Every CVE whose affected-product data names Flower Project Flower, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2022-30034 — CVSS 8.6 (high): Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vulnerable to an OAuth authentication bypass. An…
CVE-2019-16925 — CVSS 6.1 (medium): Flower 0.9.3 has XSS via the name parameter in an @app.task call. NOTE: The project author stated that he doesn't think this is a valid…
CVE-2019-16926 — CVSS 6.1 (medium): Flower 0.9.3 has XSS via a crafted worker name. NOTE: The project author stated that he doesn't think this is a valid vulnerability. Worker…