10 matches found
EUVD-2023-0451
Malicious code in bioql PyPI...
CVE-2022-41703
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
BIT-SUPERSET-2022-41703 Apache Superset: SQL injection vulnerability in adhoc clauses
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
Apache Superset's SQL Alchemy connector vulnerable to SQL Injection
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
GHSA-CXVP-3FRM-3876 Apache Superset's SQL Alchemy connector vulnerable to SQL Injection
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
CVE-2022-41703
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
Design/Logic Flaw
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
CVE-2022-41703 Apache Superset: SQL injection vulnerability in adhoc clauses
A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...
CVE-2022-41703
The CVE-2022-41703 issue is in Apache Superset’s SQL Alchemy connector. An authenticated user with read access to a database can add subqueries in the WHERE and HAVING clauses that reference tables the user should not access, even when the ALLOW_ADHOC_SUBQUERY feature flag is disabled. Affected v...
ALSA-2019:0984 Moderate: python36:3.6 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. SQLAlchemy is an...