Lucene search
K

10 matches found

OpenVAS
OpenVAS
added 2025/11/14 12:0 a.m.2 views

Mageia: Security Advisory (MGASA-2025-0286)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.00677EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2025/07/04 12:0 a.m.4 views

Ubuntu: Security Advisory (USN-7612-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.9AI score0.00677EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-6221

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in corydolphin/flask-cors version 4.0.1 allows the Access-Control-Allow-Private-Network CORS header to be set to true by default. This behavior...

7.5CVSS6.5AI score0.00677EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/27 12:45 p.m.5 views

Security Bulletin: Vulnerability in Flask-Cors affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-6221]

Summary The Flask-Cors package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2024-6221. Vulnerability Details CVEID:CVE-2024-6221 DESCRIPTION: Flask-CORS could allow a remote attacker to obtain sensitive information, caused ...

7.5CVSS6.1AI score0.00677EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/12 10:9 a.m.39 views

Security Bulletin: IBM Maximo Application Suite, IBM Truststore Manager and IBM Asset Data Dictionary Component uses third party libraries which is vulnerable to multiple CVEs

Summary IBM Maximo Application Suite, IBM Truststore Manager and IBM Asset Data Dictionary Component uses FlaskCors-4.0.1-py2.py3-none-any.whl, requests-2.31.0-py3-none-any.whl, express-4.19.2.tgz, commons-compress-1.22.jar, commons-io-2.11.0.jar, urllib3-1.26.18-py2.py3-none-any.whl,...

8.1CVSS7.9AI score0.01241EPSS
Exploits2Affected Software1
vulnersOsv
vulnersOsv
added 2024/08/18 7:15 p.m.4 views

aberoth-ephemeris (>=1.0.0 <=1.0.2), abstra (>=1.8.8 <=2.5.1) +498 more potentially affected by CVE-2024-6221 via flask-cors (>=1.1.2 <=4.0.1)

flask-cors PYPI version =1.1.2, =1.0.0, =1.8.8, =1.1.4, =0.0.1, =0.0.1, =0.0.4, =0.0.13, =0.1.1, =0.0.1, =0.0.18, =1.0.2, =2.5.0, =2.5.0, =0.1.0b2696.post0.dev1, =0.1.8, =0.1.22 and more Source cves: CVE-2024-6221 Source advisory: OSV:PYSEC-2024-260...

7.5CVSS6.7AI score0.00677EPSS
Exploits1
Wolfi
Wolfi
added 2024/08/18 7:15 p.m.90 views

CVE-2024-6221 vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app, kubeflow-jupyter-web-app, py3-flask-cors...

7.5CVSS6.7AI score0.00677EPSS
Exploits1
Chainguard
Chainguard
added 2024/08/18 7:15 p.m.14 views

CVE-2024-6221 vulnerabilities

Vulnerabilities for packages: kubeflow-jupyter-web-app, py3-flask-cors, kubeflow-volumes-web-app...

7.5CVSS6.7AI score0.00677EPSS
Exploits1
Debian CVE
Debian CVE
added 2024/08/18 6:58 p.m.24 views

CVE-2024-6221

A vulnerability in corydolphin/flask-cors version 4.0.1 allows the Access-Control-Allow-Private-Network CORS header to be set to true by default. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches,...

7.5CVSS6.7AI score0.00677EPSS
Exploits1
Cvelist
Cvelist
added 2024/08/18 6:58 p.m.43 views

CVE-2024-6221 Improper Access Control in corydolphin/flask-cors

A vulnerability in corydolphin/flask-cors version 4.0.1 allows the Access-Control-Allow-Private-Network CORS header to be set to true by default. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches,...

6.5CVSS0.00677EPSS
Exploits1References2
Rows per page
Query Builder