Alerts This Week
Warning Icon 1 1,496
Alerts This Week
Warning Icon 1 1,496

Ubuntu Flask Important Info Exposure CVE-2026-27205 USN-8104-1

ubuntu
Calendar Grey March 18, 2026
Dist Ubuntu Esm H88
Flask could expose sensitive data over the network; immediate updates are necessary for Ubuntu users across several versions.
Flask could be made to expose sensitive information over the network.

Summary

Flask could be made to expose sensitive information over the

network.

Software Description:

- flask: Micro web framework based on Werkzeug and Jinja2

Details:

Shourya Jaiswal discovered that Flask did not correctly mark certain web

responses as user-specific. A remote attacker could possibly use this

issue to obtain sensitive information.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
  python3-flask                   3.0.2-1ubuntu1.1

Ubuntu 22.04 LTS
  python3-flask                   2.0.1-2ubuntu1.2

Ubuntu 20.04 LTS
  python3-flask                   1.1.1-2ubuntu0.1+esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8104-1

CVE-2026-27205

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8104-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here