The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656.
[
{
"product": "Flask",
"vendor": "The Pallets Project",
"versions": [
{
"status": "affected",
"version": "≤ 1.0 [fixed: 1]"
}
]
}
]