Lucene search
ApacheCVELIST:CVE-2020-1932HistoryJan 28, 2020 - 12:38 a.m.
CVE-2020-1932
2020-01-2800:38:15
apache
www.cve.org
5
An information disclosure issue was found in Apache Superset 0.34.0, 0.34.1, 0.35.0, and 0.35.1. Authenticated Apache Superset users are able to retrieve other users’ information, including hashed passwords, by accessing an unused and undocumented API endpoint on Apache Superset.
CNA Affected
[
{
"product": "Apache Superset",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "0.34.0"
},
{
"status": "affected",
"version": "0.34.1"
},
{
"status": "affected",
"version": "0.35.0"
},
{
"status": "affected",
"version": "0.35.1"
}
]
}
]Related
nvd
nvd
CVE-2020-1932
2020-01-28 01:15:12
github
github
Information disclosure in Apache Superset
2020-02-26 19:54:57
osv
osv
PYSEC-2020-224
2020-01-28 01:15:00
Information disclosure in Apache Superset
2020-02-26 19:54:57
CVE-2020-1932
2020-01-28 01:15:12
prion
prion
Information disclosure
2020-01-28 01:15:00
veracode
veracode
Information Disclosure
2020-02-04 07:32:23
cve
cve
CVE-2020-1932
2020-01-28 01:15:12