Browse all 3 CVE security advisories affecting simonw. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Simonw develops web application frameworks and tools, primarily serving developers building secure backend systems. Historically, vulnerabilities associated with this project include remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation issues and improper access controls. The project maintains a moderate CVE count with three recorded vulnerabilities, reflecting ongoing security improvements. While no major security incidents have been widely documented, the project's codebase occasionally requires patches for authentication bypass and data exposure risks. Simonw's security posture emphasizes rapid vulnerability remediation and comprehensive input sanitization to mitigate common web application threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-64481 | Open redirect endpoint in Datasette — datasetteCWE-601 | 6.1 | - | 2025-11-07 |
| CVE-2023-40570 | Datasette 1.0 alpha series leaks names of databases and tables to unauthenticated users — datasetteCWE-213 | 5.3 | Medium | 2023-08-25 |
| CVE-2021-32670 | Reflected cross-site scripting issue in Datasette — datasetteCWE-79 | 7.2 | High | 2021-06-07 |
This page lists every published CVE security advisory associated with simonw. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.