Information on source package web2py

Available versions

ReleaseVersion
wheezy1.99.7-1
jessie1.99.7-1

Open issues

BugwheezyjessieDescription
CVE-2016-4808vulnerable (no DSA)vulnerable (no DSA, ignored)Web2py versions 2.14.5 and below was affected by CSRF (Cross Site ...
CVE-2016-4807vulnerable (no DSA)vulnerable (no DSA, ignored)Web2py versions 2.14.5 and below was affected by Reflected XSS ...
CVE-2016-4806vulnerable (no DSA)vulnerable (no DSA, ignored)Web2py versions 2.14.5 and below was affected by Local File Inclusion ...
CVE-2016-10321vulnerable (no DSA)vulnerable (no DSA, ignored)web2py before 2.14.6 does not properly check if a host is denied before ...
CVE-2015-6961vulnerable (no DSA)vulnerable (no DSA, ignored)Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows ...

Open unimportant issues

BugwheezyjessieDescription
CVE-2013-6837vulnerablevulnerableCross-site scripting (XSS) vulnerability in the setTimeout function in ...

Resolved issues

BugDescription
CVE-2016-3957The secure_load function in gluon/utils.py in web2py before 2.14.2 ...
CVE-2016-3954web2py before 2.14.2 allows remote attackers to obtain the ...
CVE-2016-3953The sample web application in web2py before 2.14.2 might allow remote ...
CVE-2016-3952web2py before 2.14.1, when using the standalone version, allows remote ...
CVE-2013-2311Cross-site scripting (XSS) vulnerability in static/js/share.js (aka ...

Search for package or bug name: Reporting problems