exploits this vulnerability can craft a PDF which leads to possibly long runtimes for actually invalid files. This can be achieved by omitting the /Root entry in the trailer, while using a rather large /Size value. Only the non-strict reading mode is affected. PatchesThis ha...

6.9CVSS5.8AI score0.00391EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

pypdf has possible long runtimes for malformed startxref

ImpactAn attacker who exploits this vulnerability can craft a PDF which leads to possibly long runtimes for invalid startxref entries. When rebuilding the cross-reference table, PDF files with lots of whitespace characters become problematic. Only the non-strict reading mode is affected...

6.9CVSS5.6AI score0.00391EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

Fickling vulnerable to use of ctypes and pydoc gadget chain to bypass detection

Fickling's assessmentpydoc and ctypes were added to the list of unsafe imports https://github.com/trailofbits/fickling/commit/b793563e60a5e039c5837b09d7f4f6b92e6040d1. Original report SummaryBoth ctypes and pydoc modules arent explictly blocked. Even other existing pickle scanning tools like...

9.3CVSS6AI score0.00346EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added yesterday2 views

NiceGUI apps are vulnerable to XSS which uses `ui.sub_pages` and render arbitrary user-provided links

SummaryAn unsafe implementation in the click event listener used by ui.subpages, combined with attacker-controlled link rendering on the page, causes an XSS when the user actively clicks on the link. Details1. On click, eventually subpagesnavigate event is...

6.1CVSS6AI score0.00238EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

AIOHTTP Vulnerable to Cookie Parser Warning Storm

SummaryReading multiple invalid cookies can lead to a logging storm. ImpactIf the cookies attribute is accessed in an application, then an attacker may be able to trigger a storm of warning-level logs using a specially crafted Cookie header.----Patch:...

6.9CVSS5.9AI score0.00332EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

records-mover Injection vulnerability

A weakness has been identified in bluelabsio records-mover up to 1.5.4. The affected element is an unknown function of the component Table Object Handler. This manipulation causes SQL Injection. The attack needs to be launched locally. Upgrading to version 1.6.0 is sufficient to fix this issue...

5.3CVSS5.6AI score0.00174EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added yesterday2 views

Bokeh server applications have Incomplete Origin Validation in WebSockets

This vulnerability allows for Cross-Site WebSocket Hijacking CSWSH of a deployed Bokeh server instance. ScopeThis vulnerability is only relevant to deployed Bokeh server instances. There is no impact on static HTML output, standalone embedded plots, or Jupyter notebook usage. This vulnerability...

7.4CVSS5.9AI score0.00159EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday2 views

loggingredactor converts non-string types to string types in logs

ImpactNon-string types are converted into string types, leading to type errors in %d conversions. PatchesThe problem has been patched in version 0.0.6. WorkaroundsNone without patching. ResourcesIssue report: https://github.com/armurox/loggingredactor/issues/7Release:...

5.3CVSS5.9AI score0.00228EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday2 views

MONAI has Path Traversal (Zip Slip) in NGC Private Bundle Download

SummaryA Path Traversal Zip Slip vulnerability exists in MONAI's downloadfromngcprivate function. The function uses zipfile.ZipFile.extractall without path validation, while other similar download functions in the same codebase properly use the existing safeextractmember function.This appears to ...

5.3CVSS6AI score0.00311EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

picklescan has Arbitrary file read using `io.FileIO`

SummaryUnsafe pickle deserialization allows unauthenticated attackers to read arbitrary server files and perform SSRF. By chaining io.FileIO and urllib.request.urlopen, an attacker can bypass RCE-focused blocklists to exfiltrate sensitive data example: /etc/passwd to an external server. DetailsTh...

8.7CVSS6AI score0.00509EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added yesterday2 views

Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)

Impacturllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip,...

8.9CVSS6AI score0.02667EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday2 views

Parsl Monitoring Visualization Vulnerable to SQL Injection

Affected Product: Parsl Python Parallel Scripting LibraryComponent: parsl.monitoring.visualizationVulnerability Type: SQL Injection CWE-89Severity: High CVSS Rating Recommended: 7.5 - 8.6URL: https://github.com/Parsl/parsl/blob/master/parsl/monitoring/visualization/views.pySummaryA SQL Injection...

7.3CVSS6.2AI score0.00235EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

AIOHTTP vulnerable to denial of service through large payloads

SummaryA request can be crafted in such a way that an aiohttp server's memory fills up uncontrollably during processing. ImpactIf an application includes a handler that uses the Request.post method, an attacker may be able to freeze the server by exhausting the memory.-----Patch:...

8.7CVSS5.8AI score0.00347EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

AIOHTTP vulnerable to DoS through chunked messages

SummaryHandling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks. ImpactIf an application makes use of the request.read method in an endpoint, it may be possible for an attacker to cause the server to spend a moderate amount of blocking CPU ti...

