wisp

Hex2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting wisppage 1 of 1

CVE-2026-28807HIGHCVSS 7.5EG 0.0✓ Fixed in 2.2.1
2026-03-10
vulnerable: 2.1.1, 2.2.0
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in gleam-wisp wisp allows arbitrary file read via percent-encoded path traversal. The wisp.serve_static function is vulnerable to path traversal …
CVE-2026-32145HIGHCVSS 7.5EG 0.0✓ Fixed in 2.2.2
2026-04-02
vulnerable: 0.1.0 ... 2.2.1 (34 versions)
Allocation of Resources Without Limits or Throttling vulnerability in gleam-wisp wisp allows a denial of service via multipart form body parsing. The multipart_body function bypasses configured max_body_size and max_files_size limits. Whe…

Check whether wisp is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for wisp CVEs against the assets you own.

Start Free Scan →