10 matches found
EUVD-2019-0019
Malware in sbrugna...
CVE-2019-12414
In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab...
Information Disclosure
Apache Incubator Superset is susceptible to information disclosure. The database names are leaked to the users with no-access to on a dropdown list in SQLLab...
CVE-2019-12413
In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query...
CVE-2019-12414
In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab...
PYSEC-2019-172
In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query...
PYSEC-2019-173
In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab...
CVE-2019-12413
In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query...
CVE-2019-12414
CVE-2019-12414 affects Apache Incubator Superset prior to 0.32. The issue allows a user to view database names to which they have no access, exposed in a SQLLab dropdown. The connected sources confirm the affected product/version and the information-disclosure impact, but do not provide root-caus...
PT-2019-12793 · Apache · Apache Incubator Superset
Name of the Vulnerable Software and Affected Versions: Apache Incubator Superset versions prior to 0.32 Description: A user can view database names that he has no access to on a dropdown list in SQLLab. Recommendations: For versions prior to 0.32, update to version 0.32 or later to resolve the...