Lucene search
K

11 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 5:8 p.m.12 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in flask-3.1.2-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in flask-3.1.2-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-27205 DESCRIPTION: Flask is a web server gateway interface WSGI web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask...

4.3CVSS5.8AI score0.00374EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/05 12:13 p.m.5 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205

Summary IBM Maximo Application Suite - Visual Inspection component uses flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-27205 DESCRIPTION: Flask is a web...

4.3CVSS5.7AI score0.00374EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/05/03 9:55 a.m.6 views

OESA-2026-2135 python-flask security update

Flask is a lightweight WSGI web application framework. It is designed to make getting started quick and easy, with the ability to scale up to complex applications. It began as a simple wrapper around Werkzeug and Jinja and has become one of the most popular Python web application frameworks...

4.3CVSS5.7AI score0.00374EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/06 6:34 p.m.7 views

Security Bulletin: IBM Maximo Application Suite uses flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205.

Summary IBM Maximo Application Suite uses flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-5889 DESCRIPTION: A vulnerability was found in juliangruber...

4.3CVSS4.8AI score0.00459EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.2 views

Amazon Linux 2023 : python3-flask (ALAS2023-2026-1476)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1476 advisory. Flask is a web server gateway interface WSGI web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask should set the Vary: Cookie header., resulting in a Use o...

4.3CVSS5.8AI score0.00374EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2026/03/11 12:0 a.m.4 views

openSUSE Security Advisory (SUSE-SU-2026:0849-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.8AI score0.00374EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/27 12:0 a.m.6 views

python311-Flask-3.1.3-1.1 on GA media (moderate)

python311-Flask-3.1.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10264-1 Rating: moderate Cross-References: CVE-2026-27205 CVSS scores: CVE-2026-27205 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-27205 SUSE : 6...

6.5CVSS6AI score0.00374EPSS
Exploits0
OSV
OSV
added 2026/02/21 5:21 a.m.6 views

CVE-2026-27205 Flask session does not add `Vary: Cookie` header when accessed in some ways

Flask is a web server gateway interface WSGI web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask should set the Vary: Cookie header., resulting in a Use of Cache Containing Sensitive Information vulnerability. The logic instructs caches not to cache...

2.3CVSS5.5AI score0.00374EPSS
Exploits0References5
Wolfi
Wolfi
added 2026/02/20 7:48 p.m.5 views

CVE-2026-27205 vulnerabilities

Vulnerabilities for packages: emissary, kubeflow-volumes-web-app, airflow, open-webui, mlflow, mitmproxy...

4.3CVSS6.1AI score0.00374EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/19 8:45 p.m.25 views

2m (=1.2.5), abcvlib (=0.0.7) +887 more potentially affected by CVE-2026-27205 via flask (>=3.0.0 <=3.1.2)

flask PYPI version =3.0.0, =1.0.0, =1.1.0, =1.0.2, =0.3.1, =4.11.0, =0.2.4.1, =1.3.0, =0.1.0, =0.1.1, =0.5.7, =0.1.0, =1.1.0, =1.2.3 and more Source cves: CVE-2026-27205 Source advisory: SNYK:PYTHON-FLASK-15322678...

4.3CVSS5.7AI score0.00374EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/19 8:45 p.m.9 views

2m (=1.2.5), a-api-server (=1.3.0) +3876 more potentially affected by CVE-2026-27205 via flask (>=0.10.1 <=3.1.2)

flask PYPI version =0.10.1, =0.1.0, =0.10.0, =1.0.2, =1.0.0, =1.0.5, =1.8.8, =1.0.2, =0.3.1, =0.3.7.dev2 and more Source cves: CVE-2026-27205 Source advisory: OSV:GHSA-68RP-WP8R-4726...

4.3CVSS5.7AI score0.00374EPSS
Exploits0
Rows per page
Query Builder