68 matches found
CVE-2024-53947
CVE-2024-53947 : Apache Superset is affected by an SQL Injection vulnerability due to improper neutralization of certain engine-specific functions, allowing bypass of SQL authorization. The issue affects versions
CVE-2023-36388
CVE-2023-36388 concerns Apache Superset. The issue is an improper REST API permission configuration that allows an authenticated, low-privilege user to initiate network connections, enabling possible SSRF. The vulnerability affects Superset up to version 2.1.0 (and older per disclosures), with th...
CVE-2023-36387
CVE-2023-36387 affects Apache Superset up to version 2.1.0. The issue is an improper default REST API permission that allows an authenticated Gamma user to test a database connection. The available connected documents corroborate this risk across multiple sources (e.g., Red Hat, OSV, CNVD-like re...
CVE-2023-39264
CVE-2023-39264 affects Apache Superset up to version 2.1.0. The root cause is that error handling defaulted to emitting stack traces, which exposes internal traces via REST API endpoints. The vulnerability enables potential disclosure of internal information and is categorized with network exposu...
CVE-2024-53949
CVE-2024-53949 describes an improper authorization vulnerability in Apache Superset that occurs when the FAB_ADD_SECURITY_API is enabled (default is disabled). The issue allows lower-privilege users to use the security API to perform actions that should be restricted. Affected versions are 2.0.0 ...
CVE-2023-27524
CVE-2023-27524 affects Apache Superset up to 2.0.1 where an insecure default SECRET_KEY allows authentication bypass and unauthorized access. Multiple connected sources show public exploits and PoCs (e.g., GitHub exploits for session cookie forging and potential RCE/auth bypass) illustrating prac...
CVE-2023-25504
Apache Superset (up to and including version 2.0.1) is affected by a Server-Side Request Forgery (SSRF) vulnerability that can be exploited by an authenticated user with specific permissions through the import dataset feature to query internal resources on the server where Superset runs. The cite...
CVE-2018-8021
CVE-2018-8021 concerns Apache Superset pre-0.23, where an unsafe pickle deserialization path can lead to remote code execution. The root cause is the use of an unsafe load method from pickle to deserialize data, enabling an attacker with network access to potentially execute arbitrary code. Multi...
CVE-2024-24772
CVE-2024-24772 affects Apache Superset prior to 3.0.4 and 3.1.0–3.1.0.1, where a guest user could exploit the Chart Data REST API to send arbitrary SQL statements; on error, information could be leaked from the analytics database. Root cause: improper handling/neutralization of SQL in the chart d...
CVE-2020-1932
CVE-2020-1932: Information disclosure in Apache Superset versions 0.34.0–0.35.1. Authenticated users can access an unused, undocumented API endpoint to retrieve other users’ data, including hashed passwords. Root cause is an exposed API path that allows leaking user records to logged-in users; ex...
CVE-2024-24779
Summary: CVE-2024-24779 affects Apache Superset. If users have custom roles that include the ability to write on datasets but lack full data access permissions, they can create virtual datasets to data they should not access, potentially exposing sensitive information. What’s affected: Apache Sup...
CVE-2024-26016
CVE-2024-26016 affects Apache Superset. A low-privilege authenticated user can import a dashboard or chart they shouldn’t access and modify its metadata, effectively gaining ownership of the object. The vulnerability hinges on improper authorization validation during the import process; access to...
CVE-2022-27479
Apache Superset is affected by CVE-2022-27479: before version 1.4.2, the chart data API is vulnerable to SQL injection. The issue is caused by unsafely constructed chart data requests, enabling potential leakage or manipulation of data. The impact is described in public advisories as high/critica...
CVE-2024-28148
Summary: Multiple sources describe an authorization issue in Apache Superset prior to 3.1.2. Affected product/component: Apache Superset, specifically the REST API used to explore datasources. Root cause (as stated): Incorrect datasource authorization on the explore REST API allowing an authentic...
CVE-2021-44451
CVE-2021-44451 affects Apache Superset up to 1.3.2. The vulnerability allows authenticated users to leak database connection passwords via registered database connections. Root cause: credentials can be exposed through the configuration/connection handling for database connections. Impact: confid...
