VYPR
High severity7.5NVD Advisory· Published Aug 20, 2018· Updated Jun 17, 2026

CVE-2018-1000656

CVE-2018-1000656

Description

The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. This vulnerability appears to have been fixed in 0.12.3. NOTE: this may overlap CVE-2019-1010083.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
FlaskPyPI
< 0.12.30.12.3

Affected products

4

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.