[bottle] bottle.py vulnerable to CRLF Injection

bottle.py is a fast and simple micro-framework for python web-applications. redirect() in bottle.py in bottle 0.12.10 doesn’t filter a “\r\n” sequence, which leads to a CRLF attack, as demonstrated by a redirect(“233\r\nSet-Cookie: name=salt”) call.
Re…

[html5lib] Cross-site Scripting in html5lib

The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting (XSS) attacks by leveraging mishandling of special characters in attribute values, a different vulnerability than CVE-2016-9909.
References

https…

[Pygments] Command Injection in Pygments

The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name.
References

https://nvd.nist.gov/vuln/detail/CVE-2015-8557
h…

[calibreweb] SQL injection in calibreweb

Calibre-Web before 0.6.18 allows user table SQL Injection.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-30765
https://github.com/janeczku/calibre-web/blob/master/SECURITY.md
https://github.com/janeczku/calibre-web/releases/tag/0.6.18
https://g…