Download
| Alert*
oval:org.secpod.oval:def:503553
Flask is a lightweight but extensible web development framework for Python based on the Werkzeug WSGI toolkit, and the Jinja 2 template engine. Security Fix: * python-flask: Denial of Service via crafted JSON file For more details about the security issue, including the impact, a CVSS score, acknow ... oval:org.secpod.oval:def:64123 flask: Micro web framework based on Werkzeug and Jinja2 Flask could be made to consume a large amount of memory if it received a specially crafted input. oval:org.secpod.oval:def:705497 flask: Micro web framework based on Werkzeug and Jinja2 Flask could be made to consume a large amount of memory if it received a specially crafted input. oval:org.secpod.oval:def:2001487 The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. This ... |