corydolphin/flask-cors
GitHub
Releases60
Frequency2 months 1 week
Last Release
Stars933
Cross Origin Resource Sharing ( CORS ) support for Flask
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 7.5 HIGH | 5 MEDIUM | ||
An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format. | |||