CVE-2024-25128 | dpgaspar Flask-AppBuilder up to 4.3.10 OpenID Service improper authentication

Inserito da Angelo Barbosa | Feb 28, 2024 | CVE

A vulnerability was found in dpgaspar Flask-AppBuilder up to 4.3.10. It has been classified as critical. This affects an unknown part of the component OpenID Service Handler. The manipulation leads to improper authentication.

This vulnerability is uniquely identified as CVE-2024-25128. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-25128 | dpgaspar Flask-AppBuilder up to 4.3.10 OpenID Service improper authentication

Post correlati

CVE-2024-0404 | mintplex-labs anything-llm up to 0.x Account Creation /api/invite/:code dynamically-determined object attributes

CVE-2024-6173 | Axis Communications AB AXIS OS up to 11.10 Guard Tour VAPIX API denial of service

CVE-2023-6771 | SourceCodester Simple Student Attendance System 1.0 actions.class.php save_attendance sid sql injection

CVE-2024-36014 | Linux Kernel up to 6.9 DRM malidp_mw_connector_reset null pointer dereference (a1f95aede628)