flask vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-27205Lowflask: Flask session does not add `Vary: Cookie` header when accessed in some waysCVE-2025-47278Lowflask: Flask uses fallback key instead of current signing keyCVE-2023-30861Highflask: Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie headerCVE-2019-1010083Highflask: Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory usageCVE-2018-1000656Highflask: Flask is vulnerable to Denial of Service via incorrect encoding of JSON data

Stop the waste.
Protect your environment with Kodem.