Filtered by vendor Pythonpaste
Subscriptions
Filtered by product Paste
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-2477 | 1 Pythonpaste | 1 Paste | 2024-08-07 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to (1) paste.urlparser.StaticURLParser, (2) paste.urlparser.PkgResourcesParser, (3) paste.urlmap.URLMap, and (4) HTTPNotFound. | ||||
| CVE-2012-0878 | 2 Pythonpaste, Redhat | 2 Paste, Enterprise Linux | 2024-08-06 | N/A |
| Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem. | ||||
Page 1 of 1.