Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Ubuntu 22.04 LTS: 6111-1 Moderate: Flask Exposes Sensitive Data

ubuntu
Calendar Grey May 29, 2023
Dist Ubuntu Esm H88
Django security issue impacts several Fedora versions. Upgrade to protect critical data at risk.
Flask could be made to expose sensitive information in certain scenarios.

Summary

Flask could be made to expose sensitive information in certain scenarios.

Software Description:

- flask: Micro web framework based on Werkzeug and Jinja2

Details:

It was discovered that Flask incorrectly handled certain data responses.

An attacker could possibly use this issue to expose sensitive information.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.04:
  python3-flask                   2.2.2-2ubuntu1.1

Ubuntu 22.10:
  python3-flask                   2.0.3-1ubuntu1.1

Ubuntu 22.04 LTS:
  python3-flask                   2.0.1-2ubuntu1.1

Ubuntu 20.04 LTS:
  python3-flask                   1.1.1-2ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6111-1

CVE-2023-30861

May 29, 2023

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.