Latest version: v3.0.0
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2022-24761 | 46436 |
Waitress 2.1.1 includes a fix for CVE-2022-24761: When using Waitress… |
|
HIGH | 7.5 |
| CVE-2022-31015 | 49257 |
Waitress 2.1.2 includes a fix for CVE-2022-31015: Waitress versions 2… |
|
MEDIUM | 5.9 |
| CVE-2020-5236 | 42295 |
Waitress 1.4.2 allows a DOS attack when waitress receives a header th… |
|
MEDIUM | 6.5 |
| CVE-2019-16789 | 37674 |
In Waitress through version 1.4.0, if a proxy server is used in front… |
|
HIGH | 8.2 |
| CVE-2019-16786 | 39556 |
Waitress through version 1.3.1 would parse the Transfer-Encoding head… |
|
HIGH | 7.5 |
| CVE-2019-16785 | 37822 |
Waitress 1.4.0 includes a fix for CVE-2019-16785: Waitress through ve… |
|
HIGH | 7.5 |
| CVE-2019-16792 | 42265 |
Waitress through version 1.3.1 allows request smuggling by sending th… |
|
HIGH | 7.5 |
| PVE-2021-26390 | 26390 |
waitress 1.2.0b1 provides a new security feature when using Waitress … |
|
- | - |
| PVE-2021-26174 | 26174 |
Waitress before 1.0.0 drops HTTP headers that contain an underscore i… |
|
HIDDEN | X.Y |
| PVE-2021-36764 | 36764 |
Waitress 0.9.0 checks for line feed/carriage to prevent HTTP Response… |
|
HIDDEN | X.Y |
| PVE-2024-99829 | 65600 |
Selected versions of waitress are susceptible to HTTP response splitt… |
|
- | - |