Lucene search
Veracode Vulnerability DatabaseVERACODE:30903HistoryJun 11, 2021 - 5:45 a.m.
Cross-Site Request Forgery (CSRF)
2021-06-1105:45:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.001 Low
EPSS
Percentile
37.6%
fastapi is vulnerable to cross-site request forgery (CSRF). The content-type headers are not verified before assuming files are of JSON type. This allows an attacker to inject and execute arbitrary Javascript via a content-type of text/plain which would be rendered as HTML.
Related
ubuntucve
ubuntucve
CVE-2021-32677
2021-06-09 00:00:00
debiancve
debiancve
CVE-2021-32677
2021-06-09 18:15:08
cvelist
cvelist
CVE-2021-32677 Cross-Site Request Forgery (CSRF) in FastAPI
2021-06-09 17:30:12
github
github
Cross-Site Request Forgery (CSRF) in FastAPI
2021-06-10 15:43:54
osv
osv
PYSEC-2021-100
2021-06-09 18:15:00
CVE-2021-32677
2021-06-09 18:15:08
Cross-Site Request Forgery (CSRF) in FastAPI
2021-06-10 15:43:54
openvas
openvas
Fedora: Security Advisory for python-fastapi (FEDORA-2021-917e89c036)
2021-06-20 00:00:00
nvd
nvd
CVE-2021-32677
2021-06-09 18:15:08
cve
cve
CVE-2021-32677
2021-06-09 18:15:08
fedora
fedora
[SECURITY] Fedora 34 Update: python-fastapi-0.65.2-1.fc34
2021-06-18 01:08:15
archlinux
archlinux
[ASA-202107-6] python-fastapi: cross-site request forgery
2021-07-01 00:00:00
prion
prion
Cross site request forgery (csrf)
2021-06-09 18:15:00
