Safety vulnerability ID: 41752
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Flask-restx version 0.5.1 includes a fix for CVE-2021-32838: Flask-RESTX before version 0.5.1 is vulnerable to ReDoS (Regular Expression Denial of Service) in email_regex.
https://github.com/advisories/GHSA-3q6g-vf58-7m4g
https://github.com/python-restx/flask-restx/blob/fd99fe11a88531f5f3441a278f7020589f9d2cc0/flask_restx/inputs.py#L51
https://github.com/python-restx/flask-restx/commit/bab31e085f355dd73858fd3715f7ed71849656da
https://github.com/python-restx/flask-restx/issues/372
https://pypi.org/project/flask-restx/
Latest version: 1.3.0
Fully featured framework for fast, easy and documented API development with Flask
Flask-RESTX (pypi package flask-restx) is a community driven fork of Flask-RESTPlus. Flask-RESTX before version 0.5.1 is vulnerable to ReDoS (Regular Expression Denial of Service) in email_regex. This is fixed in version 0.5.1. See CVE-2021-32838.
CONFIRM:https://github.com/advisories/GHSA-3q6g-vf58-7m4g: https://github.com/advisories/GHSA-3q6g-vf58-7m4g
MISC:https://github.com/python-restx/flask-restx/blob/fd99fe11a88531f5f3441a278f7020589f9d2cc0/flask_restx/inputs.py#L51: https://github.com/python-restx/flask-restx/blob/fd99fe11a88531f5f3441a278f7020589f9d2cc0/flask_restx/inputs.py#L51
MISC:https://github.com/python-restx/flask-restx/commit/bab31e085f355dd73858fd3715f7ed71849656da: https://github.com/python-restx/flask-restx/commit/bab31e085f355dd73858fd3715f7ed71849656da
MISC:https://github.com/python-restx/flask-restx/issues/372: https://github.com/python-restx/flask-restx/issues/372
MISC:https://pypi.org/project/flask-restx/: https://pypi.org/project/flask-restx/
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application