CVE-2023-29005: Flask-AppBuilder Has No Rate Limiting on Login AUTH DB

(updated )

Lack of rate limiting will allow an attacker to brute-force user credentials.

References

Detect and mitigate CVE-2023-29005 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →