Webargs Project Webargs — known CVE vulnerabilities
Every CVE whose affected-product data names Webargs Project Webargs, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-7965 — CVSS 8.8 (high): flaskparser.py in Webargs 5.x through 5.5.2 doesn't check that the Content-Type header is application/json when receiving JSON input. If…
CVE-2019-9710 — CVSS 8.1 (high): An issue was discovered in webargs before 5.1.3, as used with marshmallow and other products. JSON parsing uses a short-lived cache to…