3 matches found
aglow (>=0.1.0rc3 <=0.1.0rc4), ai-flow (>=0.1.0 <=0.3.1) +113 more potentially affected by CVE-2021-41265 via flask-appbuilder (>=1.10.0 <=3.3.0)
flask-appbuilder PYPI version =1.10.0, =0.1.0rc3, =0.1.0, =2022.9.19, =1.0.7, =0.5.1, =0.1.0, =1.0.0, =0.0.7, =0.0.1, =0.1.6, =0.0.2, =1.0.0, =1.10.0, =1.10.3, =2.0.1rc2 and more Source cves: CVE-2021-41265 Source advisory: OSV:GHSA-M3RF-7M4W-R66Q...
aglow (>=0.1.0rc3 <=0.1.0rc4), ai-flow (>=0.1.0 <=0.3.1) +113 more potentially affected by CVE-2021-41265 via flask-appbuilder (>=1.10.0 <=3.3.0)
flask-appbuilder PYPI version =1.10.0, =0.1.0rc3, =0.1.0, =2022.9.19, =1.0.7, =0.5.1, =0.1.0, =1.0.0, =0.0.7, =0.0.1, =0.1.6, =0.0.2, =1.0.0, =1.10.0, =1.10.3, =2.0.1rc2 and more Source cves: CVE-2021-41265 Source advisory: OSV:PYSEC-2021-851...
CVE-2021-41265
CVE-2021-41265 affects Flask-AppBuilder prior to 3.3.4, due to an improper authentication vulnerability in the REST API. The issue allows a malicious actor to authenticate with a crafted request and access protected REST API endpoints, limited to non-database authentication types and new REST API...