Vulnerabilities in Pylons
13 resultsCVE-2019-16785HIGHHTTP Request Smuggling: LF vs CRLF handling in WaitressEPSS 2.7%CVE-2020-5236MEDIUMCatastrophic backtracking in regex allows Denial of Service in WaitressEPSS 2.6%CVE-2019-16789HIGHHTTP Request Smuggling in Waitress: Invalid whitespace characters in headersEPSS 2.6%CVE-2019-16786HIGHHTTP Request Smuggling: Invalid Transfer-Encoding in WaitressEPSS 2.5%CVE-2019-16792HIGHHTTP Request Smuggling: Content-Length Sent Twice in WaitressEPSS 2.1%CVE-2022-24761HIGHHTTP Request Smuggling in waitressEPSS 1.8%CVE-2024-49769HIGHWaitress has a denial of service leading to high CPU usage/resource exhaustionEPSS 1.4%CVE-2022-31015MEDIUMUncaught Exception (due to a data race) leads to process termination in WaitressEPSS 1.3%CVE-2014-125056LOWPylons horus services.py timing discrepancyEPSS 0.7%CVE-2023-40587MEDIUMPyramid static view path traversal up one directoryEPSS 0.6%CVE-2024-49768CRITICALWaitress has request processing race condition in HTTP pipelining with invalid first requestEPSS 0.5%CVE-2024-42353MEDIUMWebOb's location header normalization during redirect leads to open redirectEPSS 0.5%CVE-2026-44889MEDIUMWebOb: Location header normalization during redirect leads to open redirectEPSS 0.2%