Flask 安全漏洞

Flask is a Python micro-framework developed by Pallets, used for building web applications. Versions of Flask prior to 3.1.2 have a security vulnerability caused by an improper setting of the Vary header when accessing session objects. This vulnerability may lead to the use of cache containing...

abcvlib (=0.0.7), aberoth-ephemeris (>=1.0.0 <=1.0.2) +882 more potentially affected by CVE-2026-27205 via flask (>=3.0.0 <=3.1.2)

flask PYPI version =3.0.0, =1.0.0, =1.1.0, =1.0.2, =0.3.1, =4.11.0, =0.2.4.1, =1.3.0, =0.1.0, =0.1.1, =0.5.7, =0.1.0, =1.1.0, =0.0.1, =0.1.5.dev0 and more Source cves: CVE-2026-27205 Source advisory: SNYK:PYTHON-FLASK-15322678...

DEBIAN-CVE-2023-30861

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client's session...

PT-2023-2566

Name of the Vulnerable Software and Affected Versions Flask versions prior to 2.3.2 Flask versions prior to 2.2.5 Description The issue arises when a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches...