CVE-2023-46136 - Denial of Service in Werkzeug's Multipart File Upload Handler
Werkzeug is a popular web application library used by many Python frameworks, including Flask. In October 2023, a critical vulnerability (CVE-2023-46136) was fixed in Werkzeug
CVE-2023-30861 - Flask Session Cookie Can Be Leaked by Caching Proxy—How it Happens, How to Patch, and How to Exploit
Flask is the backbone of thousands of web apps due to its lightweight and flexible nature. But in 2023, a subtle bug (CVE-2023-30861) highlighted a