Safety vulnerability ID: 76171
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Affected versions of the Mesop Python package (≤ 0.14.0) are vulnerable to a class pollution vulnerability. An attacker may exploit improper handling of double-underscore properties in dataclass utilities to overwrite critical global and class attributes, potentially triggering denial-of-service (DoS) and identity impersonation attacks. The vulnerability is exploitable via remote JSON input and affects functions such as update_dataclass_from_json. Remediation involves upgrading to Mesop version 0.14.1 or later. Note: This issue is specific to Python frameworks and is rated CVSS 8.1 (CWE-915), reflecting independent assessments beyond standard Mitre/NVD metrics.
Latest version: 1.0.1
Build UIs in Python
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application