Vulnerabilities > Webargs Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-29 | CVE-2020-7965 | Cross-Site Request Forgery (CSRF) vulnerability in Webargs Project Webargs flaskparser.py in Webargs 5.x through 5.5.2 doesn't check that the Content-Type header is application/json when receiving JSON input. | 8.8 |
2019-03-12 | CVE-2019-9710 | Race Condition vulnerability in Webargs Project Webargs An issue was discovered in webargs before 5.1.3, as used with marshmallow and other products. | 8.1 |