Lucene search
+L

5 matches found

The Hacker News
The Hacker News
added 2023/09/07 11:2 a.m.96 views

Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks

Patches have been released to address two new security vulnerabilities in Apache Superset that could be exploited by an attacker to gain remote code execution on affected systems. The update version 2.1.1 plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious actions...

9.8CVSS8.1AI score0.97405EPSS
Exploits20
NVD
NVD
added 2023/04/24 4:15 p.m.31 views

CVE-2023-30776

An authenticated user with specific data permissions could access database connections stored passwords by requesting a specific REST API. This issue affects Apache Superset version 1.3.0 up to 2.0.1...

6.5CVSS5.3AI score0.02067EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/04/24 3:29 p.m.14 views

CVE-2023-30776 Apache Superset: Database connection password leak

An authenticated user with specific data permissions could access database connections stored passwords by requesting a specific REST API. This issue affects Apache Superset version 1.3.0 up to 2.0.1...

4.9CVSS6.5AI score0.02067EPSS
Exploits0References2
CVE
CVE
added 2023/04/24 3:29 p.m.82 views

CVE-2023-30776

Technical details (affected product versions, root cause, exploitability, remediation) are not publicly available in the provided connected documents. Monitor for updates.

6.5CVSS5.8AI score0.02067EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/24 3:29 p.m.36 views

CVE-2023-30776 Apache Superset: Database connection password leak

An authenticated user with specific data permissions could access database connections stored passwords by requesting a specific REST API. This issue affects Apache Superset version 1.3.0 up to 2.0.1...

4.9CVSS6.5AI score0.02067EPSS
Exploits0References2
Rows per page
Query Builder