Lucene search
K

11 matches found

OpenVAS
OpenVAS
added 2025/11/14 12:0 a.m.2 views

Mageia: Security Advisory (MGASA-2025-0286)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.00677EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-6839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific one...

5.3CVSS6.9AI score0.00652EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/01 10:38 a.m.11 views

Security Bulletin: IBM Maximo Application Suite uses flask_cors-5.0.1-py3-none-any.whl which is vulnerable to CVE-2024-6866, CVE-2024-6839, CVE-2024-6.

Summary IBM Maximo Application Suite uses flaskcors-5.0.1-py3-none-any.whl which is vulnerable toCVE-2024-6866, CVE-2024-6839, CVE-2024-6.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-6866 DESCRIPTION: corydolphin/flask-cors...

7.5CVSS7AI score0.00652EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/01 10:29 a.m.7 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses flask_cors-5.0.1-py3-none-any.whl which is vulnerable to this CVE-2024-6839, CVE-2024-6866 and CVE-2024-6844

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses flaskcors-5.0.1-py3-none-any.whl which is vulnerable to this CVE-2024-6839, CVE-2024-6866 and CVE-2024-6844 Vulnerability Details CVEID:CVE-2024-6866 DESCRIPTION: corydolphin/flask-cors version 4.01 contain...

7.5CVSS6.8AI score0.00652EPSS
Exploits3Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/20 3:58 p.m.8 views

CVE-2024-6839

A flaw was found inflask-cors. This vulnerability allows unauthorized cross-origin access to sensitive data or functionality via improper regex path matching, prioritizing longer patterns over more specific ones. This issue leads to less restrictive CORS policies being applied to sensitive...

4.3CVSS6.6AI score0.00652EPSS
Exploits1References4
Circl
Circl
added 2025/03/20 1:10 p.m.24 views

CVE-2024-6839

creationtimestamp| type| source ---|---|--- 2025-03-20 13:10:28+00:00| seen| https://bsky.app/profile/potato.software/post/3lksrid6ije2a 2025-05-23 22:39:43+00:00| seen| https://gist.github.com/EbonJaeger/4959b52b5b6898ca4e109d36bb8b6d36...

5.3CVSS5.5AI score0.00652EPSS
Exploits1References2
NVD
NVD
added 2025/03/20 10:15 a.m.7 views

CVE-2024-6839

corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching paths, which can lead to less restrictive CORS policies being applied to sensitive endpoints. This mismatch in regex...

5.3CVSS0.00652EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/03/20 10:15 a.m.7 views

CVE-2024-6839

corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching paths, which can lead to less restrictive CORS policies being applied to sensitive endpoints. This mismatch in regex...

5.3CVSS6.4AI score0.00652EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/03/20 10:9 a.m.8 views

CVE-2024-6839 Improper Regex Path Matching in corydolphin/flask-cors

corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching paths, which can lead to less restrictive CORS policies being applied to sensitive endpoints. This mismatch in regex...

4.3CVSS4.6AI score0.00652EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2025/03/20 10:9 a.m.6 views

CVE-2024-6839

corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching paths, which can lead to less restrictive CORS policies being applied to sensitive endpoints. This mismatch in regex...

5.3CVSS5.6AI score0.00652EPSS
Exploits1
OSV
OSV
added 2025/03/20 10:9 a.m.8 views

CVE-2024-6839 Improper Regex Path Matching in corydolphin/flask-cors

corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching paths, which can lead to less restrictive CORS policies being applied to sensitive endpoints. This mismatch in regex...

4.3CVSS6.3AI score0.00652EPSS
Exploits1References4
Rows per page
Query Builder