pkg:PyPI/flask

All known vulnerabilities

• HIGH7.5CVE-2023-30861flask - security update
  from 0, < 70f906c51ce49c485f1d355703e9cc3386b1cc2b, < afd63b16170b7c047f5758eb910c416511e9c965 | from 0, < 2.2.5, >= 2.3.0, < 2.3.2
• HIGH7.5CVE-2023-30861flask - security update
  >= 2.3.0, < 2.3.2
• HIGH7.5CVE-2019-1010083Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory usage
  from 0, < 1.0
• HIGH7.5CVE-2019-1010083Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory usage
  from 0, < 1.0
• HIGH7.5CVE-2018-1000656Flask is vulnerable to Denial of Service via incorrect encoding of JSON data
  from 0, < 0.12.3
• HIGH7.5CVE-2018-1000656Flask is vulnerable to Denial of Service via incorrect encoding of JSON data
  from 0, < 0.12.3
• MEDIUM4.3CVE-2026-27205Flask session does not add `Vary: Cookie` header when accessed in some ways
  from 0, < 3.1.3
• —CVE-2025-47278Flask uses fallback key instead of current signing key
  >= 3.1.0, < 3.1.1