Search for packages
| purl | pkg:pypi/webargs@0.5.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3pye-tp6f-rudx
Aliases: PYSEC-2019-69 |
An issue was discovered in webargs before 5.1.3, as used with marshmallow and other products. JSON parsing uses a short-lived cache to store the parsed JSON body. This cache is not thread-safe, meaning that incorrect JSON payloads could have been parsed for concurrent requests. |
Affected by 1 other vulnerability. |
|
VCID-97cu-3bp8-cfhk
Aliases: CVE-2019-9710 GHSA-8554-jxcw-454q PYSEC-2019-139 |
An issue was discovered in webargs before 5.1.3, as used with marshmallow and other products. JSON parsing uses a short-lived cache to store the parsed JSON body. This cache is not thread-safe, meaning that incorrect JSON payloads could have been parsed for concurrent requests. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-05T16:55:17.615299+00:00 | PyPI Importer | Affected by | VCID-3pye-tp6f-rudx | https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip | 38.6.0 |
| 2026-06-05T16:55:17.475992+00:00 | PyPI Importer | Affected by | VCID-97cu-3bp8-cfhk | https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip | 38.6.0 |
| 2026-06-05T16:21:27.927540+00:00 | GHSA Importer | Affected by | VCID-97cu-3bp8-cfhk | https://github.com/advisories/GHSA-8554-jxcw-454q | 38.6.0 |
| 2026-06-04T20:19:54.111384+00:00 | GitLab Importer | Affected by | VCID-97cu-3bp8-cfhk | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/webargs/CVE-2019-9710.yml | 38.6.0 |
| 2026-06-02T04:05:33.602665+00:00 | Pypa Importer | Affected by | VCID-97cu-3bp8-cfhk | https://github.com/pypa/advisory-database/blob/main/vulns/webargs/PYSEC-2019-139.yaml | 38.6.0 |