Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
palletsprojects flask vulnerabilities and exploits
(subscribe to this query)
446
VMScore
CVE-2019-1010083
The Pallets Project Flask prior to 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656.
Palletsprojects Flask
4 Github repositories
NA
CVE-2023-30861
Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches `Set-Cookie` headers, it may send on...
Palletsprojects Flask
4 Github repositories
449
VMScore
CVE-2018-1000656
The Pallets Project flask version prior to 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in inc...
Palletsprojects Flask
Netapp Ontap Select Deploy Utility
Netapp Hyper Converged Infrastructure
Netapp Active Iq
12 Github repositories
383
VMScore
CVE-2016-10516
Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug prior to 0.11.11 (as used in Pallets Flask and other products) allows remote malicious users to inject arbitrary web script or HTML via a field that contai...
Palletsprojects Werkzeug
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started