Lucene search
K

51 matches found

osv
osv
added 2026/06/03 2:53 p.m.6 views

ROOT-APP-PYPI-CVE-2023-30861 CVE-2023-30861 in rootio-Flask - Patched by Root

Root has patched CVE-2023-30861 in the rootio-Flask package for Root:PyPI. Multiple fixed versions available...

7.5CVSS7.9AI score0.01261EPSS
Exploits1
ibm
ibm
added 2026/04/08 10:31 a.m.9 views

Security Bulletin: Session Cookie Exposure via Improper Cache Handling in Flask (≤ v2.3.1, ≤ v2.2.4), affects watsonx.data

Summary A vulnerability in Flask ≤ v2.3.1, ≤ v2.2.4 can cause session cookies to be exposed when responses are cached by a proxy. This occurs if sessions are permanent but not accessed during a request, combined with default cache settings. The issue is fixed in versions 2.3.2 and 2.2.5. This can...

7.5CVSS7.1AI score0.01261EPSS
Exploits1Affected Software1
nessus
nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : python-flask-0.10.1-7.el7 (AXSA:2023-5938:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5938:01 advisory. flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header CVE-2023-30861 Tenable has extracted the preceding description bloc...

7.5CVSS7.7AI score0.01261EPSS
Exploits1References2
nessus
nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 4: python-flask (TSSA-2025:0162)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0162 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.5CVSS7.4AI score0.01261EPSS
Exploits1References2
ibm
ibm
added 2025/06/03 5:40 a.m.13 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to exposing sensitive information due to Flask ( CVE-2023-30861 )

Summary Flask is used by IBM Cloud Pak for Data. CVE-2023-30861. Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitive information, caused by missing Vary: Cookie header. By sending a specially crafted request, an attacker could...

7.5CVSS6.1AI score0.01261EPSS
Exploits1Affected Software1
nessus
nessus
added 2025/05/14 12:0 a.m.9 views

Alibaba Cloud Linux 3 : 0008: python-flask (ALINUX3-SA-2024:0008)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0008 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-30861: Flask is a lightweight WSGI web...

7.5CVSS7.4AI score0.01261EPSS
Exploits1References2
ibm
ibm
added 2025/04/25 2:14 p.m.13 views

Security Bulletin: Vulnerability in Flask affects IBM Cloud Pak for Data System 1.0 (CPDS 1.0)[CVE-2023-30861]

Summary The Flask package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-30861. Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitive information, caused by...

7.5CVSS6.1AI score0.01261EPSS
Exploits1Affected Software1
githubexploit
githubexploit
added 2025/04/25 6:59 a.m.802 views

Exploit for Use of Persistent Cookies Containing Sensitive Information in Palletsprojects Flask

CVE-2023-30861 PoC Proof of Concept ⚠️ 주의 CAUTION...

7.5CVSS7.1AI score0.01261EPSS
Exploits1
ibm
ibm
added 2025/04/15 3:4 a.m.36 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-31346 DESCRIPTION: AMD SEV-SNP Firmware could allow a local authenticated...

9.1CVSS10AI score0.03288EPSS
Exploits5Affected Software1
ibm
ibm
added 2025/03/04 9:4 a.m.20 views

Security Bulletin: Vulnerability in Flask affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [ CVE-2023-30861]

Summary The Flask package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVE CVE-2023-30861 Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitive information, caused by...

7.5CVSS6.1AI score0.01261EPSS
Exploits1Affected Software1
ibm
ibm
added 2024/12/11 8:56 a.m.12 views

Security Bulletin: There is a vulnerability in the Flask library impacting IBM watsonx Code Assistant for Ansible

Summary There is a vulnerability in the Flask library impacting IBM watsonx Code Assistant for Ansible. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitiv...

7.5CVSS6.2AI score0.01261EPSS
Exploits1Affected Software1
openvas
openvas
added 2024/09/10 12:0 a.m.8 views

Fedora: Security Advisory (FEDORA-2023-ebc3be7db1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.01261EPSS
Exploits1References3
nessus
nessus
added 2024/04/28 12:0 a.m.23 views

RHEL 8 : Red Hat OpenStack Platform 16.2 (python-flask) (RHSA-2023:3444)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3444 advisory. Flask is called a micro-framework because the idea to keep the core simple but extensible. There is no database abstraction layer, no form validation...

7.5CVSS7.7AI score0.01261EPSS
Exploits1References4
nessus
nessus
added 2024/04/28 12:0 a.m.33 views

RHEL 8 / 9 : OpenShift Container Platform 4.13.3 (RHSA-2023:3536)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3536 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9.8CVSS7.2AI score0.02281EPSS
Exploits1References9
nessus
nessus
added 2024/04/28 12:0 a.m.16 views

RHEL 8 : Red Hat OpenStack Platform 16.1 (python-flask) (RHSA-2023:3446)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3446 advisory. Flask is called a micro-framework because the idea to keep the core simple but extensible. There is no database abstraction layer, no form validation...

7.5CVSS7.7AI score0.01261EPSS
Exploits1References4
nessus
nessus
added 2024/04/28 12:0 a.m.27 views

RHEL 8 : OpenShift Container Platform 4.11.43 (RHSA-2023:3541)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3541 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

7.5CVSS6.7AI score0.01261EPSS
Exploits2References7
nessus
nessus
added 2024/04/28 12:0 a.m.22 views

RHEL 8 / 9 : OpenShift Container Platform 4.12.21 (RHSA-2023:3545)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3545 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9.8CVSS7.2AI score0.01548EPSS
Exploits1References7
redhat
redhat
added 2023/11/30 2:34 p.m.34 views

Important: Red Hat Security Advisory: Red Hat Quay security update

An update is now available for Red Hat Quay 3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS6.7AI score0.0142EPSS
Exploits2References21
nessus
nessus
added 2023/11/07 12:0 a.m.19 views

Fedora 39 : python-flask (2023-ebc3be7db1)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-ebc3be7db1 advisory. Automatic update for python-flask-2.2.5-1.fc39. Changelog Tue May 9 2023 Frantisek Zatloukal - 2.2.5-1 - Update to 2.2.5 fixes RHBZ2196644 Tenable has...

7.5CVSS7.7AI score0.01261EPSS
Exploits1References2
nessus
nessus
added 2023/08/22 12:0 a.m.41 views

Debian dla-3536 : python-flask - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3536 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3536-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS7.5AI score0.01261EPSS
Exploits1References4
Rows per page
Query Builder