Tag
flask-security
Safeguard articles tagged "flask-security" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Application Security
How to secure Python Flask applications
Flask ships without built-in CSRF, headers, or session hardening. Here's how real CVEs like debug-mode RCE and cookie forgery get exploited—and stopped.
May 25, 20266 min read
Vulnerability Analysis
Flask session cookie information disclosure (CVE-2023-30861)
A missing Vary: Cookie header in Flask session handling let shared caches leak one user's session cookie to another. Here's how to detect and fix it.
Dec 27, 20258 min read