Q: What Python frameworks are you familiar with and what vulnerabilities have been found in them?
A: I am familiar with several Python web frameworks, including:
- Django
- Flask
- Tornado
- Pyramid
- Web2py
- Bottle
- Hug
- Cherrypy
Some notable vulnerabilities found in these frameworks include:
- Django: XML entity injection.
- Flask: Jinja2 template injection.
- Pyramid: XML entity injection.
- Web2py: SSL encryption data leakage.
- Bottle: Remote code execution.
- Hug: Path traversal vulnerability.