VYPR

rpm package

opensuse/python-Flask&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/python-Flask&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2026-27205Feb 21, 2026
    affected < 3.1.3-1.1fixed 3.1.3-1.1

    Flask is a web server gateway interface (WSGI) web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask should set the Vary: Cookie header., resulting in a Use of Cache Containing Sensitive Information vulnerability. The logic instructs c

  • CVE-2025-47278LowMay 13, 2025
    affected < 3.1.1-1.1fixed 3.1.1-1.1

    Flask is a web server gateway interface (WSGI) web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the `itsdangerous` librar