web.py@0.34 vulnerabilities

web.py: makes web apps

Known vulnerabilities in the web.py package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
C SQL Injection Affected versions of this package are vulnerable to SQL Injection via `db.select` which uses `limit` and `offset` values directly in the query. How to fix SQL Injection? Upgrade `web.py` to version 0.39 or higher.	[,0.39)
M Cross-site Scripting (XSS) Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via `id field` during form rendering. How to fix Cross-site Scripting (XSS)? Upgrade `web.py` to version 0.39 or higher.	[,0.39)
M Cross-site Scripting (XSS) `web.py` makes web apps . Affected versions of this package are vulnerable to Cross-site Scripting attacks via the form module. How to fix Cross-site Scripting (XSS)? Upgrade `web.py` to version 0.39 or higher.	[,0.39)
M SQL Injection `web.py` makes web apps . Affected versions of this package are vulnerable to SQL Injection via the db module. The `limit` and `offset` vaariables could be provided by an end-user and are potentially unsafe. How to fix SQL Injection? Upgrade `web.py` to version 0.39 or higher.	[,0.39)