[GHSA-m2qf-hxjv-5gpq] Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header

github / advisory-database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Creative Commons Attribution 4.0 International

1.75k stars 336 forks source link

[GHSA-m2qf-hxjv-5gpq] Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header #5006

Closed RFOF-NETWORK closed 1 week ago

RFOF-NETWORK commented 1 week ago

Updates

Affected products
CVSS v3
CVSS v4
Description
Severity

Comments My (@Satoramy) first succefully update from/with @GitHub so that we can work and rescue together.

@GitHub Zitat: Improve: "Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header" Submitting improvements to this security advisory will create a pull request for the GitHub curation team to review and track.

github commented 1 week ago

Hi there @davidism! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository.

This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory

RFOF-NETWORK commented 1 week ago

We try to Code with GitHub

davidism commented 1 week ago

This change appears to be invalid.