CVE-2008-6547
FormEncode 1.0 - Improper Input Validation via Chained Validators Bypass
Title source: llmDescription
schema.py in FormEncode for Python (python-formencode) 1.0 does not apply the chained_validators feature, which allows attackers to bypass intended access restrictions via unknown vectors.
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/30282
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00607.html
Product x_refsource_confirm
http://sourceforge.net/tracker/index.php?func=detail&aid=1925164&group_id=91231&atid=596416
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43878
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/47082
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31163
Patch x_refsource_confirm
http://sourceforge.net/tracker/download.php?group_id=91231&atid=596416&file_id=271779&aid=1925164
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31081
Scores
EPSS
0.0149
EPSS Percentile
71.1%
Details
CWE
CWE-20
Status
published
Products (2)
formencode/formencode
1.0
pypi/FormEncode
1.0 - 1.0.1PyPI
Published
Mar 30, 2009
Tracked Since
Feb 18, 2026