Lucene search
GoogleOSV:GHSA-M3RF-7M4W-R66QHistoryDec 09, 2021 - 7:09 p.m.
Improper Authentication in Flask-AppBuilder
2021-12-0919:09:07
Google
osv.dev
9
0.002 Low
EPSS
Percentile
55.9%
Impact
Improper authentication on the REST API. Allows for a malicious actor with a carefully crafted request to successfully authenticate and gain access to existing protected REST API endpoints. Only affects non database authentication types, and new REST API endpoints.
Patches
Upgrade to Flask-AppBuilder 3.3.4
For more information
If you have any questions or comments about this advisory:
- Open an issue in https://github.com/dpgaspar/Flask-AppBuilder
References
Related
nvd
nvd
CVE-2021-41265
2021-12-09 17:15:07
cve
cve
CVE-2021-41265
2021-12-09 17:15:07
cvelist
cvelist
CVE-2021-41265 Improper Authentication in Flask-AppBuilder
2021-12-09 16:40:11
github
github
Improper Authentication in Flask-AppBuilder
2021-12-09 19:09:07
debiancve
debiancve
CVE-2021-41265
2021-12-09 17:15:07
osv
osv
PYSEC-2021-851
2021-12-09 17:15:00
CVE-2021-41265
2021-12-09 17:15:07
veracode
veracode
Authentication Bypass
2021-12-10 10:47:35
gitlab
gitlab
Improper Authentication
2021-12-09 00:00:00
prion
prion
Authentication flaw
2021-12-09 17:15:00