rpm package
suse/python-Flask-Security-Too&distro=SUSE Linux Enterprise Module for Basesystem 15 SP4
pkg:rpm/suse/python-Flask-Security-Too&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-23385 | — | < 3.4.2-150200.3.6.1 | 3.4.2-150200.3.6.1 | Aug 2, 2022 | This affects all versions of package Flask-Security. When using the get_post_logout_redirect and get_post_login_redirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vu | ||
| CVE-2021-21241 | — | < 3.4.2-150200.3.3.1 | 3.4.2-150200.3.3.1 | Jan 11, 2021 | The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. In Flask-Security-Too from version 3.3.0 and before version 3.4.5 |
- CVE-2021-23385Aug 2, 2022affected < 3.4.2-150200.3.6.1fixed 3.4.2-150200.3.6.1
This affects all versions of package Flask-Security. When using the get_post_logout_redirect and get_post_login_redirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vu
- CVE-2021-21241Jan 11, 2021affected < 3.4.2-150200.3.3.1fixed 3.4.2-150200.3.3.1
The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. In Flask-Security-Too from version 3.3.0 and before version 3.4.5