3 matches found
CVE-2023-42501
Unnecessary read permissions within the Gamma role would allow authenticated users to read configured CSS templates and annotations. This issue affects Apache Superset: before 2.1.2. Users should upgrade to version or above 2.1.2 and run superset init to reconstruct the Gamma role or remove canre...
CVE-2023-42501 Apache Superset: Unnecessary read permissions within the Gamma role
Unnecessary read permissions within the Gamma role would allow authenticated users to read configured CSS templates and annotations. This issue affects Apache Superset: before 2.1.2. Users should upgrade to version or above 2.1.2 and run superset init to reconstruct the Gamma role or remove canre...
CVE-2023-42501
Apache Superset prior to 2.1.2 is affected by CVE-2023-42501, where the Gamma role grants unnecessary read permissions, allowing authenticated users to read configured CSS templates and annotations. The vulnerability is described as an information disclosure risk with a CVSS v3.1 base score of 4....