VYPR

Flask Security

by Pallets Eco

Source repositories

CVEs (3)

  • CVE-2021-21241HigJan 11, 2021
    risk 0.41cvss 7.4epss 0.01

    The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. In Flask-Security-Too from version 3.3.0 and before version…

  • CVE-2021-32618LowMay 17, 2021
    risk 0.13cvss 3.1epss 0.03

    The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is an independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. All versions of Flask-Security-Too allow redirects after many…

  • CVE-2026-46715May 22, 2026
    risk 0.00cvss epss 0.00

    ### Summary Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user. If an attacker can operate an already-authenticated but stale victim session, they can complete OAuth…