VulnerableCode Package Details - pkg:pypi/waitress@1.4.4

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/waitress@1.4.4

Essentials
History (2)

purl	pkg:pypi/waitress@1.4.4

Next non-vulnerable version	3.0.1
Latest non-vulnerable version	3.0.1
Risk

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-gnaw-ht2x-9bas Aliases: CVE-2022-24761 GHSA-4f7p-27jc-3c36 PYSEC-2022-169		2.1.1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ujpr-gc5n-s3bc Aliases: CVE-2024-49769 GHSA-3f84-rpwh-47g6 PYSEC-2024-211	Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resources required. Waitress 3.0.1 contains fixes that remove the race condition.	3.0.1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:22:27.572701+00:00	Pypa Importer	Affected by	VCID-ujpr-gc5n-s3bc	https://github.com/pypa/advisory-database/blob/main/vulns/waitress/PYSEC-2024-211.yaml	38.6.0
2026-06-02T04:17:09.598690+00:00	Pypa Importer	Affected by	VCID-gnaw-ht2x-9bas	https://github.com/pypa/advisory-database/blob/main/vulns/waitress/PYSEC-2022-169.yaml	38.6.0