12 matches found
EUVD-2023-2476
Malicious code in bioql PyPI...
BIT-SUPERSET-2023-36387 Apache Superset: Improper API permission for low privilege users
An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections...
GHSA-4FG9-5W46-XMRJ Apache Superset Server Side Request Forgery vulnerability
Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF...
Apache Superset Server Side Request Forgery vulnerability
Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF...
Apache Superset has improper default REST API permission for Gamma users
An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections...
CVE-2023-36388
Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF...
CVE-2023-36388
Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF...
CVE-2023-36387
An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections...
CVE-2023-36387
CVE-2023-36387 affects Apache Superset up to version 2.1.0. The issue is an improper default REST API permission that allows an authenticated Gamma user to test a database connection. The available connected documents corroborate this risk across multiple sources (e.g., Red Hat, OSV, CNVD-like re...
CVE-2023-36387 Apache Superset: Improper API permission for low privilege users
An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections...
PT-2023-6899 · Apache · Apache Superset
Name of the Vulnerable Software and Affected Versions: Apache Superset versions up to and including 2.1.0 Description: The issue is related to an improper default REST API permission for Gamma users in Apache Superset, which is connected to shortcomings in the authorization mechanism. This allows...
PT-2023-25567 · Apache · Apache Superset
Name of the Vulnerable Software and Affected Versions: Apache Superset versions up to and including 2.1.0 Description: The issue is related to improper REST API permission in Apache Superset, allowing authenticated Gamma users to test network connections, which may lead to a possible Server-Side...