Lucene search
+L

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-1792

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.01699EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/13 8:59 p.m.6 views

CVE-2023-46104

Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets. This vulnerability exists in Apache Superset versions up to and including 2.1.2 and versions 3.0.0, 3.0.1...

6.5CVSS6AI score0.01653EPSS
Exploits0References6
OSV
OSV
added 2025/02/05 7:26 a.m.14 views

BIT-SUPERSET-2024-23952 Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104)

This is a duplicate for CVE-2023-46104. With correct CVE version ranges for affected Apache Superset. Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets. This vulnerability exists in Apache Superset...

6.5CVSS6.1AI score0.01699EPSS
Exploits0References4
Prion
Prion
added 2024/02/14 12:15 p.m.29 views

Code injection

This is a duplicate for CVE-2023-46104. With correct CVE version ranges for affected Apache Superset. Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets. This vulnerability exists in Apache Superset...

4CVSS6.8AI score0.01699EPSS
Exploits0References3
OSV
OSV
added 2024/02/14 11:9 a.m.7 views

CVE-2024-23952 Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104)

This is a duplicate for CVE-2023-46104. With correct CVE version ranges for affected Apache Superset. Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets. This vulnerability exists in Apache Superset...

6.5CVSS6.5AI score0.01699EPSS
Exploits0References5
CVE
CVE
added 2023/12/19 9:30 a.m.58 views

CVE-2023-46104

CVE-2023-46104 affects Apache Superset up to v2.1.2 and v3.0.0–v3.0.1. Uncontrolled resource consumption can be triggered by an authenticated attacker who uploads a malicious ZIP to import databases, dashboards, or datasets. The CVSS base shows a Medium severity (6.5) with Network access, low att...

6.5CVSS6.1AI score0.01653EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder