Lucene search
K

6 matches found

Fedora
Fedora
added 2026/04/25 1:55 a.m.7 views

[SECURITY] Fedora 44 Update: python-flask-httpauth-4.8.1-1.fc44

FlaskHTTPAuth Basic and Digest HTTP authentication for Flask routes...

8.2CVSS5.6AI score0.00324EPSS
Exploits0
Fedora
Fedora
added 2026/04/16 12:55 a.m.5 views

[SECURITY] Fedora 43 Update: python-flask-httpauth-4.8.1-1.fc43

FlaskHTTPAuth Basic and Digest HTTP authentication for Flask routes...

8.2CVSS5.8AI score0.00324EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/04/06 6:0 p.m.8 views

changedetection.io Vulnerable to Authentication Bypass via Decorator Ordering

Summary On 13 routes across 5 blueprint files, the @loginoptionallyrequired decorator is placed before outer to @blueprint.route instead of after it. In Flask, @route must be the outermost decorator because it registers the function it receives. When the order is reversed, @route registers the...

9.8CVSS5.9AI score0.00536EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/04/06 6:0 p.m.2 views

GHSA-JMRH-XMGH-X9J4 changedetection.io Vulnerable to Authentication Bypass via Decorator Ordering

Summary On 13 routes across 5 blueprint files, the @loginoptionallyrequired decorator is placed before outer to @blueprint.route instead of after it. In Flask, @route must be the outermost decorator because it registers the function it receives. When the order is reversed, @route registers the...

9.8CVSS5.9AI score0.00536EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.4 views

PT-2026-30758

Summary On 13 routes across 5 blueprint files, the @login optionally required decorator is placed before outer to @blueprint.route instead of after it. In Flask, @route must be the outermost decorator because it registers the function it receives. When the order is reversed, @route registers the...

9.8CVSS5.9AI score0.00536EPSS
Exploits1References6
Huntr
Huntr
added 2025/08/21 9:10 p.m.4 views

Authorization Bypass in MLflow Basic Auth (unprotected Flask/GraphQL routes)

This report is not public...

6.9AI score
Exploits0
Rows per page
Query Builder