Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/flask-appbuilder@4.3.4rc1
purl pkg:pypi/flask-appbuilder@4.3.4rc1
Next non-vulnerable version 4.5.3
Latest non-vulnerable version 4.5.3
Risk
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-hg35-2qm4-b7h9
Aliases:
CVE-2025-24023
GHSA-p8q5-cvwx-wvwp
PYSEC-2025-15
Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3.
4.5.3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:22:49.531386+00:00 Pypa Importer Affected by VCID-hg35-2qm4-b7h9 https://github.com/pypa/advisory-database/blob/main/vulns/flask-appbuilder/PYSEC-2025-15.yaml 38.6.0