Vulnerabilities > Encode
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-01 | CVE-2023-29159 | Path Traversal vulnerability in Encode Starlette Directory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in a web service which was built using Starlette. | 7.5 |
2023-04-21 | CVE-2023-30798 | Resource Exhaustion vulnerability in Encode Starlette There MultipartParser usage in Encode's Starlette python framework before versions 0.25.0 allows an unauthenticated and remote attacker to specify any number of form fields or files which can cause excessive memory usage resulting in denial of service of the HTTP service. | 7.5 |
2022-04-28 | CVE-2021-41945 | Improper Input Validation vulnerability in Encode Httpx Encode OSS httpx < 0.23.0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`. | 9.1 |
2020-09-30 | CVE-2020-25626 | Cross-site Scripting vulnerability in multiple products A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. | 6.1 |
2020-07-27 | CVE-2020-7695 | Injection vulnerability in Encode Uvicorn Uvicorn before 0.11.7 is vulnerable to HTTP response splitting. | 5.3 |
2020-07-27 | CVE-2020-7694 | Injection vulnerability in Encode Uvicorn This affects all versions of package uvicorn. | 5.0 |