Skip to content

[CRITICAL] Security Vulnerability in bottle #1897

Open
Open
[CRITICAL] Security Vulnerability in bottle#1897
@ghost

Description

@ghost
ghost
opened on Jan 21, 2026

Security Vulnerability Detected

Dependency: bottle
Criticality: CRITICAL (Score: undefined)

Vulnerability Details

Name: CVE-2022-31799

Description:
Bottle before 0.12.20 mishandles errors during early request binding.

Metadata

"{\"vulnerabilityIdentifiers\":[\"CVE-2022-31799\"],\"published\":\"2022-06-02T14:15:58.213\",\"lastModified\":\"2024-11-21T07:05:21.203\",\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":5.9,\"weaknesses\":[\"CWE-755\"]}"

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions