7 matches found
CVE-2023-39265
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks
Patches have been released to address two new security vulnerabilities in Apache Superset that could be exploited by an attacker to gain remote code execution on affected systems. The update version 2.1.1 plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious actions...
CVE-2023-39265
creationtimestamp| type| source ---|---|--- 2023-09-07 11:01:26+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8984 2023-09-07 13:31:34+00:00| seen| https://t.me/thehackernews/3838 2023-09-07 13:42:21+00:00| published-proof-of-concept|...
CVE-2023-39265
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
CVE-2023-39265 Apache Superset: Possible Unauthorized Registration of SQLite Database Connections
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
CVE-2023-39265 Apache Superset: Possible Unauthorized Registration of SQLite Database Connections
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...
CVE-2023-39265 Apache Superset: Possible Unauthorized Registration of SQLite Database Connections
Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is usin...