
nautobot
pypi · Source of truth and network automation platform. · Repository · Package
Security Advisories for nautobot in pypi
Moderate
4 months ago
Nautobot may allows uploaded media files to be accessible without authentication
pypi
nautobot
Moderate
4 months ago
Nautobot vulnerable to secrets exposure and data manipulation through Jinja2 templating
pypi
nautobot
Moderate
over 1 year ago
Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects
pypi
nautobot
High
over 1 year ago
Nautobot's BANNER_* configuration can be used to inject arbitrary HTML content into Nautobot pages
pypi
nautobot
High
over 1 year ago
nautobot has reflected Cross-site Scripting potential in all object list views
pypi
nautobot
High
over 1 year ago
XSS potential in rendered Markdown fields (comments, description, notes, etc.)
pypi
nautobot
Low
almost 2 years ago
Nautobot missing object-level permissions enforcement when running Job Buttons
pypi
nautobot
High
almost 2 years ago
Cross-site Scripting potential in custom links, job buttons, and computed fields
pypi
nautobot
High
almost 2 years ago
Nautobot vulnerable to exposure of hashed user passwords via REST API
pypi
nautobot
High
over 2 years ago
Nautobot vulnerable to remote code execution via Jinja2 template rendering
pypi
nautobot