Lucene search
ApacheCVELIST:CVE-2021-44451HistoryFeb 01, 2022 - 1:16 p.m.
CVE-2021-44451 API sensitive information leak
2022-02-0113:16:32
CWE-522
apache
www.cve.org
Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. Users should upgrade to Apache Superset 1.4.0 or higher.
CNA Affected
[
{
"product": "Apache Superset",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.3.2",
"status": "affected",
"version": "Apache Superset",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2021-44451
2022-02-01 14:15:09
osv
osv
PYSEC-2022-36
2022-02-01 14:15:00
Insufficiently Protected Credentials in Apache Superset
2022-02-02 00:01:46
CVE-2021-44451
2022-02-01 14:15:09
nvd
nvd
CVE-2021-44451
2022-02-01 14:15:09
veracode
veracode
Information Disclosure
2022-02-03 06:51:04
cnvd
cnvd
Apache Superset Information Disclosure Vulnerability (CNVD-2022-14706)
2022-02-10 00:00:00
prion
prion
Default credentials
2022-02-01 14:15:00
github
github
Insufficiently Protected Credentials in Apache Superset
2022-02-02 00:01:46
nuclei
nuclei
Apache Superset <=1.3.2 - Default Login
2021-07-21 05:21:27