SUSE Package Hub - openSUSE-2026-122

Update Info

openSUSE-2026-122

Security update for python-Flask-HTTPAuth

Type: security

Severity: moderate

Issued: 2026-04-12

Description:

This update for python-Flask-HTTPAuth fixes the following issues:

- CVE-2026-34531: Do not accept empty tokens (boo#1261355)

References

CVE: CVE-2026-34531
Bugzilla: 1261355 VUL-0: CVE-2026-34531: Flask-HTTPAuth provides Basic, Digest and Token HTTP authentication for Flask routes. Prior to version 4.8.1, in a situation where the client makes a request to a token protected resource without passing a token, or passing an ...

Packages

python-Flask-HTTPAuth-4.8.0-bp157.2.3.1