8.7CVSS5.9AI score0.00338EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday2 views

AIOHTTP has unicode match groups in regexes for ASCII protocol elements

SummaryThe parser allows non-ASCII decimals to be present in the Range header. ImpactThere is no known impact, but there is the possibility that there's a method to exploit a request smuggling vulnerability.----Patch:...

6.9CVSS5.9AI score0.00236EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

AIOHTTP's unicode processing of header values could cause parsing discrepancies

SummaryThe Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. ImpactIf a pure Python version of aiohttp is installed i.e. without the usual C extensions or AIOHTTPNOEXTENSIONS is enabled, then an attacker may be able to execute a request smuggling...

6.9CVSS6AI score0.00213EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

AIOHTTP vulnerable to DoS when bypassing asserts

SummaryWhen assert statements are bypassed, an infinite loop can occur, resulting in a DoS attack when processing a POST body. ImpactIf optimisations are enabled -O or PYTHONOPTIMIZE=1, and the application includes a handler that uses the Request.post method, then an attacker may be able to execu...

8.7CVSS6AI score0.00337EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

Picklescan has Incomplete List of Disallowed Inputs

SummaryCurrently picklescanner only blocks some specific functions of the pydoc and operator modules. Attackers can use other functions within these allowed modules to go through undetected and achieve RCE on the final user. Particularly pydoc.locate: Can dynamically resolve and import arbitrary...

9.8CVSS6.1AI score0.00623EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added yesterday2 views

libsodium has Incomplete List of Disallowed Inputs

libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group.This advisoory...

4.5CVSS6AI score0.00166EPSS
Exploits0References16Affected Software1
PyPA
PyPA
added yesterday2 views

AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb

SummaryA zip bomb can be used to execute a DoS against the aiohttp server. ImpactAn attacker may be able to send a compressed request that when decompressed by aiohttp could exhaust the host's memory.------Patch: https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a...

7.5CVSS6AI score0.00487EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

Feast vulnerable to Deserialization of Untrusted Data

A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job located at feast/sdk/python/feast/infra/computeengines/kubernetes/main.py. The vulnerability arises from the use of yaml.load..., Loader=yaml.Loader to...

7.8CVSS6.8AI score0.00264EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday2 views

Picklescan Bypasses Unsafe Globals Check using pty.spawn

SummaryThe vulnerability allows malicious actors to bypass PickleScan's unsafe globals check, leading to potential arbitrary code execution. The issue stems from the absence of the pty library more specifically, of the pty.spawn function from PickleScan's list of unsafe globals. This vulnerabilit...

8.8CVSS6.6AI score0.00384EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added yesterday2 views

badkeys vulnerable to ASCII control character injection on console via malformed input

ImpactAn attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the badkeys command-line tool. This impacts scanning DKIM keys both --dkim and --dkim-dns, SSH keys --ssh-lines mode, and filenames in various...

5.3CVSS5.8AI score0.00302EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added yesterday2 views

Langflow Missing Authentication on Critical API Endpoints

SummaryMultiple critical API endpoints in Langflow are missing authentication controls, allowing any unauthenticated user to access sensitive user conversation data, transaction histories, and perform destructive operations including message deletion. This affects endpoints handling personal data...

9.3CVSS6AI score0.20655EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday2 views

lmdeploy vulnerable to Arbitrary Code Execution via Insecure Deserialization in torch.load()

SummaryAn insecure deserialization vulnerability exists in lmdeploy where torch.load is called without the weightsonly=True parameter when loading model checkpoint files. This allows an attacker to execute arbitrary code on the victim's machine when they load a malicious .bin or .pt model file.CW...

8.8CVSS6.5AI score0.00487EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

Picklescan does not block ctypes

SummaryPicklescan doesnt flag ctypes module as a dangerous module, which is a huge issue. ctypes is basically a foreign function interface library and can be used to Load DLLs Call C functions directly Manipulate memory raw pointers.This can allow attackers to achieve RCE by invoking direct...

9.8CVSS5.9AI score0.00757EPSS
Exploits0References9Affected Software1
PyPA
PyPA
added yesterday2 views

Picklescan is vulnerable to RCE through missing detection when calling numpy.f2py.crackfortran._eval_length

SummaryPicklescan uses the numpy.f2py.crackfortran.evallength function a NumPy F2PY helper to execute arbitrary Python code during unpickling. DetailsPicklescan fails to detect a malicious pickle that uses the gadget numpy.f2py.crackfortran.evallength in reduce, allowing arbitrary command executi...

8.1CVSS6.6AI score0.00301EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

filelock has a TOCTOU race condition which allows symlink attacks during lock file creation

ImpactA Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation where filelock checks if a file exists before opening it with OTRUNC. An attacke...

