flask-appbuilder@4.5.1rc1 vulnerabilities

Simple and rapid application development framework, built on top of Flask. includes detailed security, auto CRUD generation for your models, google charts and much more.

Direct Vulnerabilities

Known vulnerabilities in the flask-appbuilder package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Information Exposure Through Browser Caching

Flask-AppBuilder is a simple and rapid application development framework, built on top of Flask. includes detailed security, auto CRUD generation for your models, google charts and much more.

Affected versions of this package are vulnerable to Information Exposure Through Browser Caching due to the default cache directives of the auth DB login form, allowing sensitive data to be stored locally by the browser. An attacker can access the sensitive data stored locally by exploiting shared computer environments.

How to fix Information Exposure Through Browser Caching?

Upgrade Flask-AppBuilder to version 4.5.1 or higher.

[,4.5.1)