Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/12 10:25 a.m.10 views

CVE-2024-24772

A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, whi...

4.3CVSS7AI score0.00945EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/28 11:26 a.m.18 views

CVE-2024-24772 Apache Superset: Improper Neutralisation of custom SQL on embedded context

A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, whi...

4.3CVSS4.8AI score0.00945EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/28 11:26 a.m.33 views

CVE-2024-24772 Apache Superset: Improper Neutralisation of custom SQL on embedded context

A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, whi...

4.3CVSS5.2AI score0.00945EPSS
Exploits0References1
OSV
OSV
added 2024/02/28 11:26 a.m.7 views

CVE-2024-24772 Apache Superset: Improper Neutralisation of custom SQL on embedded context

A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, whi...

4.3CVSS6.1AI score0.00945EPSS
Exploits0References4
Rows per page
Query Builder