EUVD-2024-2784

Malicious code in bioql PyPI...

Sensitive Data Exposure

Flask-AppBuilder is vulnerable to Sensitive Data Exposure. The vulnerability is due to insecure cache directives for the auth DB login form, which allows browsers to locally store sensitive data...

CVE-2024-45314 Flask-AppBuilder login form allows browser to cache sensitive fields

Flask-AppBuilder is an application development framework. Prior to version 4.5.1, the auth DB login form default cache directives allows browser to locally store sensitive data. This can be an issue on environments using shared computer resources. Version 4.5.1 contains a patch for this issue. If...

CVE-2024-45314

Removed by vendor...

Flask-AppBuilder's login form allows browser to cache sensitive fields

Auth DB login form default cache directives allows browser to locally store sensitive data. This can be an issue on environments using shared computer resources...

Targeted Cache Control

Content delivery networks CDNs have been around and have evolved over a long time in internet years. They all speak HTTP and you can safely rely on them to work with just about anything else that speaks HTTP. This is the beauty of standards -- HTTP in this case. What you cannot count on is there...