{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35378?format=json","vulnerability_id":"VCID-tjhw-9ss4-wqar","summary":"The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656.","aliases":[{"alias":"CVE-2019-1010083"},{"alias":"GHSA-5wv5-4vpf-pj6m"},{"alias":"PYSEC-2019-179"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13728?format=json","purl":"pkg:pypi/flask@1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@1.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/11855?format=json","purl":"pkg:pypi/flask@0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11856?format=json","purl":"pkg:pypi/flask@0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11857?format=json","purl":"pkg:pypi/flask@0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/11858?format=json","purl":"pkg:pypi/flask@0.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11859?format=json","purl":"pkg:pypi/flask@0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/11860?format=json","purl":"pkg:pypi/flask@0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/11861?format=json","purl":"pkg:pypi/flask@0.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11862?format=json","purl":"pkg:pypi/flask@0.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11863?format=json","purl":"pkg:pypi/flask@0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/11864?format=json","purl":"pkg:pypi/flask@0.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11865?format=json","purl":"pkg:pypi/flask@0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/11866?format=json","purl":"pkg:pypi/flask@0.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11867?format=json","purl":"pkg:pypi/flask@0.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.7.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11868?format=json","purl":"pkg:pypi/flask@0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/11869?format=json","purl":"pkg:pypi/flask@0.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11870?format=json","purl":"pkg:pypi/flask@0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/11871?format=json","purl":"pkg:pypi/flask@0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/11872?format=json","purl":"pkg:pypi/flask@0.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.10.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11873?format=json","purl":"pkg:pypi/flask@0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/11874?format=json","purl":"pkg:pypi/flask@0.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.11.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11875?format=json","purl":"pkg:pypi/flask@0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/11876?format=json","purl":"pkg:pypi/flask@0.12.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.12.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11877?format=json","purl":"pkg:pypi/flask@0.12.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"},{"vulnerability":"VCID-wrh4-zmmb-7ua9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.12.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11878?format=json","purl":"pkg:pypi/flask@0.12.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.12.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13726?format=json","purl":"pkg:pypi/flask@0.12.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.12.4"},{"url":"http://public2.vulnerablecode.io/api/packages/13727?format=json","purl":"pkg:pypi/flask@0.12.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-nsmh-gqz9-tkat"},{"vulnerability":"VCID-tjhw-9ss4-wqar"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/flask@0.12.5"}],"references":[{"reference_url":"https://github.com/advisories/GHSA-5wv5-4vpf-pj6m","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5wv5-4vpf-pj6m"},{"reference_url":"https://www.palletsprojects.com/blog/flask-1-0-released/","reference_id":"","reference_type":"","scores":[],"url":"https://www.palletsprojects.com/blog/flask-1-0-released/"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tjhw-9ss4-wqar"}