Information on source package web2py

Available versions

ReleaseVersion
jessie1.99.7-1

Open issues

BugjessieDescription
CVE-2023-45158vulnerableAn OS command injection vulnerability exists in web2py 2.24.1 and earl ...
CVE-2023-22432vulnerableOpen redirect vulnerability exists in web2py versions prior to 2.23.1. ...
CVE-2022-33146vulnerableOpen redirect vulnerability in web2py versions prior to 2.22.5 allows ...
CVE-2016-10321vulnerable (no DSA, ignored)web2py before 2.14.6 does not properly check if a host is denied befor ...
CVE-2016-4808vulnerable (no DSA, ignored)Web2py versions 2.14.5 and below was affected by CSRF (Cross Site Requ ...
CVE-2016-4807vulnerable (no DSA, ignored)Web2py versions 2.14.5 and below was affected by Reflected XSS vulnera ...
CVE-2016-4806vulnerable (no DSA, ignored)Web2py versions 2.14.5 and below was affected by Local File Inclusion ...
CVE-2015-6961vulnerable (no DSA, ignored)Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows ...

Open unimportant issues

BugjessieDescription
CVE-2013-6837vulnerableCross-site scripting (XSS) vulnerability in the setTimeout function in ...

Resolved issues

BugDescription
CVE-2016-3957The secure_load function in gluon/utils.py in web2py before 2.14.2 use ...
CVE-2016-3954web2py before 2.14.2 allows remote attackers to obtain the session_coo ...
CVE-2016-3953The sample web application in web2py before 2.14.2 might allow remote ...
CVE-2016-3952web2py before 2.14.1, when using the standalone version, allows remote ...
CVE-2013-2311Cross-site scripting (XSS) vulnerability in static/js/share.js (aka th ...
Search for package or bug name: Reporting problems