PYSEC-2023-177
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/gevent/PYSEC-2023-177.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2023-177
- Aliases
- Published
- 2023-09-25T12:15:00Z
- Modified
- 2026-06-10T17:01:18.969238165Z
- Summary
- [none]
- Details
-
An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component.
- References
Affected packages
PyPI / gevent
Package
- Name
- gevent
- View open source insights on deps.dev
- Purl
- pkg:pypi/gevent
Affected ranges
- Type
- GIT
- Repo
- https://github.com/gevent/gevent
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed23.9.0
Affected versions
0.*
0.9.0
0.9.1
0.9.2
0.9.3
0.10.0
0.11.0
0.11.1
0.11.2
0.12.0-preview
0.12.0-preview-2
0.12.0
0.12.1
0.12.2
0.13.0-beta1
0.13.0b2
0.13.0
0.13.1b1
0.13.1b2
0.13.1
0.13.2
0.13.3
0.13.4
0.13.5
0.13.6
0.13.7
0.13.8
1.*
1.0a1
1.0a2
1.0a3
1.0b1
1.0b2
1.0b3
1.0b4
1.0rc1
1.0rc2
1.0rc3
1.0
1.0.1
1.0.2
1.1a1
1.1a2
1.1b1
1.1b2
1.1b3
1.1b4
1.1b5
1.1b6
1.1rc1
1.1rc2
1.1rc3
1.1rc4
1.1rc5
1.1.0
1.1.1
1.1.2
1.2a1
1.2a2
1.2.0
1.2.1
1.2.2
1.3a1
1.3a2
1.3b1
1.3b2
1.3.0
1.3.1
1.3.2
1.3.2.post0
1.3.3
1.3.4
1.3.5
1.3.6
1.3.7
1.4.0
1.5a1
1.5a2
1.5a3
1.5a4
1.5.0
v1.*
v1.1a1
v1.1a2
v1.1b1
v1.1b2
v1.1b3
v1.1b4
v1.1b5
v1.1b6
v1.1rc1
v1.1rc2
v1.1rc3
v1.1.0
v1.2a1
v1.2a2
20.*
20.4.0
20.04.0
20.5.0
20.5.1
20.5.2
20.6.0
20.6.1
20.6.2
20.9.0
20.12.0
20.12.1
21.*
21.1.0
21.1.1
21.1.2
21.8.0
21.12.0
22.*
22.8.0
22.08.0
22.10.1
22.10.2
23.*
23.7.0