Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-p44q-vqpr-4xmg
  • PyPI/flask-httpauth
 Flask-HTTPAuth invokes token verification callback when missing or empty token was given by client 31 Mar
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-65mp-fq8v-56jr
  • PyPI/flask-reuploaded
 Flask-Reuploaded vulnerable to Remote Code Execution via Server-Side Template Injection 25 Feb
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-68rp-wp8r-4726
  • PyPI/flask
 Flask session does not add `Vary: Cookie` header when accessed in some ways 19 Feb
  • Fix available
  • Severity - 2.3 (Low)
MAL-2026-505
  • PyPI/flask-hookserver
 Malicious code in flask-hookserver (PyPI) 25 Jan
  • No fix available
GHSA-765j-9r45-w2q2
  • PyPI/flask-appbuilder
 Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods 11 Sep 2025
  • Fix available
  • Severity - 6.5 (Medium)
MAL-2025-191732
  • PyPI/flask-tdg-cyberx
 Malicious code in flask-tdg-cyberx (PyPI) 17 Aug 2025
  • No fix available
MAL-2025-41675
  • PyPI/flask-tdg-cyber
 Malicious code in flask-tdg-cyber (PyPI) 11 Aug 2025
  • No fix available
GHSA-99pm-ch96-ccp2
  • PyPI/flask-appbuilder
 Flask-AppBuilder open redirect vulnerability using HTTP host injection 16 May 2025
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-4grg-w6v8-c28g
  • PyPI/flask
 Flask uses fallback key instead of current signing key 13 May 2025
  • Fix available
  • Severity - 1.8 (Low)
MAL-2025-191730
  • PyPI/flask-auth-sys
 Malicious code in flask-auth-sys (PyPI) 02 Apr 2025
  • No fix available
MAL-2025-191731
  • PyPI/flask-auth-system
 Malicious code in flask-auth-system (PyPI) 02 Apr 2025
  • No fix available
GHSA-43qf-4rqw-9q2g
  • PyPI/flask-cors
 Flask-CORS vulnerable to Improper Handling of Case Sensitivity 20 Mar 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-7rxf-gvfg-47g4
  • PyPI/flask-cors
 Flask-CORS improper regex path matching vulnerability 20 Mar 2025
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-8vgw-p6qm-5gr7
  • PyPI/flask-cors
 Flask-CORS allows for inconsistent CORS matching 20 Mar 2025
  • Fix available
  • Severity - 5.3 (Medium)
PYSEC-2025-15
  • PyPI/flask-appbuilder
 See record for full details 03 Mar 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-p8q5-cvwx-wvwp
  • PyPI/flask-appbuilder
 Flask-AppBuilder Observable Response Discrepancy 03 Mar 2025
  • Fix available
  • Severity - 3.7 (Low)
Load more...