CVE-2023-33175

Summary

ToUI is a Python package for creating user interfaces (websites and desktop apps) from HTML. ToUI is using Flask-Caching (SimpleCache) to store user variables. Websites that use Website.user_vars property. It affects versions 2.0.1 to 2.4.0. This issue has been patched in version 2.4.1.

Affected Software

VendorProductVersion RangeStatus
mubarakalmehairbiToUI>= 2.0.1, < 2.4.1affected

Weaknesses

  • CWE-914: CWE-914: Improper Control of Dynamically-Identified Variables

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References