Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
31 Jul 2022
29 Jul 2022
How to fix?
Flask-AppBuilder to version 4.1.3 or higher.
Flask-AppBuilder is a simple and rapid application development framework, built on top of Flask. includes detailed security, auto CRUD generation for your models, google charts and much more.
Affected versions of this package are vulnerable to Information Exposure by revealing partial password hashes using crafted HTTP requests that filter users by the contents of their salted hashed password strings.
This vulnerability is exploitable only when the
AUTH_DB option is in use.