flask@0.6 vulnerabilities
A simple framework for building complex web applications.
-
latest version
3.0.3
-
latest non vulnerable version
-
first published
14 years ago
-
latest version published
21 days ago
-
licenses detected
- [0.1,1.0.4); [2.3.3,)
Direct Vulnerabilities
Known vulnerabilities in the flask package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Information Exposure in the form of exposing the permanent session cookie, when all of the following conditions are met:
A response containing data intended for one client may be cached and sent to other clients. If the proxy also caches How to fix Information Exposure? Upgrade |
[,2.2.5)
[2.3.0,2.3.2)
|
Flask is a lightweight WSGI web application framework Affected versions of this package are vulnerable to Denial of Service (DoS). The package allows for unsafe encoded JSON data to be decoded. How to fix Denial of Service (DoS)? Upgrade |
[,0.12.3)
|
flask is a lightweight WSGI web application framework. Affected versions of this package are vulnerable to Improper Input Validation. It did not detect the encoding of incoming JSON data as one of the supported UTF encodings, and allowed arbitrary encodings from the request. How to fix Improper Input Validation? Upgrade |
[,0.12.3)
|
Affected versions of |
[,0.6.1)
|