CVE-2024-24773
The CVE-2024-24773 entry concerns Apache Superset. Affected versions are before 3.0.4 and 3.1.0 before 3.1.1, where improper parsing of nested SQL statements in SQLLab could allow authenticated users to bypass data authorization. The issue’s impact is elevated access to data within the authorizat...
CVE-2023-37941
CVE-2023-37941 affects Apache Superset where an attacker with write access to the metadata database can persist a crafted Python object to achieve remote code execution on the web backend. The vulnerability hinges on the metadata DB, an internal component, being accessible with significant privil...
CVE-2024-27315
Summary: CVE-2024-27315 affects Apache Superset and is caused by improper error handling when an authenticated user with privileges to create Alerts triggers a database error via a crafted SQL statement, potentially exposing data in error logs. Affected versions: before 3.0.4 and 3.1.0 before 3.1...
CVE-2024-53948
The CVE-2024-53948 entry concerns Apache Superset prior to 4.1.0, where error message generation can expose analytics metadata. This constitutes an information disclosure vector as described in multiple sources, with a fixed version 4.1.0 recommended by the advisories. Practical impact is informa...
CVE-2019-12413
CVE-2019-12413 affects Apache Superset prior to 0.31. A crafted complex query allows a user to query database metadata they have no access to, revealing information via an information-disclosure vulnerability. The available sources consistently describe this as a metadata/information-disclosure i...
CVE-2025-48912
CVE-2025-48912 affects Apache Superset prior to 4.1.2. An authenticated attacker can bypass row-level security by injecting SQL into the sqlExpression fields, enabling sub-queries that bypass defenses and grant unauthorized data access. The issue is triggered by specially crafted requests and is ...
CVE-2020-13952
Apache Superset CVE-2020-13952 affects all versions
CVE-2021-28125
CVE-2021-28125 affects Apache Superset up to and including 1.0.1. The issue is an open redirect in the URL shortener functionality caused by not validating user input, enabling a malicious user to craft a short URL for a dashboard that could deceive users into clicking it. Connected advisories co...
CVE-2019-12414
CVE-2019-12414 affects Apache Incubator Superset prior to 0.32. The issue allows a user to view database names to which they have no access, exposed in a SQLLab dropdown. The connected sources confirm the affected product/version and the information-disclosure impact, but do not provide root-caus...
CVE-2021-27907
CVE-2021-27907 affects Apache Superset up to version 0.38.0. A vulnerability exists where a Markdown component on a Dashboard page can be abused to inject JavaScript that is executed in the context of a user’s browser (Stored XSS). The underlying issue is the ability to create a div containing an...
CVE-2021-37839
CVE-2021-37839 affects Apache Superset up to version 1.5.1. The issue is an access control error that allows authenticated users to read metadata for datasets they have no permission on. Affected metadata includes dataset name, columns, and metrics. The root cause is described in connected source...
CVE-2023-49657
Apache Superset prior to 3.0.3 is affected by a stored XSS vulnerability: an authenticated user with create/update permissions on charts or dashboards can store a script or HTML snippet that executes in the context of a page. Impact details in the connected sources align on stored XSS with potent...
CVE-2022-41703
The CVE-2022-41703 issue is in Apache Superset’s SQL Alchemy connector. An authenticated user with read access to a database can add subqueries in the WHERE and HAVING clauses that reference tables the user should not access, even when the ALLOW_ADHOC_SUBQUERY feature flag is disabled. Affected v...
CVE-2024-39887
CVE-2024-39887 describes an SQL Injection in Apache Superset due to improper neutralization of engine-specific SQL functions. The vulnerability affects “Apache Superset” and allows bypassing SQL authorization via certain PostgreSQL functions, mitigated by a config key DISALLOWED_SQL_FUNCTIONS. Th...
