51 matches found
ROOT-APP-PYPI-CVE-2023-30861 CVE-2023-30861 in rootio-Flask - Patched by Root
Root has patched CVE-2023-30861 in the rootio-Flask package for Root:PyPI. Multiple fixed versions available...
Security Bulletin: Session Cookie Exposure via Improper Cache Handling in Flask (≤ v2.3.1, ≤ v2.2.4), affects watsonx.data
Summary A vulnerability in Flask ≤ v2.3.1, ≤ v2.2.4 can cause session cookies to be exposed when responses are cached by a proxy. This occurs if sessions are permanent but not accessed during a request, combined with default cache settings. The issue is fixed in versions 2.3.2 and 2.2.5. This can...
MiracleLinux 7 : python-flask-0.10.1-7.el7 (AXSA:2023-5938:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5938:01 advisory. flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header CVE-2023-30861 Tenable has extracted the preceding description bloc...
TencentOS Server 4: python-flask (TSSA-2025:0162)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0162 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Security Bulletin: IBM Cloud Pak for Data is vulnerable to exposing sensitive information due to Flask ( CVE-2023-30861 )
Summary Flask is used by IBM Cloud Pak for Data. CVE-2023-30861. Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitive information, caused by missing Vary: Cookie header. By sending a specially crafted request, an attacker could...
Alibaba Cloud Linux 3 : 0008: python-flask (ALINUX3-SA-2024:0008)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0008 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-30861: Flask is a lightweight WSGI web...
Security Bulletin: Vulnerability in Flask affects IBM Cloud Pak for Data System 1.0 (CPDS 1.0)[CVE-2023-30861]
Summary The Flask package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-30861. Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitive information, caused by...
Exploit for Use of Persistent Cookies Containing Sensitive Information in Palletsprojects Flask
CVE-2023-30861 PoC Proof of Concept ⚠️ 주의 CAUTION...
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-31346 DESCRIPTION: AMD SEV-SNP Firmware could allow a local authenticated...
Security Bulletin: Vulnerability in Flask affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [ CVE-2023-30861]
Summary The Flask package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVE CVE-2023-30861 Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitive information, caused by...
Security Bulletin: There is a vulnerability in the Flask library impacting IBM watsonx Code Assistant for Ansible
Summary There is a vulnerability in the Flask library impacting IBM watsonx Code Assistant for Ansible. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitiv...
Fedora: Security Advisory (FEDORA-2023-ebc3be7db1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 : Red Hat OpenStack Platform 16.2 (python-flask) (RHSA-2023:3444)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3444 advisory. Flask is called a micro-framework because the idea to keep the core simple but extensible. There is no database abstraction layer, no form validation...
RHEL 8 / 9 : OpenShift Container Platform 4.13.3 (RHSA-2023:3536)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3536 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
RHEL 8 : Red Hat OpenStack Platform 16.1 (python-flask) (RHSA-2023:3446)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3446 advisory. Flask is called a micro-framework because the idea to keep the core simple but extensible. There is no database abstraction layer, no form validation...
RHEL 8 : OpenShift Container Platform 4.11.43 (RHSA-2023:3541)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3541 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
RHEL 8 / 9 : OpenShift Container Platform 4.12.21 (RHSA-2023:3545)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3545 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
Important: Red Hat Security Advisory: Red Hat Quay security update
An update is now available for Red Hat Quay 3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Fedora 39 : python-flask (2023-ebc3be7db1)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-ebc3be7db1 advisory. Automatic update for python-flask-2.2.5-1.fc39. Changelog Tue May 9 2023 Frantisek Zatloukal - 2.2.5-1 - Update to 2.2.5 fixes RHBZ2196644 Tenable has...
Debian dla-3536 : python-flask - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3536 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3536-1 [email protected] https://www.debian.org/lts/security/...