The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HPalletsprojects Flask
APPPalletsprojects< 1.0
Powiązane podatności
Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a respons...
The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in ...
Flask to framework aplikacji webowych oparty na interfejsie WSGI. W wersji 3.1.2 i wcześniejszych, gdy dostęp ...
Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Reques...
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit() functio...