61136 matches found
GHSA-H294-8FXM-M2PJ Apache Superset allows authenticated users to view sensitive data without explicit permissions
A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to retrieve sensitive user information. The Tag endpoint disabled by default allows users to retrieve a list of objects associated with a specific tag. When these associated objects include Users, the A...
Apache Superset allows privileged users to conduct error-based SQL Injection
Improper Neutralization of Special Elements used in a SQL Command 'SQL Injection' vulnerability in Apache Superset allows an authenticated user with read access to conduct error-based SQL injection via the sqlExpression or where parameters. This issue affects Apache Superset: before 6.0.0. Users...
Apache Superset: Incomplete DISALLOWED_SQL_FUNCTIONS default list for ClickHouse engine
Apache Superset utilizes a configurable dictionary, DISALLOWEDSQLFUNCTIONS, to restrict the execution of potentially sensitive SQL functions within SQL Lab and charts. While this feature included restrictions for engines like PostgreSQL, a vulnerability was reported where the default list for the...
Apache Superset: Read-Only Bypass via Improper Input Validation on PostgreSQL Connections
An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated user with SQLLab access to bypass the read-only verification check when using a PostgreSQL database connection. While the system effectively blocks standard Data Manipulation Language DML statements...
Apache Superset Improper Authorization allows low-privileged users to bypass access controls
An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user to bypass data access controls. When creating a dataset, Superset enforces permission checks to prevent users from querying unauthorized data. However, an authenticated attacker with permissions to...
GHSA-GVXG-9HQX-F4RG Apache Superset allows privileged users to conduct error-based SQL Injection
Improper Neutralization of Special Elements used in a SQL Command 'SQL Injection' vulnerability in Apache Superset allows an authenticated user with read access to conduct error-based SQL injection via the sqlExpression or where parameters. This issue affects Apache Superset: before 6.0.0. Users...
SQL Injection
Overview apache-superset is a modern, enterprise-ready business intelligence web application. Affected versions of this package are vulnerable to SQL Injection via the sqlExpression or where parameters. An attacker can execute arbitrary SQL commands by injecting malicious input into these...
Incorrect Authorization
Overview apache-superset is a modern, enterprise-ready business intelligence web application. Affected versions of this package are vulnerable to Incorrect Authorization in the PostgreSQL database connection for SQLLab. An attacker can perform unauthorized data modification by submitting speciall...
SQL Injection
Overview apache-superset is a modern, enterprise-ready business intelligence web application. Affected versions of this package are vulnerable to SQL Injection via incomplete filtering of SQL functions for the ClickHouse engine in the DISALLOWEDSQLFUNCTIONS configuration. An attacker can access...
CVE-2026-23984
An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated user with SQLLab access to bypass the read-only verification check when using a PostgreSQL database connection. While the system effectively blocks standard Data Manipulation Language DML statements...
CVE-2026-23983
A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to retrieve sensitive user information. The Tag endpoint disabled by default allows users to retrieve a list of objects associated with a specific tag. When these associated objects include Users, the A...
CVE-2026-23984
An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated user with SQLLab access to bypass the read-only verification check when using a PostgreSQL database connection. While the system effectively blocks standard Data Manipulation Language DML statements...
CVE-2026-23982
An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user to bypass data access controls. When creating a dataset, Superset enforces permission checks to prevent users from querying unauthorized data. However, an authenticated attacker with permissions to...
CVE-2026-23980
Improper Neutralization of Special Elements used in a SQL Command 'SQL Injection' vulnerability in Apache Superset allows an authenticated user with read access to conduct error-based SQL injection via the sqlExpression or where parameters. This issue affects Apache Superset: before 6.0.0. Users...
CVE-2026-23969
Apache Superset utilizes a configurable dictionary, DISALLOWEDSQLFUNCTIONS, to restrict the execution of potentially sensitive SQL functions within SQL Lab and charts. While this feature included restrictions for engines like PostgreSQL, a vulnerability was reported where the default list for the...
CVE-2026-23969
Apache Superset utilizes a configurable dictionary, DISALLOWEDSQLFUNCTIONS, to restrict the execution of potentially sensitive SQL functions within SQL Lab and charts. While this feature included restrictions for engines like PostgreSQL, a vulnerability was reported where the default list for the...
CVE-2026-23982
An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user to bypass data access controls. When creating a dataset, Superset enforces permission checks to prevent users from querying unauthorized data. However, an authenticated attacker with permissions to...
CVE-2026-23980
Improper Neutralization of Special Elements used in a SQL Command 'SQL Injection' vulnerability in Apache Superset allows an authenticated user with read access to conduct error-based SQL injection via the sqlExpression or where parameters. This issue affects Apache Superset: before 6.0.0. Users...
CVE-2026-23552
Cross-Realm Token Acceptance Bypass in KeycloakSecurityPolicy Apache Camel Keycloak component. The Camel-Keycloak KeycloakSecurityPolicy does not validate the iss issuer claim of JWT tokens against the configured realm. A token issued by one Keycloak realm is silently accepted by a policy...
CVE-2026-23969
Apache Superset prior to 4.1.2 is affected by CVE-2026-23969 due to an incomplete default DISALLOWED_SQL_FUNCTIONS list for the ClickHouse engine, which can lead to exposure of sensitive information in SQL Lab and charts. The vulnerability’s impact is described with a CVSS 4.0 base score of 5.3 (...