flask-cors@2.1.3 vulnerabilities
A Flask extension adding a decorator for CORS support
-
latest version
5.0.0
-
latest non vulnerable version
-
first published
11 years ago
-
latest version published
3 months ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the flask-cors package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Flask-Cors is an A Flask extension adding a decorator for CORS support Affected versions of this package are vulnerable to Log Injection when the log level is set to debug. A user can inject or modify messages by abusing CRLF sequences in the request path of a GET request. How to fix Log Injection? Upgrade |
[,4.0.1)
|
Flask-Cors is an A Flask extension adding a decorator for CORS support Affected versions of this package are vulnerable to Directory Traversal. An attacker could potentially access private resources because resource matching does not ensure that pathnames are in a canonical format. How to fix Directory Traversal? Upgrade |
[,3.0.9)
|