MEDIUM 5.3 PyPI
GHSA-h7cm-mrvq-wcfr · CVE-2023-41885, PYSEC-2023-173 Piccolo's current `BaseUser.login` implementation is vulnerable to time based user enumeration
Modified: 2/16/2024
package
PyPI / piccolo
pkg:pypi/piccolo
CRITICAL 9.1 PyPI
GHSA-xq59-7jf3-rjc6 · CVE-2023-47128, PYSEC-2023-241 piccolo SQL Injection via named transaction savepoints
Modified: 10/9/2024
MEDIUM 5.3 PyPI
PYSEC-2023-173 · CVE-2023-41885, GHSA-h7cm-mrvq-wcfr Modified: 11/8/2023
CRITICAL 9.1 PyPI
PYSEC-2023-241 · CVE-2023-47128, GHSA-xq59-7jf3-rjc6 Modified: 6/8/2026