exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 3

CVE-2025-32962

9 месяцев назад

Flask-AppBuilder is an application development framework built on top of Flask. Versions prior to 4.6.2 would allow for a malicious unauthenticated actor to perform an open redirect by manipulating the Host header in HTTP requests. Flask-AppBuilder 4.6.2 introduced the `FAB_SAFE_REDIRECT_HOSTS` configuration variable, which allows administrators to explicitly define which domains are considered safe for redirection. As a workaround, use a reverse proxy to enforce trusted host headers.

CVSS3: 4.3

EPSS: Низкий

CVE-2025-32962

9 месяцев назад

Flask-AppBuilder is an application development framework built on top ...

CVSS3: 4.3

EPSS: Низкий

GHSA-99pm-ch96-ccp2

9 месяцев назад

Flask-AppBuilder open redirect vulnerability using HTTP host injection

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-32962 Flask-AppBuilder is an application development framework built on top of Flask. Versions prior to 4.6.2 would allow for a malicious unauthenticated actor to perform an open redirect by manipulating the Host header in HTTP requests. Flask-AppBuilder 4.6.2 introduced the `FAB_SAFE_REDIRECT_HOSTS` configuration variable, which allows administrators to explicitly define which domains are considered safe for redirection. As a workaround, use a reverse proxy to enforce trusted host headers.	CVSS3: 4.3	0% Низкий	9 месяцев назад
CVE-2025-32962 Flask-AppBuilder is an application development framework built on top ...	CVSS3: 4.3	0% Низкий	9 месяцев назад
GHSA-99pm-ch96-ccp2 Flask-AppBuilder open redirect vulnerability using HTTP host injection	CVSS3: 4.3	0% Низкий	9 месяцев назад

Уязвимостей на страницу