HIGH🇵🇱 Wersja polska

CVE-2019-1010083

CVSS 7.5v3.0pub. 2019-07-17upd. 2024-11-21

The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Palletsprojects Flask

    APP
    Palletsprojects
    < 1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2023-30861HIGH7.5ten sam produkt

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a respons...

CVE-2018-1000656HIGH7.5ten sam produkt

The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in ...

CVE-2026-27205LOW2.3ten sam produkt

Flask to framework aplikacji webowych oparty na interfejsie WSGI. W wersji 3.1.2 i wcześniejszych, gdy dostęp ...

CVE-2022-29361CRITICAL9.8ten sam vendor

Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Reques...

CVE-2026-7246HIGH7.2ten sam vendor

Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit() functio...