Palletsprojects Flask
4 CVEs affecting Palletsprojects Flask. Latest disclosed: 2026-02-21. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-30861 | High | 7.5 | 2023-05-02 | Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be… |
CVE-2019-1010083 | High | 7.5 | 2019-07-17 | The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data… |
CVE-2018-1000656 | High | 7.5 | 2018-08-20 | The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory u… |
CVE-2026-27205 | Medium | 4.3 | 2026-02-21 | Flask is a web server gateway interface (WSGI) web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask should set th… |