Affected versions:
>=2.0a0,<2.0.2
Pyramid 2.0.2 includes a fix for CVE-2023-40587: A path traver…
Affected versions:
<1.6a2
pyramid before 1.6a2 isn't sanitising JSONP callbacks correctl…
Affected versions:
<1.6a1
Pyramid 1.6a1 prevents timing attacks against CSRF tokens.
ht…
Affected versions:
<1.6a1
Pyramid 1.6a1 prevents timing attacks in 'AuthTktCookieHelper'…
Affected versions:
<1.4a4
In pyramid 1.4a4 the ``pyramid.authentication.AuthTktAuthentic…
Affected versions:
<1.3a1
The AuthTktAuthenticationPolicy in pyramid before 1.3a1 did no…