How severe is CVE-2023-33175?

CVE-2023-33175 has a CVSS v3 score of 9.1 (CRITICAL).

CVE-2023-33175

Name: toui
Author: toui_project

9.1CRITICAL

ToUI is a Python package for creating user interfaces (websites and desktop apps) from HTML. ToUI is using Flask-Caching (SimpleCache) to store user variables. Websites that use `Website.user_vars` pr

Published: 5/30/2023Updated: 11/21/2024

Description

ToUI is a Python package for creating user interfaces (websites and desktop apps) from HTML. ToUI is using Flask-Caching (SimpleCache) to store user variables. Websites that use `Website.user_vars` property. It affects versions 2.0.1 to 2.4.0. This issue has been patched in version 2.4.1.

AI AnalysisPowered by AI

Affected Products

toui_projecttoui

References

https://github.com/mubarakalmehairbi/ToUI/releases/tag/v2.4.1
Release Notes
https://github.com/mubarakalmehairbi/ToUI/security/advisories/GHSA-hh7j-pg39-q563
Vendor Advisory
https://github.com/mubarakalmehairbi/ToUI/releases/tag/v2.4.1
Release Notes
https://github.com/mubarakalmehairbi/ToUI/security/advisories/GHSA-hh7j-pg39-q563
Vendor Advisory