rpm package
opensuse/python-Flask-Security&distro=openSUSE Leap 15.3
pkg:rpm/opensuse/python-Flask-Security&distro=openSUSE%20Leap%2015.3
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-23385 | — | < 3.0.0-150100.4.3.1 | 3.0.0-150100.4.3.1 | Aug 2, 2022 | This affects all versions of package Flask-Security. When using the get_post_logout_redirect and get_post_login_redirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vu |
- CVE-2021-23385Aug 2, 2022affected < 3.0.0-150100.4.3.1fixed 3.0.0-150100.4.3.1
This affects all versions of package Flask-Security. When using the get_post_logout_redirect and get_post_login_redirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vu