5 matches found
SUSE CVE-2025-47278
Flask is a web server gateway interface WSGI web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the itsdangerous library. A list of keys can...
AZL-77828 CVE-2025-47278 affecting package python-flask 1.1.1-4
Flask is a web server gateway interface WSGI web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the itsdangerous library. A list of keys can...
DEBIAN-CVE-2025-47278
Flask is a web server gateway interface WSGI web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the itsdangerous library. A list of keys can...
UBUNTU-CVE-2025-47278
Flask is a web server gateway interface WSGI web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the itsdangerous library. A list of keys can...
PT-2025-20926 · Flask +1 · Flask +1
Name of the Vulnerable Software and Affected Versions: Flask versions 3.1.0 Description: The issue arises from the incorrect handling of fallback key configuration in Flask, where the last fallback key is used for signing instead of the current signing key. This is due to Flask constructing the...