FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-29 03:23:07 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
252f40cb-618c-47f4-a2cf-1abf30cffbbe	py-Flask-Cors -- directory traversal vulnerability praetorian-colby-morgan reports: An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format. Discovery 2020-08-31 Entry 2023-08-31 py37-Flask-Cors py38-Flask-Cors py39-Flask-Cors py310-Flask-Cors py311-Flask-Cors < 3.0.9 CVE-2020-25032 https://osv.dev/vulnerability/PYSEC-2020-43 https://osv.dev/vulnerability/GHSA-xc3p-ff3m-f46v

VuXML ID

Description

252f40cb-618c-47f4-a2cf-1abf30cffbbe

py-Flask-Cors -- directory traversal vulnerability

praetorian-colby-morgan reports:

An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9.

It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.

Discovery 2020-08-31
Entry 2023-08-31
py37-Flask-Cors
py38-Flask-Cors
py39-Flask-Cors
py310-Flask-Cors
py311-Flask-Cors

< 3.0.9

CVE-2020-25032
https://osv.dev/vulnerability/PYSEC-2020-43
https://osv.dev/vulnerability/GHSA-xc3p-ff3m-f46v