The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. This vulnerability appears to have been fixed in 0.12.3. NOTE: this may overlap CVE-2019-1010083.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HNetapp Active Iq
APPNetappwszystkie wersjeNetapp Hyper Converged Infrastructure
APPNetappwszystkie wersjeNetapp Ontap Select Deploy Utility
APPNetappwszystkie wersjePalletsprojects Flask
APPPalletsprojects< 0.12.3
Related vulnerabilities
Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a respons...
Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path tra...
The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service...
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multipl...
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can ...