exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2024-6839

10 месяцев назад

corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching paths, which can lead to less restrictive CORS policies being applied to sensitive endpoints. This mismatch in regex pattern priority allows unauthorized cross-origin access to sensitive data or functionality, potentially exposing confidential information and increasing the risk of unauthorized actions by malicious actors.

CVSS3: 5.3

EPSS: Низкий

CVE-2024-6839

10 месяцев назад

corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching paths, which can lead to less restrictive CORS policies being applied to sensitive endpoints. This mismatch in regex pattern priority allows unauthorized cross-origin access to sensitive data or functionality, potentially exposing confidential information and increasing the risk of unauthorized actions by malicious actors.

CVSS3: 5.3

EPSS: Низкий

CVE-2024-6839

10 месяцев назад

corydolphin/flask-cors version 4.0.1 contains an improper regex path m ...

CVSS3: 5.3

EPSS: Низкий

GHSA-7rxf-gvfg-47g4

10 месяцев назад

Flask-CORS improper regex path matching vulnerability

CVSS3: 4.3

EPSS: Низкий

BDU:2024-07530

больше 1 года назад

Уязвимость реализации механизма CORS хранилища программных продуктов языка Python PyPi, позволяющая нарушителю раскрыть защищаемую информацию

CVSS3: 4.3

EPSS: Низкий

ROS-20250912-09

4 месяца назад

Множественные уязвимости python3-flask-cors

CVSS3: 6.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-6839 corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching paths, which can lead to less restrictive CORS policies being applied to sensitive endpoints. This mismatch in regex pattern priority allows unauthorized cross-origin access to sensitive data or functionality, potentially exposing confidential information and increasing the risk of unauthorized actions by malicious actors.	CVSS3: 5.3	0% Низкий	10 месяцев назад
CVE-2024-6839 corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching paths, which can lead to less restrictive CORS policies being applied to sensitive endpoints. This mismatch in regex pattern priority allows unauthorized cross-origin access to sensitive data or functionality, potentially exposing confidential information and increasing the risk of unauthorized actions by malicious actors.	CVSS3: 5.3	0% Низкий	10 месяцев назад
CVE-2024-6839 corydolphin/flask-cors version 4.0.1 contains an improper regex path m ...	CVSS3: 5.3	0% Низкий	10 месяцев назад
GHSA-7rxf-gvfg-47g4 Flask-CORS improper regex path matching vulnerability	CVSS3: 4.3	0% Низкий	10 месяцев назад
BDU:2024-07530 Уязвимость реализации механизма CORS хранилища программных продуктов языка Python PyPi, позволяющая нарушителю раскрыть защищаемую информацию	CVSS3: 4.3	0% Низкий	больше 1 года назад
ROS-20250912-09 Множественные уязвимости python3-flask-cors	CVSS3: 6.5		4 месяца назад

Уязвимостей на страницу