Lucene search
K

5 matches found

Snyk
Snyk
added 2026/02/28 12:14 a.m.5 views

Use of Hard-coded Credentials

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Use of Hard-coded Credentials via the login/huggingface route, which retrieves the server's Hugging Face access token using the huggingfacehub.gettok...

8.2CVSS5.9AI score0.00453EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.8 views

Alibaba Cloud Linux 3 : 0008: python-flask (ALINUX3-SA-2024:0008)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0008 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-30861: Flask is a lightweight WSGI web...

7.5CVSS7.4AI score0.01261EPSS
Exploits1References2
Hacker One
Hacker One
added 2025/04/08 1:37 p.m.1103 views

Internet Bug Bounty: Possible Sensitive Session Information Leak in Active Storage

There was a possible sensitive session information leak in Active Storage. Active Storage incorrectly sent the user's session cookie along with a Cache-Control: public header when serving files blobs. This allowed certain caching proxies to cache the response, including the Set-Cookie header,...

6.6AI score
Exploits0
OSV
OSV
added 2023/05/02 6:15 p.m.7 views

AZL-44718 CVE-2023-30861 affecting package python-flask 1.1.1-4

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client's session...

7.5CVSS7AI score0.01261EPSS
Exploits1References1
CVE
CVE
added 2019/09/20 1:38 p.m.49 views

CVE-2019-14912

The CVE-2019-14912 entry concerns PRiSE adAS 1.7.0, where the OPENSSO module fails to validate the goto parameter, causing an open redirect that leaks the user session cookie. Multiple sources (NVD, Red Hat, CVE lists) confirm the affected product and the underlying cause. Exploitation details an...

6.1CVSS6.2AI score0.01193EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder