27 matches found
EUVD-2020-0039
Malware in sbrugna...
EUVD-2018-0074
Malware in sbrugna...
BIT-AIRFLOW-2020-17513
In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old Flask-admin based UI were vulnerable for SSRF attack...
CVE-2018-16516
helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL...
GHSA-6R3P-FCVM-XH7C SSRF vulnerability in Apache Airflow
In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old Flask-admin based UI were vulnerable for SSRF attack...
Server side request forgery (ssrf)
In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old Flask-admin based UI were vulnerable for SSRF attack...
PYSEC-2020-20
In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old Flask-admin based UI were vulnerable for SSRF attack...
PYSEC-2020-20
In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old Flask-admin based UI were vulnerable for SSRF attack...
[SECURITY] Fedora 31 Update: python-flask-admin-1.5.6-1.fc31
Flask-Admin is advanced, extensible and simple to use administrative interf ace building extension for Flask framework. It comes with batteries included: model scaffolding for SQLAlchemy, MongoEngine, MongoDB and Peewee ORMs, simple file management interface and a lot of usage samples. You're not...
[SECURITY] Fedora 32 Update: python-flask-admin-1.5.6-1.fc32
Flask-Admin is advanced, extensible and simple to use administrative interf ace building extension for Flask framework. It comes with batteries included: model scaffolding for SQLAlchemy, MongoEngine, MongoDB and Peewee ORMs, simple file management interface and a lot of usage samples. You're not...
Fedora: Security Advisory for python-flask-admin (FEDORA-2020-e8f384af5f)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 32 : python-flask-admin (2020-e8f384af5f)
Update to 1.5.6 upstream bugfix and security update. Fixes CVE-2018-16516 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 31 : python-flask-admin (2020-4aaf6e6d7c)
Update to 1.5.6 upstream bugfix and security update. Fixes CVE-2018-16516 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora: Security Advisory for python-flask-admin (FEDORA-2020-4aaf6e6d7c)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
GHSA-894G-6J7Q-2HX6 Flask-Admin Cross-site Scripting vulnerability
helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL...
alo7-airflow (>=1.10.0 <=1.10.0.7), autologin (>=0.1.1 <=0.1.3) +3 more potentially affected by CVE-2018-16516 via flask-admin (>=1.4.0 <=1.5.2)
flask-admin PYPI version =1.4.0, =1.10.0, =0.1.1, =0.6.7.post3, =4.2.6, =0.1.0, =0.2.0 Source cves: CVE-2018-16516 Source advisory: OSV:GHSA-894G-6J7Q-2HX6...
Flask-Admin Cross-site Scripting vulnerability
helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL...
Cross-site Scripting (XSS)
flask-admin is vulnerable to cross-site scripting XSS attacks. The library does not properly handle whitespace, allowing a malicious user to inject and execute arbitrary Javascript by using the %20 character in a url...
CVE-2018-16516
helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL...
CVE-2018-16516
helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL...