Actions
Issue #4330
closedset flask requirement version to 0.12.3+
Status:
CLOSED - NOTABUG
Priority:
Normal
Assignee:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version - Crane:
Platform Release:
Target Release - Crane:
OS:
Triaged:
No
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:
Description
Older versions are affected by a denial service vulnerability in the JSON decoding process due to improper input validation. An unauthenticated attacker can exploit this issue by providing JSON data in a non-text related encoding, which could result in unexpected memory use.
Actions