8 matches found
CVE-2025-24023 vulnerabilities
Vulnerabilities for packages: superset...
CVE-2025-24023 vulnerabilities
Vulnerabilities for packages: superset...
CVE-2025-24023
Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3...
CVE-2025-24023
creationtimestamp| type| source ---|---|--- 2025-03-03 18:44:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljim7ifhw62o...
abi-ds-utils (=1.0.1), acryl-datahub-airflow-plugin (>=0.8.44.4 <=0.11.0rc1) +156 more potentially affected by CVE-2025-24023 via flask-appbuilder (>=1.10.0 <=4.5.2)
flask-appbuilder PYPI version =1.10.0, =0.8.44.4, =0.1.0rc3, =0.1.0, =2022.9.19, =0.2.1, =0.2.9b1, =1.0.7, =0.5.1, =0.2.0, =0.1.0, =1.0.0, =0.0.7, =0.0.1, =0.0.11 and more Source cves: CVE-2025-24023 Source advisory: OSV:PYSEC-2025-15...
abi-ds-utils (=1.0.1), acryl-datahub-airflow-plugin (>=0.10.5.2rc3 <=0.11.0rc1) +31 more potentially affected by CVE-2025-24023 via flask-appbuilder (>=4.1.2 <=4.5.2)
flask-appbuilder PYPI version =4.1.2, =0.10.5.2rc3, =0.2.1, =0.8.2, =0.3.1, =0.0.4, =0.0.1a0, =2.3.3, =1.0.0, =1.0.0rc1, =1.0.2, =1.0.0rc1, =1.8.1rc1 and more Source cves: CVE-2025-24023 Source advisory: SNYK:PYTHON-FLASKAPPBUILDER-9058045...
CVE-2025-24023 Observable Response Discrepancy in flask-appbuilder
Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3...
CVE-2025-24023 Observable Response Discrepancy in flask-appbuilder
Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3...