VYPR
High severity8.6NVD Advisory· Published Jun 2, 2022· Updated Jul 5, 2026

CVE-2022-30034

CVE-2022-30034

Description

Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vulnerable to an OAuth authentication bypass. An attacker could then access the Flower API to discover and invoke arbitrary Celery RPC calls or deny service by shutting down Celery task nodes.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
flowerPyPI
< 1.2.01.2.0

Affected products

2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.