Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-3B3A5A4F64F324F051B11D12CFDE2D9AHistorySep 04, 2024 - 12:00 a.m.
Flask-AppBuilder's login form allows browser to cache sensitive fields
2024-09-0400:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
flask-appbuilder
login form
browser caching
sensitive data
auth db
cache directives
shared environments
computer resources
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
21.4%
Auth DB login form default cache directives allows browser to locally store sensitive data. This can be an issue on environments using shared computer resources.
Affected configurations
Node
pypiml-scannerRange<4.5.1pypi
| Vendor | Product | Version | CPE |
|---|---|---|---|
| pypi | ml-scanner | * | cpe:2.3:a:pypi:ml-scanner:*:*:*:*:*:pypi:*:* |
Related
vulnrichment
vulnrichment
cve
cve
CVE-2024-45314
2024-09-04 16:15:08
osv
osv
Flask-AppBuilder's login form allows browser to cache sensitive fields
2024-09-04 18:12:16
CVE-2024-45314
2024-09-04 16:15:08
debiancve
debiancve
CVE-2024-45314
2024-09-04 16:15:08
cvelist
cvelist
nvd
nvd
CVE-2024-45314
2024-09-04 16:15:08
github
github
Flask-AppBuilder's login form allows browser to cache sensitive fields
2024-09-04 18:12:16
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
21.4%
Related for GITLAB-3B3A5A4F64F324F051B11D12CFDE2D9A