Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-24023

Опубликовано: 03 мар. 2025
Источник: debian
EPSS Низкий

Описание

Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
flask-appbuilderremovedpackage

Примечания

  • https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-p8q5-cvwx-wvwp

EPSS

Процентиль: 40%
0.00179
Низкий

Связанные уязвимости

nvd логотип

CVE-2025-24023

CVSS3: 3.7
nvd
11 месяцев назад

Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3.

github логотип

GHSA-p8q5-cvwx-wvwp

CVSS3: 3.7
github
11 месяцев назад

Flask-AppBuilder Observable Response Discrepancy

EPSS

Процентиль: 40%
0.00179
Низкий