VYPR
Critical severityNVD Advisory· Published May 30, 2023· Updated Jan 10, 2025

ToUI allows user-specific variables to be shared between users

CVE-2023-33175

Description

ToUI is a Python package for creating user interfaces (websites and desktop apps) from HTML. ToUI is using Flask-Caching (SimpleCache) to store user variables. Websites that use Website.user_vars property. It affects versions 2.0.1 to 2.4.0. This issue has been patched in version 2.4.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
touiPyPI
>= 2.0.1, < 2.4.12.4.1

Affected products

2
  • ghsa-coords
    Range: >= 2.0.1, < 2.4.1
  • mubarakalmehairbi/ToUIv5
    Range: >= 2.0.1, < 2.4.1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.