5 matches found
CVE-2024-23952
This is a duplicate for CVE-2023-46104. With correct CVE version ranges for affected Apache Superset. Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets. This vulnerability exists in Apache Superset...
CVE-2024-23952
creationtimestamp| type| source ---|---|--- 2024-02-14 14:57:07+00:00| seen| Telegram/8K6TrZIuKfzL01C3u115-urvxgIbnSBWzqnmO7jFb8jonEQ...
CVE-2024-23952
This is a duplicate for CVE-2023-46104. With correct CVE version ranges for affected Apache Superset. Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets. This vulnerability exists in Apache Superset...
CVE-2024-23952
CVE-2024-23952 is a duplicate of CVE-2023-46104 describing an attack that triggers uncontrolled resource consumption in Apache Superset by an authenticated user uploading a malicious ZIP to import databases, dashboards or datasets. Affected versions include Superset up to 2.1.2 and 3.0.0–3.0.1. T...
CVE-2024-23952 Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104)
This is a duplicate for CVE-2023-46104. With correct CVE version ranges for affected Apache Superset. Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets. This vulnerability exists in Apache Superset...