Vulnerabilities > Palletsprojects

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-17	CVE-2019-1010083	Unspecified vulnerability in Palletsprojects Flask The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. network low complexity palletsprojects	5.0
2019-04-08	CVE-2016-10745	Use of Externally-Controlled Format String vulnerability in Palletsprojects Jinja In Pallets Jinja before 2.8.1, str.format allows a sandbox escape. network low complexity palletsprojects CWE-134	5.0
2019-04-07	CVE-2019-10906	In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. network low complexity palletsprojects fedoraproject canonical redhat opensuse	8.6
2018-08-20	CVE-2018-1000656	Improper Input Validation vulnerability in multiple products The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. network low complexity palletsprojects netapp CWE-20	5.0
2017-10-23	CVE-2016-10516	Cross-site Scripting vulnerability in Palletsprojects Werkzeug Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used in Pallets Flask and other products) allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message. network palletsprojects CWE-79	4.3

Vulnerabilities > Palletsprojects {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Palletsprojects"}]}