Lucene search
+L

11 matches found

ibm
ibm
added 2026/06/01 5:8 p.m.12 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in flask-3.1.2-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in flask-3.1.2-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-27205 DESCRIPTION: Flask is a web server gateway interface WSGI web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask...

4.3CVSS5.8AI score0.00374EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/05/05 12:13 p.m.5 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205

Summary IBM Maximo Application Suite - Visual Inspection component uses flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-27205 DESCRIPTION: Flask is a web...

4.3CVSS5.7AI score0.00374EPSS
Exploits0Affected Software1
osv
osv
added 2026/05/03 9:55 a.m.6 views

OESA-2026-2135 python-flask security update

Flask is a lightweight WSGI web application framework. It is designed to make getting started quick and easy, with the ability to scale up to complex applications. It began as a simple wrapper around Werkzeug and Jinja and has become one of the most popular Python web application frameworks...

4.3CVSS5.7AI score0.00374EPSS
Exploits0References2
ibm
ibm
added 2026/04/06 6:34 p.m.7 views

Security Bulletin: IBM Maximo Application Suite uses flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205.

Summary IBM Maximo Application Suite uses flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-5889 DESCRIPTION: A vulnerability was found in juliangruber...

4.3CVSS4.8AI score0.00459EPSS
Exploits0Affected Software1
nessus
nessus
added 2026/03/30 12:0 a.m.4 views

Amazon Linux 2023 : python3-flask (ALAS2023-2026-1476)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1476 advisory. Flask is a web server gateway interface WSGI web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask should set the Vary: Cookie header., resulting in a Use o...

4.3CVSS5.8AI score0.00374EPSS
Exploits0References4
openvas
openvas
added 2026/03/11 12:0 a.m.4 views

openSUSE Security Advisory (SUSE-SU-2026:0849-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.8AI score0.00374EPSS
Exploits0References4
opensuse
opensuse
added 2026/02/27 12:0 a.m.6 views

python311-Flask-3.1.3-1.1 on GA media (moderate)

python311-Flask-3.1.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10264-1 Rating: moderate Cross-References: CVE-2026-27205 CVSS scores: CVE-2026-27205 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-27205 SUSE : 6...

6.5CVSS6AI score0.00374EPSS
Exploits0
osv
osv
added 2026/02/21 5:21 a.m.6 views

CVE-2026-27205 Flask session does not add `Vary: Cookie` header when accessed in some ways

Flask is a web server gateway interface WSGI web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask should set the Vary: Cookie header., resulting in a Use of Cache Containing Sensitive Information vulnerability. The logic instructs caches not to cache...

2.3CVSS5.5AI score0.00374EPSS
Exploits0References5
wolfi
wolfi
added 2026/02/20 7:48 p.m.5 views

CVE-2026-27205 vulnerabilities

Vulnerabilities for packages: open-webui, mlflow, kubeflow-volumes-web-app, mitmproxy, emissary, airflow...

4.3CVSS6.1AI score0.00374EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/02/19 8:45 p.m.25 views

2m (=1.2.5), abcvlib (=0.0.7) +887 more potentially affected by CVE-2026-27205 via flask (>=3.0.0 <=3.1.2)

flask PYPI version =3.0.0, =1.0.0, =1.1.0, =1.0.2, =0.3.1, =4.11.0, =0.2.4.1, =1.3.0, =0.1.0, =0.1.1, =0.5.7, =0.1.0, =1.1.0, =1.2.3 and more Source cves: CVE-2026-27205 Source advisory: SNYK:PYTHON-FLASK-15322678...

4.3CVSS5.7AI score0.00374EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/02/19 8:45 p.m.9 views

2m (=1.2.5), a-api-server (=1.3.0) +3876 more potentially affected by CVE-2026-27205 via flask (>=0.10.1 <=3.1.2)

flask PYPI version =0.10.1, =0.1.0, =0.10.0, =1.0.2, =1.0.0, =1.0.5, =1.8.8, =1.0.2, =0.3.1, =0.3.7.dev2 and more Source cves: CVE-2026-27205 Source advisory: OSV:GHSA-68RP-WP8R-4726...

4.3CVSS5.7AI score0.00374EPSS
Exploits0
Rows per page
Query Builder