Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2023/08/31 12:0 a.m.22 views

FreeBSD : py-flask-security -- user redirect to arbitrary URL vulnerability (06492bd5-085a-4cc0-9743-e30164bdcb1c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 06492bd5-085a-4cc0-9743-e30164bdcb1c advisory. - This affects all versions of package Flask-Security. When using the getpostlogoutredirect and...

6.1CVSS6.8AI score0.00913EPSS
Exploits1References3
Debian
Debian
added 2023/08/28 5:6 p.m.28 views

[SECURITY] [DLA 3545-1] flask-security security update

Debian LTS Advisory DLA-3545-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton August 28, 2023 https://wiki.debian.org/LTS Package : flask-security Version : 1.7.5-2+deb10u1 CVE ID : CVE-2021-23385 Debian Bug : 1021279 It was discovered that when using the...

6.1CVSS6.6AI score0.00913EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/08/28 12:0 a.m.23 views

Debian dla-3545 : python3-flask-security - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3545 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3545-1 [email protected] https://www.debian.org/lts/security/...

6.1CVSS6.8AI score0.00913EPSS
Exploits1References4
Mageia
Mageia
added 2023/03/24 5:55 a.m.47 views

Updated python-flask-security packages fix security vulnerability

Open redirect CVE-2021-23385...

6.1CVSS6.3AI score0.00913EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/01/20 12:0 a.m.41 views

openSUSE 15 Security Update : python-Flask-Security (SUSE-SU-2022:3834-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:3834-1 advisory. - CVE-2021-23385: Fixed open redirect bsc1202105. Tenable has extracted the preceding description block directly from the SUSE security advisory. Note that...

6.1CVSS6.7AI score0.00913EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/11/04 12:0 a.m.24 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-Flask-Security-Too (SUSE-SU-2022:3867-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3867-1 advisory. - CVE-2021-23385: Fixed open redirect bsc1202105. Tenable has extracted the preceding description block...

6.1CVSS6.7AI score0.00913EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/11/04 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2022:3867-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.4AI score0.00913EPSS
Exploits1References2
OSV
OSV
added 2022/11/01 7:59 a.m.8 views

SUSE-SU-2022:3834-1 Security update for python-Flask-Security

This update for python-Flask-Security fixes the following issues: - CVE-2021-23385: Fixed open redirect bsc1202105...

6.1CVSS6.3AI score0.00913EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2022/10/07 7:29 a.m.3 views

betterlifepsi (>=0.6.7.post3 <=0.6.8), cg (>=1.0.0 <=13.1.0) +23 more potentially affected by CVE-2021-23385 via flask-security (>=1.7.5 <=3.0.0)

flask-security PYPI version =1.7.5, =0.6.7.post3, =1.0.0, =0.0.1, =2.5.0, =1.0.0a1, =1.0.0a2, =1.0.0a23, =0.21.0, =1.0.2, =1.2.6 and more Source cves: CVE-2021-23385 Source advisory: OSV:GHSA-CG8C-GC2J-2WF7...

6.1CVSS6.5AI score0.00913EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2022/08/02 2:15 p.m.40 views

CVE-2021-23385

This affects all versions of package Flask-Security. When using the getpostlogoutredirect and getpostloginredirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\evil.com/path. This vulnerability is only...

6.1CVSS6.6AI score0.00913EPSS
Exploits1References5
OSV
OSV
added 2022/08/02 2:15 p.m.5 views

UBUNTU-CVE-2021-23385

This affects all versions of package Flask-Security. When using the getpostlogoutredirect and getpostloginredirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\evil.com/path. This vulnerability is only...

6.1CVSS6.5AI score0.00913EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2022/08/02 1:25 p.m.44 views

CVE-2021-23385

This affects all versions of package Flask-Security. When using the getpostlogoutredirect and getpostloginredirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\evil.com/path. This vulnerability is only...

6.1CVSS6.3AI score0.00913EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2022/08/02 1:22 p.m.5 views

CVE-2021-23385

This affects all versions of package Flask-Security. When using the getpostlogoutredirect and getpostloginredirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\evil.com/path. This vulnerability is only...

6.1CVSS5.7AI score0.00913EPSS
Exploits1References5
Rows per page
Query Builder