rpm package
opensuse/python-Flask&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/python-Flask&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-27205 | — | < 3.1.3-1.1 | 3.1.3-1.1 | Feb 21, 2026 | Flask is a web server gateway interface (WSGI) web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask should set the Vary: Cookie header., resulting in a Use of Cache Containing Sensitive Information vulnerability. The logic instructs c | ||
| CVE-2025-47278 | Low | — | < 3.1.1-1.1 | 3.1.1-1.1 | May 13, 2025 | Flask is a web server gateway interface (WSGI) web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the `itsdangerous` librar |
- CVE-2026-27205Feb 21, 2026affected < 3.1.3-1.1fixed 3.1.3-1.1
Flask is a web server gateway interface (WSGI) web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask should set the Vary: Cookie header., resulting in a Use of Cache Containing Sensitive Information vulnerability. The logic instructs c
- affected < 3.1.1-1.1fixed 3.1.1-1.1
Flask is a web server gateway interface (WSGI) web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the `itsdangerous` librar