CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Flask-Cors Project: >> Flask-Cors >> 0.1.5 Security Vulnerabilities

CVE-2020-25032

An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.

CVSS Score

7.5

EPSS Score

0.01

Published

2020-08-31

Page 1

Vulnerabilities

Vulnerable Software

Flask-Cors Project: >> Flask-Cors >> 0.1.5 Security Vulnerabilities

Products

Pricing

Contact Us