3 matches found
OESA-2024-2198 python-Flask-Cors security update
A Flask extension for handling Cross Origin Resource Sharing CORS, making cross-origin AJAX possible. Security Fixes: A vulnerability in corydolphin/flask-cors version 4.0.1 allows the Access-Control-Allow-Private-Network CORS header to be set to true by default, without any configuration option...
CVE-2024-6221
creationtimestamp| type| source ---|---|--- 2024-08-18 21:37:39+00:00| seen| https://t.me/cvedetector/3474...
aberoth-ephemeris (>=1.0.0 <=1.0.2), abstra (>=1.8.8 <=2.5.1) +498 more potentially affected by CVE-2024-6221 via flask-cors (>=1.1.2 <=4.0.1)
flask-cors PYPI version =1.1.2, =1.0.0, =1.8.8, =1.1.4, =0.0.1, =0.0.1, =0.0.4, =0.0.13, =0.1.1, =0.0.1, =0.0.18, =1.0.2, =2.5.0, =2.5.0, =0.1.0b2696.post0.dev1, =0.1.8, =0.1.22 and more Source cves: CVE-2024-6221 Source advisory: OSV:GHSA-HXWH-JPP2-84PM...