CVE-2020-28724: Open Redirect in werkzeug
(updated )
Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL.
References
- github.com/advisories/GHSA-3p3h-qghp-hvh2
- github.com/pallets/flask/issues/1639
- github.com/pallets/werkzeug
- github.com/pallets/werkzeug/issues/822
- github.com/pallets/werkzeug/pull/890/files
- github.com/pypa/advisory-database/tree/main/vulns/werkzeug/PYSEC-2020-157.yaml
- nvd.nist.gov/vuln/detail/CVE-2020-28724
Detect and mitigate CVE-2020-28724 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →