VYPR

Datasette

by Simonw

pypi: datasette

Source repositories

CVEs (3)

  • CVE-2025-64481LowNov 7, 2025
    risk 0.11cvss epss 0.00

    Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability. Hits to the path //example.com/foo/bar/ (the trailing slash is required) will…

  • CVE-2023-40570Aug 25, 2023
    risk 0.00cvss epss 0.00

    Datasette is an open source multi-tool for exploring and publishing data. This bug affects Datasette instances running a Datasette 1.0 alpha - 1.0a0, 1.0a1, 1.0a2 or 1.0a3 - in an online accessible location but with authentication enabled using a plugin such as…

  • CVE-2021-32670Jun 7, 2021
    risk 0.00cvss epss 0.01

    Datasette is an open source multi-tool for exploring and publishing data. The `?_trace=1` debugging feature in Datasette does not correctly escape generated HTML, resulting in a [reflected cross-site scripting](https://owasp.org/www-community/attacks/xss/#reflected-xss-attacks)…