All Versions
Vulnerabilities (Public)
Known vulnerabilities and security issues detected in the extension's dependencies and code.
| Vulnerability ID | Advisory | Affected Versions | |||
|---|---|---|---|---|---|
| CVE-2023-30861 | Flask 2.2.5 and 2.3.2 include a fix for CVE-2023-30861: When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the prox… | High | – | – | <2.2.5 >=2.3.0,<2.3.2 |
| CVE-2019-1010083 | Flask 0.12.3 includes a fix for CVE-2019-1010083: Unexpected memory usage. The impact is denial of service. The attack vector is crafted encoded JSON data. NOTE: this may overlap CVE-2018-1000656. ht… | High | – | – | <0.12.3 |
| CVE-2018-1000656 | flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appea… | High | – | – | <0.12.3 |
| CVE-2026-27205 | Affected versions of the Flask package are vulnerable to Information Disclosure due to missing cache-variation headers when the session object is accessed via certain code paths. In Flask’s session ha… | Low | – | – | <3.1.3 |
| CVE-2025-47278 | Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing, leading to stale key usage instead of the intended current key. This flaw undermines ses… | Low | – | – | >=3.1.0,<3.1.1 |
Safety Discovered Vulnerabilities
Additional security issues found by Safety, exclusive to our platform.