marshmallow-code/webargs

GitHub

github.com

webargs.readthedocs.io

Releases113

Frequency1 month 1 week

Last Release 8 months ago

Stars1.41K

A friendly library for parsing HTTP request arguments, with built-in support for popular web frameworks, including Flask, Django, Bottle, Tornado, Pyramid, webapp2, Falcon, and aiohttp.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-9710 ↗	Mar 12, 2019Tuesday, 12 March 2019, 02:29	—	6.8 MEDIUM
An issue was discovered in webargs before 5.1.3, as used with marshmallow and other products. JSON parsing uses a short-lived cache to store the parsed JSON body. This cache is not thread-safe, meaning that incorrect JSON payloads could have been parsed for concurrent requests.