python-bottle

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A fast and simple micro-framework for small web-applications
Version 0.12.25-5 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1485 0.12.18-3 0.12.19-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2020-28473 AVG-1485 Medium Yes Incorrect calculation
The package python-bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can...