{"id":"CVE-2019-1010083","details":"The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656.","aliases":["GHSA-5wv5-4vpf-pj6m","PYSEC-2019-179"],"modified":"2026-04-10T04:13:39.834263Z","published":"2019-07-17T14:15:11.570Z","related":["SUSE-SU-2020:1901-1","SUSE-SU-2023:1928-1"],"references":[{"type":"ADVISORY","url":"https://www.palletsprojects.com/blog/flask-1-0-released/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pallets/flask","events":[{"introduced":"0"},{"fixed":"d92b64aa275841b0c9aea3903aba72fbc4275d91"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.0"}]}}],"versions":["0.1","0.10","0.10.1","0.2","0.3","0.4","0.5","0.6","0.7","0.8","0.9","1.0","1.0.1","1.0.2","1.0.3","1.0.4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1010083.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}