Lucene search
GoogleOSV:GHSA-VXP9-WV2F-WQMWHistoryNov 09, 2018 - 5:40 p.m.
Deserialization of Untrusted Data in superset
2018-11-0917:40:56
Google
osv.dev
14
EPSS
0.948
Percentile
99.3%
Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior to any Superset release under the Apache Software Foundation.
Related
packetstorm
packetstorm
Apache Superset 0.23 Remote Code Execution
2018-12-04 00:00:00
zdt
zdt
Apache Superset 0.23 - Remote Code Execution Exploit
2018-12-03 00:00:00
osv
osv
PYSEC-2018-74
2018-11-07 14:29:00
CVE-2018-8021
2018-11-07 14:29:00
prion
prion
Remote code execution
2018-11-07 14:29:00
cve
cve
CVE-2018-8021
2018-11-07 14:29:00
exploitpack
exploitpack
Apache Superset 0.23 - Remote Code Execution
2018-12-03 00:00:00
github
github
Deserialization of Untrusted Data in superset
2018-11-09 17:40:56
veracode
veracode
Remote Code Execution (RCE)
2018-11-08 03:39:47
checkpoint_advisories
checkpoint_advisories
Apache Superset 0.23 Remote Code Execution (CVE-2018-8021)
2018-12-27 00:00:00
cvelist
cvelist
CVE-2018-8021
2018-11-07 14:00:00
nvd
nvd
CVE-2018-8021
2018-11-07 14:29:00
exploitdb
exploitdb
Apache Superset < 0.23 - Remote Code Execution
2018-12-03 00:00:00