{"id":"PYSEC-2019-179","details":"The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656.","aliases":["CVE-2019-1010083","GHSA-5wv5-4vpf-pj6m"],"modified":"2023-11-08T04:00:40.602062Z","published":"2019-07-17T14:15:00Z","references":[{"type":"ARTICLE","url":"https://www.palletsprojects.com/blog/flask-1-0-released/"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-5wv5-4vpf-pj6m"}],"affected":[{"package":{"name":"flask","ecosystem":"PyPI","purl":"pkg:pypi/flask"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0"}]}],"versions":["0.1","0.10","0.10.1","0.11","0.11.1","0.12","0.12.1","0.12.2","0.12.3","0.12.4","0.12.5","0.2","0.3","0.3.1","0.4","0.5","0.5.1","0.5.2","0.6","0.6.1","0.7","0.7.1","0.7.2","0.8","0.8.1","0.9"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/flask/PYSEC-2019-179.yaml"}}],"schema_version":"1.7.3"}