High severityNVD Advisory· Published Mar 30, 2009· Updated Apr 23, 2026
CVE-2008-6547
CVE-2008-6547
Description
schema.py in FormEncode for Python (python-formencode) 1.0 does not apply the chained_validators feature, which allows attackers to bypass intended access restrictions via unknown vectors.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
FormEncodePyPI | >= 1.0, < 1.0.1 | 1.0.1 |
Affected products
1- cpe:2.3:a:formencode:formencode:1.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- sourceforge.net/tracker/download.phpnvdPatchWEB
- secunia.com/advisories/31081nvdVendor Advisory
- secunia.com/advisories/31163nvdVendor Advisory
- github.com/advisories/GHSA-9jp4-68vc-r8wqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2008-6547ghsaADVISORY
- sourceforge.net/tracker/index.phpnvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/43878nvdWEB
- github.com/pypa/advisory-database/tree/main/vulns/formencode/PYSEC-2009-5.yamlghsaWEB
- web.archive.org/web/20080905200034/http://secunia.com/advisories/31081ghsaWEB
- web.archive.org/web/20081013102442/http://secunia.com/advisories/31163ghsaWEB
- web.archive.org/web/20200228145643/http://www.securityfocus.com/bid/30282ghsaWEB
- www.redhat.com/archives/fedora-package-announce/2008-July/msg00607.htmlnvdWEB
- osvdb.org/47082nvd
- www.securityfocus.com/bid/30282nvd
News mentions
0No linked articles in our index yet.