dash-uploader
PyPI2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting dash-uploaderpage 1 of 1
- CVE-2026-38360CRITICALCVSS 9.8EG 9.82026-05-08
vulnerable: 0.1.0 ... 0.7.0a2 (16 versions)
Directory Traversal vulnerability in fohrloop dash-uploader v.0.1.0 through v.0.7.0a2 allows a remote attacker to execute arbitrary code via the dash_uploader/httprequesthandler.py, BaseHttpRequestHandler.get_temp_root(), BaseHttpRequestHa…
- CVE-2026-38361HIGHCVSS 7.5EG 7.5✓ Fixed in 0.7.0a12026-05-08
vulnerable: 0.1.0 ... 0.6.1 (14 versions)
Multiple unauthenticated denial-of-service (DoS) issues in fohrloop dash-uploader v0.1.0 through v0.7.0a2. The chunked-upload handler (dash_uploader/httprequesthandler.py, dash_uploader/upload.py) trusts unsanitized, attacker-controlled up…
Check whether dash-uploader is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for dash-uploader CVEs against the assets you own.
Start Free Scan →