pkg:PyPI/web2py

8 total CVEsCRITICAL2MEDIUM6

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2016-3953web2py remote code execution via hardcoded encryption key in session.connect function
    from 0, < 2.14.2
  • CRITICAL9.8CVE-2016-10321web2py is vulnerable to password brute-force attack
    from 0, < 2.14.6
  • MEDIUM6.1CVE-2023-22432Open redirect in web2py
    from 0, < 2.23.1
  • MEDIUM6.1CVE-2022-33146Open redirect in web2py
    from 0, < 2.22.5
  • MEDIUM5.5CVE-2016-3954web2py exposure of sensitive information
    from 0, < 2.14.2
  • MEDIUM4.8CVE-2016-4807Web2py Reflected XSS vulnerability
    from 0, <= 2.14.5
  • MEDIUM4.7CVE-2026-25198web2py has an Open Redirect Vulnerability
    from 0, < 3.1.1
  • MEDIUM4.5CVE-2016-4808Web2py Cross-Site Request Forgery vulnerability
    from 0, < 2.14.6