Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-pddc-5c8v-qqbs
Vulnerability ID VCID-pddc-5c8v-qqbs
Aliases CVE-2018-14505
GHSA-6m53-c78q-7qmg
PYSEC-2018-56
Summary mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to tools/web/app.py.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-20 Improper Input Validation
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
There are no known severity scores.
Reference id Reference type URL
https://github.com/advisories/GHSA-6m53-c78q-7qmg
https://github.com/mitmproxy/mitmproxy
https://github.com/mitmproxy/mitmproxy/commit/7f464b89296881f4d9ec032378c4418e832d17e3
https://github.com/mitmproxy/mitmproxy/issues/3234
https://github.com/mitmproxy/mitmproxy/pull/3243
https://github.com/pypa/advisory-database/tree/main/vulns/mitmproxy/PYSEC-2018-56.yaml
CVE-2018-14505 https://nvd.nist.gov/vuln/detail/CVE-2018-14505
No exploits are available.
There are no known vectors.

No EPSS data available for this vulnerability.

Date Actor Action Source VulnerableCode Version
2026-06-02T04:05:13.986244+00:00 Pypa Importer Import https://github.com/pypa/advisory-database/blob/main/vulns/mitmproxy/PYSEC-2018-56.yaml 38.6.0