6.5CVSS6.2AI score0.00184EPSS
Exploits1References9Affected Software1
PyPA
PyPA
added yesterday2 views

Langflow vulnerable to Server-Side Request Forgery

Vulnerability OverviewLangflow provides an API Request component that can issue arbitrary HTTP requests within a flow. This component takes a user-supplied URL, performs only normalization and basic format checks, and then sends the request using a server-side httpx client. It does not block...

7.7CVSS6.2AI score0.0576EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added yesterday2 views

mcp-server-git argument injection in git_diff and git_checkout functions allows overwriting local files

In mcp-server-git versions prior to 2025.12.18, the gitdiff and gitcheckout functions passed user-controlled arguments directly to git CLI commands without sanitization. Flag-like values e.g., --output=/path/to/file for gitdiff would be interpreted as command-line options rather than git refs,...

7.1CVSS6.2AI score0.0728EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added yesterday2 views

mcp-server-git has missing path validation when using --repository flag

In mcp-server-git versions prior to 2025.12.18, when the server is started with the --repository flag to restrict operations to a specific repository path, it did not validate that repopath arguments in subsequent tool calls were actually within that configured path. This could allow tool calls t...

9.1CVSS6.2AI score0.06197EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added yesterday2 views

FastAPI SSP is vulnerable to Cross-site Request Forgery (CSRF) through improper OAuth parameter validation

Versions of the package fastapi-sso before 0.19.0 are vulnerable to Cross-site Request Forgery CSRF due to the improper validation of the OAuth state parameter during the authentication callback. While the getloginurl method allows for state generation, it does not persist the state or bind it to...

6.9CVSS6AI score0.00311EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday2 views

pretix has Broken Access Control Allowing Cross-User File Access via UUID

An API endpoint allowed access to sensitive files from other users by knowing the UUID of the file that were not intended to be accessible by UUID only...

7CVSS5.9AI score0.00226EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday2 views

PyMdown Extensions has a ReDOS bug in its Figure Capture extension

ImpactThis issue describes a ReDOS bug found within the figure caption extension pymdownx.blocks.caption .In systems that take unchecked user content, this could cause long hangs when processing the data if a malicious payload was crafted. PatchesThis issue is patched in Release 10.16.1...

6.9CVSS6.1AI score0.00356EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday2 views

Weblate has an arbitrary file read via symbolic links

ImpactIt was possible to read arbitrary files from the server file system using crafted symbolic links in the repository. ResourcesThanks to Jason Marcello for responsible disclosure...

7.7CVSS6AI score0.00344EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday2 views

Fickling has missing detection for marshal.loads and types.FunctionType in unsafe modules list

Fickling AssessmentBased on the test case provided in the original report below, this bypass was caused by marshal and types missing from the block list of unsafe module imports, Fickling started blocking both modules to address this issue. This was fixed in...

8.5CVSS6.3AI score0.00237EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added yesterday2 views

LangGraph's SQLite is vulnerable to SQL injection via metadata filter key in SQLite checkpointer list method

ContextA SQL injection vulnerability exists in LangGraph's SQLite checkpoint implementation that allows attackers to manipulate SQL queries through metadata filter keys. This affects applications that accept untrusted metadata filter keys not just filter values in checkpoint search operations...

7.8CVSS6.5AI score0.02073EPSS
Exploits2References6Affected Software1
PyPA
PyPA
added yesterday2 views

NiceGUI Stored/Reflected XSS in ui.interactive_image via unsanitized SVG content

SummaryA Cross-Site Scripting XSS vulnerability exists in the ui.interactiveimage component of NiceGUI v3.3.1 and earlier. The component renders SVG content using Vue's v-html directive without any sanitization. This allows attackers to inject malicious HTML or JavaScript via the SVG tag...

6.1CVSS6.2AI score0.00223EPSS
Exploits2References6Affected Software1
PyPA
PyPA
added yesterday2 views

NiceGUI has a path traversal in app.add_media_files() allows arbitrary file read

SummaryA directory traversal vulnerability in NiceGUI's App.addmediafiles allows a remote attacker to read arbitrary files on the server filesystem. DetailsHello, I am Seungbin Yang, a university student studying cybersecurity. While reviewing the source code of the repository, I discovered a...

7.5CVSS6.2AI score0.00963EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday2 views

open-webui is Vulnerable to Incorrect Access Control

open-webui v0.6.33 is vulnerable to Incorrect Access Control. The API /api/tasks/stop/ directly accesses and cancels tasks without verifying user ownership, enabling attackers a normal user to stop arbitrary LLM response tasks...

5.3CVSS6AI score0.00263EPSS
Exploits1References6Affected Software1
Total number of security vulnerabilities5000