3 matches found
abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +132 more potentially affected by CVE-2025-58065 via flask-appbuilder (>=4.1.2 <=4.6.3)
flask-appbuilder PYPI version =4.1.2, =0.9.5.1rc1, =1.4.0.3.post4, =1.4.0.3.post3, =0.2.1, =0.4.0, =0.1.0a1, =0.8.2, =0.1.1, =0.1.1, =1.10.6 - airflow-cyberark-secrets-backend =0.1.0 and more Source cves: CVE-2025-58065 Source advisory: SNYK:PYTHON-FLASKAPPBUILDER-12670878...
CVE-2025-58065 Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods
Flask-AppBuilder is an application development framework. Prior to version 4.8.1, when Flask-AppBuilder is configured to use OAuth, LDAP, or other non-database authentication methods, the password reset endpoint remains registered and accessible, despite not being displayed in the user interface...
abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +249 more potentially affected by CVE-2025-58065 via flask-appbuilder (>=1.10.0 <=4.6.3)
flask-appbuilder PYPI version =1.10.0, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =2022.9.19, =0.2.1, =0.2.9b1, =1.0.7, =0.4.0, =0.1.0a1, =0.1.0a7 and more Source cves: CVE-2025-58065 Source advisory: OSV:GHSA-765J-9R45-W2Q2...