CVE-2021-41265
- EPSS 0.33%
- Veröffentlicht 09.12.2021 17:15:07
- Zuletzt bearbeitet 07.03.2025 14:37:51
Flask-AppBuilder is a development framework built on top of Flask. Verions prior to 3.3.4 contain an improper authentication vulnerability in the REST API. The issue allows for a malicious actor with a carefully crafted request to successfully authen...
CVE-2021-32805
- EPSS 0.19%
- Veröffentlicht 08.09.2021 18:15:14
- Zuletzt bearbeitet 07.03.2025 14:37:51
Flask-AppBuilder is an application development framework, built on top of Flask. In affected versions if using Flask-AppBuilder OAuth, an attacker can share a carefully crafted URL with a trusted domain for an application built with Flask-AppBuilder,...
CVE-2021-29621
- EPSS 0.43%
- Veröffentlicht 07.06.2021 19:15:07
- Zuletzt bearbeitet 07.03.2025 14:37:51
Flask-AppBuilder is a development framework, built on top of Flask. User enumeration in database authentication in Flask-AppBuilder <= 3.2.3. Allows for a non authenticated user to enumerate existing accounts by timing the response time from the serv...