PYSEC-2021-325

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/flask-restx/PYSEC-2021-325.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2021-325

Aliases

Published

2021-09-20T18:15:00Z

Modified

2023-11-01T04:55:32.551050Z

Summary

[none]

Details

Flask-RESTX (pypi package flask-restx) is a community driven fork of Flask-RESTPlus. Flask-RESTX before version 0.5.1 is vulnerable to ReDoS (Regular Expression Denial of Service) in email_regex. This is fixed in version 0.5.1.

References

Affected packages

PyPI / flask-restx

Package

Name: flask-restx; View open source insights on deps.dev
Purl: pkg:pypi/flask-restx

Affected ranges

Type: GIT
Repo: https://github.com/python-restx/flask-restx
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

bab31e085f355dd73858fd3715f7ed71849656da

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.5.1

Affected versions

0.*

0.0.1.dev0

0.1.0

0.1.1

0.2.0

0.3.0

0.4.0

0.5.0

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/flask-restx/PYSEC-2021-325.yaml"