pallets Summary
Latest vulnerabilities published by pallets
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Arbitrary Code Execution in Jinja Templating Engine Affecting Pallets
CVE-2025-27516PalletsJinja5.4MEDIUMVulnerability in Jinja Templating Engine Exposes Applications
CVE-2024-56326PalletsJinjaπΎπ°Vulnerabilities in Jinja Templating Engine Affecting Application Security
CVE-2024-56201PalletsJinja5.4MEDIUMWerkzeug Web Server Gateway Interface Vulnerability: Denial of Service Attack via Maliciously Formatted Submission
CVE-2024-49767PalletsWerkzeug7.5HIGHPotential Security Vulnerability in Werkzeug's os.path.isabs() Function
CVE-2024-49766PalletsWerkzeug6.3MEDIUMWerkzeug Debugger Vulnerability Allows Attacker to Execute Code on Developer's Machine
CVE-2024-34069PalletsWerkzeug7.5HIGHJinja Templating Engine Vulnerable to XSS Attacks
CVE-2024-34064PalletsJinja5.4MEDIUMJinja vulnerable to Cross-Site Scripting (XSS)
CVE-2024-22195PalletsJinja6.1MEDIUMWerkzeug vulnerable to high resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning
CVE-2023-46136PalletsWerkzeug8HIGHFlask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header
CVE-2023-30861PalletsFlaskπΎπ‘7.5HIGHWerkzeug may allow high resource usage when parsing multipart form data with many fields
CVE-2023-25577PalletsWerkzeug7.5HIGHWrkzeug's incorrect parsing of nameless cookies leads to __Host- cookies bypass
CVE-2023-23934PalletsWerkzeug2.6LOWDenial of Service in Flask by Pallets Project
CVE-2019-1010083The Pallets ProjectFlask7.5HIGH
5 March 2025
23 December 2024
25 October 2024
6 May 2024
11 January 2024
25 October 2023
2 May 2023
14 February 2023
17 July 2019
No more vulnerabilities to load.