VulnerableCode Package Details - pkg:pypi/paste@1.7.4

Search for packages

Vulnerability	Summary	Fixed by
VCID-sdxu-uyxy-fyhj Aliases: CVE-2012-0878 GHSA-27px-qpmj-qg38 PYSEC-2012-15	Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.	1.7.5.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-sdxu-uyxy-fyhj
Aliases:
CVE-2012-0878
GHSA-27px-qpmj-qg38
PYSEC-2012-15

Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.

1.7.5.1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-f12u-sb2b-zfbd	Multiple cross-site scripting (XSS) vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to (1) paste.urlparser.StaticURLParser, (2) paste.urlparser.PkgResourcesParser, (3) paste.urlmap.URLMap, and (4) HTTPNotFound.	CVE-2010-2477 GHSA-7gfc-2v6g-6w9f PYSEC-2010-29

Vulnerability

Summary

Aliases

VCID-f12u-sb2b-zfbd

Multiple cross-site scripting (XSS) vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to (1) paste.urlparser.StaticURLParser, (2) paste.urlparser.PkgResourcesParser, (3) paste.urlmap.URLMap, and (4) HTTPNotFound.

CVE-2010-2477
GHSA-7gfc-2v6g-6w9f
PYSEC-2010-29

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T08:57:16.393158+00:00	GHSA Importer	Fixing	VCID-f12u-sb2b-zfbd	https://github.com/advisories/GHSA-7gfc-2v6g-6w9f	38.6.0
2026-06-13T08:57:01.416986+00:00	GHSA Importer	Affected by	VCID-sdxu-uyxy-fyhj	https://github.com/advisories/GHSA-27px-qpmj-qg38	38.6.0
2026-06-12T18:14:54.683554+00:00	GitLab Importer	Fixing	VCID-f12u-sb2b-zfbd	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/paste/CVE-2010-2477.yml	38.6.0
2026-06-12T18:13:37.762091+00:00	GitLab Importer	Affected by	VCID-sdxu-uyxy-fyhj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/paste/CVE-2012-0878.yml	38.6.0
2026-06-12T08:24:27.497014+00:00	GithubOSV Importer	Fixing	VCID-f12u-sb2b-zfbd	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-7gfc-2v6g-6w9f/GHSA-7gfc-2v6g-6w9f.json	38.6.0
2026-06-12T04:00:34.643460+00:00	Pypa Importer	Affected by	VCID-sdxu-uyxy-fyhj	https://github.com/pypa/advisory-database/blob/main/vulns/paste/PYSEC-2012-15.yaml	38.6.0
2026-06-12T04:00:31.326079+00:00	Pypa Importer	Fixing	VCID-f12u-sb2b-zfbd	https://github.com/pypa/advisory-database/blob/main/vulns/paste/PYSEC-2010-29.yaml	38.6.0
2026-06-11T20:41:55.821041+00:00	PyPI Importer	Affected by	VCID-sdxu-uyxy-fyhj	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-06-11T20:41:51.962150+00:00	PyPI Importer	Fixing	VCID-f12u-sb2b-zfbd	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0