PT-2024-6444 · Pypi+4 · Flask-Cors+4

Published

2024-05-11

Updated

2026-04-03

CVE-2024-6844

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Flask CORS versions (affected versions not specified)

Description The issue is related to incorrect handling of logical operations in the Flask CORS library, which is used in Python products stored in PyPi. This can allow a remote attacker to bypass existing security restrictions, leading to unexpected application of CORS policies.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Origin Validation Error

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-346CWE-840

Related Identifiers

BDU:2024-07529

CVE-2024-6844

DLA-4197-1

GHSA-8VGW-P6QM-5GR7

MGASA-2025-0286

OESA-2025-1938

OESA-2025-1939

OESA-2025-1981

OPENSUSE-SU-2026:10485-1

USN-7612-1

Affected Products

Debian

Flask-Cors

Linuxmint

Red Os

Ubuntu

PT-2024-6444 · Pypi+4 · Flask-Cors+4

CVE-2024-6844

Weakness Enumeration

Related Identifiers

Affected Products

References · 41