Flask-cors
This hub aggregates every CVE we track for Flask-cors, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3MEDIUM3
Monthly trend
0
1
0
0
0
0
0
0
3
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Flask-cors.
- CVE-2024-6866Case-Insensitive Path Matching in corydolphin/flask-cors7.5
- CVE-2024-6844Inconsistent CORS Matching Due to Handling of '+' in URL Path in corydolphin/flask-cors5.3
- CVE-2024-6839Improper Regex Path Matching in corydolphin/flask-cors5.3
- CVE-2024-6221Improper Access Control in corydolphin/flask-cors7.5
- CVE-2024-1681Log Injection Vulnerability in corydolphin/flask-cors5.3
- CVE-2020-25032An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that path...7.5
Product normalization is registry-driven with AI assist and human review. How it works