Количество 6
Количество 6
CVE-2024-6221
A vulnerability in corydolphin/flask-cors version 4.0.1 allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches, unauthorized access to sensitive information, and potential network intrusions.
CVE-2024-6221
A vulnerability in corydolphin/flask-cors version 4.0.1 allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches, unauthorized access to sensitive information, and potential network intrusions.
CVE-2024-6221
A vulnerability in corydolphin/flask-cors version 4.0.1 allows the `Ac ...
GHSA-hxwh-jpp2-84pm
Flask-CORS allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default
BDU:2024-07531
Уязвимость реализации механизма CORS хранилища программных продуктов языка Python PyPi, позволяющая нарушителю раскрыть защищаемую информацию
ROS-20250912-09
Множественные уязвимости python3-flask-cors
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-6221 A vulnerability in corydolphin/flask-cors version 4.0.1 allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches, unauthorized access to sensitive information, and potential network intrusions. | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
 | CVE-2024-6221 A vulnerability in corydolphin/flask-cors version 4.0.1 allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches, unauthorized access to sensitive information, and potential network intrusions. | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
| CVE-2024-6221 A vulnerability in corydolphin/flask-cors version 4.0.1 allows the `Ac ... | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
| GHSA-hxwh-jpp2-84pm Flask-CORS allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
 | BDU:2024-07531 Уязвимость реализации механизма CORS хранилища программных продуктов языка Python PyPi, позволяющая нарушителю раскрыть защищаемую информацию | CVSS3: 6.5 | 1% Низкий | больше 1 года назад |
 | ROS-20250912-09 Множественные уязвимости python3-flask-cors | CVSS3: 6.5 | 4 месяца назад |
Уязвимостей на страницу