CVE-2022-31177 – Flask-AppBuilder is an application development framework built on top of Flask python fram …

1 August 2022

Vuln ID: CVE-2022-31177

Published: 2022-08-01 19:15:08Z

Description: Flask-AppBuilder is an application development framework built on top of Flask python framework. In versions prior to 4.1.3 an authenticated Admin user could query other users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The response would not include the hashed passwords, but an attacker could infer partial password hashes and their respective users. This issue has been fixed in version 4.1.3. Users are advised to upgrade. There are no known workarounds for this issue.

Source: NVD.NIST.GOV

Date:

1 August 2022

Categorie(s):

NVD

Tag(s):

NVD

Check Point delivers strong quarterly revenue growth but stock drops26 April 2024
Rubrik IPO signals potential cybersecurity-led tech market revival25 April 2024
Foreign states targeting sensitive research at UK universities, MI5 warns25 April 2024
Cops cuff man for allegedly framing colleague with AI-generated hate speech clip25 April 2024
After a 19-month saga, Broadcom finally patches Brocade SANnav bugs25 April 2024