CVE-2021-29621: Information Exposure Through Discrepancy
(updated )
Flask-AppBuilder is a development framework, built on top of Flask. User enumeration in database authentication in Flask-AppBuilder Allows for a non authenticated user to enumerate existing accounts by timing the response time from the server when you are logging in.
References
Detect and mitigate CVE-2021-29621 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →