Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[GHSA-m2qf-hxjv-5gpq] Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header #5006

Conversation

RFOF-NETWORK
Copy link

Updates

  • Affected products
  • CVSS v3
  • CVSS v4
  • Description
  • Severity

Comments
My (@Satoramy) first succefully update from/with @github so that we can work and rescue together.

@github Zitat:
Improve: "Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header"
Submitting improvements to this security advisory will create a pull request for the GitHub curation team to review and track.

@github
Copy link
Collaborator

github commented Nov 13, 2024

Hi there @davidism! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository.

This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory

@github-actions github-actions bot changed the base branch from main to RFOF-NETWORK/advisory-improvement-5006 November 13, 2024 21:27
@RFOF-NETWORK
Copy link
Author

We try to Code with GitHub

@davidism
Copy link

This change appears to be invalid.

@github-actions github-actions bot deleted the RFOF-NETWORK-GHSA-m2qf-hxjv-5gpq branch November 14, 2024 23:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants