CVE-2025-24023 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timin…
Low CVSS: 3.7

CVE-2025-24023

Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3.
Vendor
Dpgaspar
Product
Flask-appbuilder
CWE
CWE-204
Yayın Tarihi
2025-03-03 16:15:41
Güncelleme
2025-03-07 21:44:56
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-204 Flask-appbuilder LOW Dpgaspar 2025

Referanslar

https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-p8q5-cvwx-wvwp