all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-30861 (flask)

Add to bookmarks
May 2, 2023, 6:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches `Set-Cookie` headers, it may send one client's `session` cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met.

1. The …

application client clients conditions cookie cve data flask framework headers may proxy response send session severity web web application

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Network Security Engineer – Zscaler SME

@ Peraton | United States
View on infosec-jobs.com

Splunk Data Analytic Subject Matter Expert

@ Peraton | Woodlawn, MD, United States
View on infosec-jobs.com

Principal Consultant, Offensive Security, Proactive Services (Unit 42)- Remote

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

Senior Engineer Software Product Security

@ Ford Motor Company | Mexico City, MEX, Mexico
View on infosec-jobs.com

Information System Security Engineer (Red Team)

@ Evolution | Riga, Latvia
View on infosec-jobs.com
View more jobs