Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flask-security project flask-security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-23385
This affects all versions of package Flask-Security. When using the get_post_logout_redirect and get_post_login_redirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vu...
Flask-security Project Flask-security
5.8
CVSSv2
CVE-2021-32618
The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is an independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. All versions of Flask-Security-Too allow redirects aft...
Flask-security Project Flask-security
1 Github repository
NA
CVE-2023-49438
An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows malicious users to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes.
Flask-security-too Project Flask-security-too
1 Github repository
4.3
CVSSv2
CVE-2021-21241
The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. In Flask-Security-Too from version 3.3.0 and before ver...
Flask-security-too Project Flask-security-too
5
CVSSv2
CVE-2018-1000656
The Pallets Project flask version prior to 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in inc...
Palletsprojects Flask
Netapp Ontap Select Deploy Utility
Netapp Hyper Converged Infrastructure
Netapp Active Iq
12 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started