High severity7.5NVD Advisory· Published Jul 17, 2017· Updated May 13, 2026
CVE-2017-1000001
CVE-2017-1000001
Description
FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
FedMsgPyPI | < 0.18.2 | 0.18.2 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/advisories/GHSA-p7xc-35m8-57prghsaADVISORY
- github.com/fedora-infra/fedmsg/blob/0.18.2/CHANGELOG.rstnvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2017-1000001ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/fedmsg/PYSEC-2017-13.yamlghsaWEB
News mentions
0No linked articles in our index yet.