Lucene search
GitHub Advisory DatabaseGHSA-PP84-V3MW-GG4WHistoryAug 27, 2024 - 7:50 p.m.
Taipy 3.1.1 affected by CVEs on flask-core and pymongo
2024-08-2719:50:54
GitHub Advisory Database
github.com
6
taipy
cve-2024-1681
flask-core
pymongo
version upgrades
pre-commit breaks
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
AI Score
6.6
Confidence
Low
Summary
CVEs on latest 3.1.1
Details
SECURITY ISSUES
CVE-2024-1681: flask-core <4.0.1
latest version of taipi 3.1.1 needs <=4.0.0
CVE-2024-5629: pymongo <4.6.3
#latest version of taipi 3.1.1 needs <=4.6.1
PoC
please upgrade to these versions
Impact
pre-commit breaks
Affected configurations
Node
taipyRange≤3.1.1
Related
osv
osv
Taipy 3.1.1 affected by CVEs on flask-core and pymongo
2024-08-27 19:50:54
pymongo - security update
2024-06-17 00:00:00
CVE-2024-5629
2024-06-05 15:15:12
mongodb
mongodb
Out-of-bounds read in bson module of PyMongo
2024-06-05 14:32:00
nessus
nessus
Debian dla-3889 : python-pymongo-doc - security update
2024-09-16 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : PyMongo vulnerability (USN-6904-1)
2024-07-22 00:00:00
PyMongo < 4.6.3 Out-of-bounds Read
2024-04-11 00:00:00
debiancve
debiancve
CVE-2024-5629
2024-06-05 15:15:12
CVE-2024-1681
2024-04-19 20:15:09
cve
cve
github
github
PyMongo Out-of-bounds Read in the bson module
2024-06-05 15:30:39
flask-cors vulnerable to log injection when the log level is set to debug
2024-04-19 21:31:08
PyMongo Out-of-bounds Read in the bson module
2024-04-06 06:31:08
redhatcve
redhatcve
CVE-2024-5629
2024-06-05 17:34:36
vulnrichment
vulnrichment
CVE-2024-5629 Out-of-bounds read in bson module of PyMongo
2024-06-05 14:32:56
CVE-2024-1681 Log Injection Vulnerability in corydolphin/flask-cors
2024-04-19 19:37:27
openvas
openvas
Debian: Security Advisory (DLA-3889-1)
2024-09-17 00:00:00
Debian: Security Advisory (DLA-3832-1)
2024-07-01 00:00:00
Ubuntu: Security Advisory (USN-6904-1)
2024-07-23 00:00:00
redos
redos
ROS-20240611-01
2024-06-11 00:00:00
cvelist
cvelist
CVE-2024-5629 Out-of-bounds read in bson module of PyMongo
2024-06-05 14:32:56
CVE-2024-1681 Log Injection Vulnerability in corydolphin/flask-cors
2024-04-19 19:37:27
veracode
veracode
Out-of-bounds Read
2024-04-08 04:56:12
Log Injection
2024-04-22 05:53:55
ubuntu
ubuntu
PyMongo vulnerability
2024-07-22 00:00:00
wolfi
wolfi
CVE-2024-5629 vulnerabilities
2024-09-27 09:13:12
CVE-2024-1681 vulnerabilities
2024-09-27 09:13:12
nvd
nvd
ubuntucve
ubuntucve
CVE-2024-5629
2024-06-05 00:00:00
CVE-2024-1681
2024-04-19 00:00:00
ibm
ibm
cgr
cgr
CVE-2024-1681 vulnerabilities
2024-05-19 03:07:16
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
AI Score
6.6
Confidence
Low
Related for GHSA-PP84-V3MW-GG4W