USN-8443-1
- Source
- https://ubuntu.com/security/notices/USN-8443-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8443-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-8443-1
- Upstream
- Related
- Published
- 2026-06-17T12:14:47Z
- Modified
- 2026-06-17T20:33:58.317315215Z
- Summary
- webpy vulnerability
- Details
-
It was discovered that web.py incorrectly handled sequence names in PostgreSQL insert queries. An attacker could possibly use this issue to perform SQL injection attacks, resulting in the alteration or exposure of database information.
- References
Affected packages
Ubuntu:Pro:16.04:LTS / webpy
Package
- Name
- webpy
- Purl
- pkg:deb/ubuntu/webpy?arch=source&distro=esm-apps-legacy%2Fxenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:0.37+20120626-1ubuntu0.1~esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1:0.37+20120626-1ubuntu0.1~esm1",
"binary_name": "python-webpy"
}
]
}
Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8443-1.json"
cves_map
{
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-3818"
}
],
"ecosystem": "Ubuntu:Pro:16.04:LTS"
}
Ubuntu:Pro:18.04:LTS / webpy
Package
- Name
- webpy
- Purl
- pkg:deb/ubuntu/webpy?arch=source&distro=esm-apps%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:0.38+20170615-1ubuntu0.1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_version": "1:0.38+20170615-1ubuntu0.1~esm1",
"binary_name": "python-webpy"
},
{
"binary_version": "1:0.38+20170615-1ubuntu0.1~esm1",
"binary_name": "python3-webpy"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8443-1.json"
cves_map
{
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-3818"
}
],
"ecosystem": "Ubuntu:Pro:18.04:LTS"
}
Ubuntu:Pro:20.04:LTS / webpy
Package
- Name
- webpy
- Purl
- pkg:deb/ubuntu/webpy?arch=source&distro=esm-apps%2Ffocal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:0.40-2ubuntu0.1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_version": "1:0.40-2ubuntu0.1~esm1",
"binary_name": "python3-webpy"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8443-1.json"
cves_map
{
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-3818"
}
],
"ecosystem": "Ubuntu:Pro:20.04:LTS"
}
Ubuntu:Pro:22.04:LTS / webpy
Package
- Name
- webpy
- Purl
- pkg:deb/ubuntu/webpy?arch=source&distro=esm-apps%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:0.61-1ubuntu0.1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_version": "1:0.61-1ubuntu0.1~esm1",
"binary_name": "python3-webpy"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8443-1.json"
cves_map
{
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-3818"
}
],
"ecosystem": "Ubuntu:Pro:22.04:LTS"
}
Ubuntu:Pro:24.04:LTS / webpy
Package
- Name
- webpy
- Purl
- pkg:deb/ubuntu/webpy?arch=source&distro=esm-apps%2Fnoble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1:0.62-4ubuntu0.1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_version": "1:0.62-4ubuntu0.1~esm1",
"binary_name": "python3-webpy"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
Database specific
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8443-1.json"
cves_map
{
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2025-3818"
}
],
"ecosystem": "Ubuntu:Pro:24.04:LTS"
}