Vulnerability Details CVE-2021-33026
The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage (e.g., filesystem, Memcached, Redis, etc.), they can construct a crafted payload, poison the cache, and execute Python code. NOTE: a third party indicates that exploitation is extremely unlikely unless the machine is already compromised; in other cases, the attacker would be unable to write their payload to the cache and generate the required collision
Exploit prediction scoring system (EPSS) score
EPSS Score 0.204
EPSS Ranking 95.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2021-33026
-
cpe:2.3:a:flask-caching_project:flask-caching:0.1
-
cpe:2.3:a:flask-caching_project:flask-caching:0.10.0
-
cpe:2.3:a:flask-caching_project:flask-caching:0.10.1
-
cpe:2.3:a:flask-caching_project:flask-caching:0.11
-
cpe:2.3:a:flask-caching_project:flask-caching:0.11.1
-
cpe:2.3:a:flask-caching_project:flask-caching:0.12
-
cpe:2.3:a:flask-caching_project:flask-caching:0.13
-
cpe:2.3:a:flask-caching_project:flask-caching:0.2
-
cpe:2.3:a:flask-caching_project:flask-caching:0.3
-
cpe:2.3:a:flask-caching_project:flask-caching:0.3.1
-
cpe:2.3:a:flask-caching_project:flask-caching:0.3.2
-
cpe:2.3:a:flask-caching_project:flask-caching:0.3.3
-
cpe:2.3:a:flask-caching_project:flask-caching:0.3.4
-
cpe:2.3:a:flask-caching_project:flask-caching:0.4.0
-
cpe:2.3:a:flask-caching_project:flask-caching:0.5.0
-
cpe:2.3:a:flask-caching_project:flask-caching:0.6.0
-
cpe:2.3:a:flask-caching_project:flask-caching:0.7.0
-
cpe:2.3:a:flask-caching_project:flask-caching:0.8.0
-
cpe:2.3:a:flask-caching_project:flask-caching:0.9.0
-
cpe:2.3:a:flask-caching_project:flask-caching:0.9.1
-
cpe:2.3:a:flask-caching_project:flask-caching:0.9.2
-
cpe:2.3:a:flask-caching_project:flask-caching:1.0.0
-
cpe:2.3:a:flask-caching_project:flask-caching:1.0.1
-
cpe:2.3:a:flask-caching_project:flask-caching:1.1.0
-
cpe:2.3:a:flask-caching_project:flask-caching:1.1.1
-
cpe:2.3:a:flask-caching_project:flask-caching:1.10.0
-
cpe:2.3:a:flask-caching_project:flask-caching:1.10.1
-
cpe:2.3:a:flask-caching_project:flask-caching:1.2.0
-
cpe:2.3:a:flask-caching_project:flask-caching:1.3.0
-
cpe:2.3:a:flask-caching_project:flask-caching:1.3.1
-
cpe:2.3:a:flask-caching_project:flask-caching:1.3.2
-
cpe:2.3:a:flask-caching_project:flask-caching:1.3.3
-
cpe:2.3:a:flask-caching_project:flask-caching:1.4.0
-
cpe:2.3:a:flask-caching_project:flask-caching:1.5.0
-
cpe:2.3:a:flask-caching_project:flask-caching:1.6.0
-
cpe:2.3:a:flask-caching_project:flask-caching:1.7.0
-
cpe:2.3:a:flask-caching_project:flask-caching:1.7.1
-
cpe:2.3:a:flask-caching_project:flask-caching:1.7.2
-
cpe:2.3:a:flask-caching_project:flask-caching:1.8.0
-
cpe:2.3:a:flask-caching_project:flask-caching:1.9.0