TurboGears@1.1.3 vulnerabilities

Front-to-back, open-source, rapid web development framework

Direct Vulnerabilities

Known vulnerabilities in the TurboGears package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
HTTP Header Injection

TurboGears is a Front-to-back, open-source, rapid web development framework

Affected versions of this package are vulnerable to HTTP Header Injection via the turbogears/controllers.py file of the component HTTP Header Handler which leads to http response splitting.

How to fix HTTP Header Injection?

A fix was pushed into the master branch but not yet published.

[0,)