Latest version: v5.5.2
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| PVE-2024-72454 | 72454 |
Reports indicate that all versions of Flask-Security have an open red… |
|
- | - |
| PVE-2024-72455 | 72455 |
In affected versions of Flask-Security, a GET request to /tf-qrcode r… |
|
- | - |
| PVE-2024-72456 | 72456 |
In affected versions of Flask-Security, a GET request to /login?inclu… |
|
- | - |
| PVE-2022-45183 | 45183 |
Flask-security 3.1.0 fixes timing attack on login form. https://gith… |
|
HIDDEN | X.Y |
| PVE-2021-27545 | 27545 |
Flask-security 1.6.0 makes AJAX requests now send a CSRF token for se… |
|
HIDDEN | X.Y |
| CVE-2023-49438 | 65194 |
An open redirect vulnerability in the python package Flask-Security-T… |
|
MEDIUM | 6.1 |
| CVE-2021-23385 | 44501 |
All versions of flask-security are affected by CVE-2021-23385, an ope… |
|
MEDIUM | 6.1 |