Vulnerabilities > Webargs Project

DATE CVE VULNERABILITY TITLE RISK
2020-01-29 CVE-2020-7965 Cross-Site Request Forgery (CSRF) vulnerability in Webargs Project Webargs
flaskparser.py in Webargs 5.x through 5.5.2 doesn't check that the Content-Type header is application/json when receiving JSON input.
network
low complexity
webargs-project CWE-352
8.8
2019-03-12 CVE-2019-9710 Race Condition vulnerability in Webargs Project Webargs
An issue was discovered in webargs before 5.1.3, as used with marshmallow and other products.
network
high complexity
webargs-project CWE-362
8.1