CVE-2021-41971
Apache Superset versions up to 1.3.0 are affected by an SQL injection vulnerability when ENABLE_TEMPLATE_PROCESSING is enabled. The issue arises in template processing logic that processes a malicious HTTP request with a crafted URL, leading to potential SQL injection. Several sources (NVD, OSV, ...
CVE-2021-32609
CVE-2021-32609: Apache Superset up to 1.1 is affected by an XSS vulnerability on the Explore page due to unsanitized chart titles. An attacker with Explore access can save a chart with a malicious title, injecting HTML (including scripts) into the page. Connected sources (BIT-SUPERSET-2021-32609,...
CVE-2024-55633
CVE-2024-55633 is an Improper Authorization vulnerability in Apache Superset. An attacker with SQLLab access to a PostgreSQL analytic database can craft a SQL DML statement that is incorrectly identified as a read-only query, allowing its execution. The issue does not affect non-PostgreSQL analyt...
CVE-2021-42250
CVE-2021-42250 affects Apache Superset. The issue is improper output neutralization in a specific HTTP endpoint, allowing an authenticated user to forge log entries or inject malicious content into logs. Connected sources (NVD, OSV, GHSA, CNVD, OSV mirrors) confirm the vulnerability in Apache Sup...
CVE-2022-45438
CVE-2022-45438 affects Apache Superset where enabling the DASHBOARD_CACHE feature flag (off by default) allows an unauthenticated user to access dashboard configuration metadata via a REST API GET endpoint. Affected versions are Superset 1.5.2 and earlier, and 2.0.0. The underlying issue is an im...
CVE-2024-34693
CVE-2024-34693 is an Apache Superset vulnerability described across multiple sources as an Improper Input Validation issue. An authenticated attacker can create a MariaDB connection with local_infile enabled, and if both the MariaDB server and the local MySQL client on the web server permit local...
CVE-2023-30776
Technical details (affected product versions, root cause, exploitability, remediation) are not publicly available in the provided connected documents. Monitor for updates.
CVE-2022-43721
CVE-2022-43721 is an Open Redirect vulnerability in Apache Superset. An authenticated user with update datasets permission can alter a dataset’s link to point to an untrusted site, causing users to be redirected when clicking that dataset. Affected: Superset versions ≤ 1.5.2 and 2.0.0, per multip...
CVE-2020-13948
CVE-2020-13948 is tied to Apache Superset versions earlier than 0.37.1. An authenticated user could craft requests via templated text fields to gain arbitrary access to Python’s os package within the web application process. Impact details in the connected records show the user could enumerate an...
CVE-2022-43717
CVE-2022-43717 affects Apache Superset: dashboard rendering does not sufficiently sanitize Markdown content, enabling possible XSS by authenticated users with create dashboard permissions. Documented impact covers Superset versions 1.5.2 and earlier, and 2.0.0 (per CVE sources and related advisor...
CVE-2022-43719
CVE-2022-43719 affects Apache Superset; two legacy REST API endpoints for approval and request access are vulnerable to CSRF, impacting versions 1.5.2 and earlier, and 2.0.0. Root cause indicated by sources is lack of CSRF protection on these endpoints. CVSS v3.1 metrics show high impact (Confide...
CVE-2022-43720
CVE-2022-43720 affects Apache Superset (notified in multiple sources). An authenticated attacker with write permissions on CSS templates can create a record containing specific HTML tags that are not properly escaped by the toast message shown when deleting that CSS template, enabling HTML/Script...
CVE-2022-43718
CVE-2022-43718 affects Apache Superset up to version 1.5.2 and version 2.0.0. The issue is a Cross‑Site Scripting (XSS) vulnerability caused by upload data forms not correctly rendering user input, exploitable by authenticated users with database connection update permissions. The connected docum...
CVE-2021-41972
CVE-2021-41972 affects Apache Superset up to and including 1.3.1, where database connection passwords could be leaked to authenticated users in a non-trivial way. Connected documents corroborate a credentials leakage issue; however, the provided sources do not specify exploit vectors, affected su...
CVE-2023-27525
CVE-2023-27525 affects Apache Superset up to 2.0.1. An authenticated user with the Gamma role could access metadata information using non-trivial methods, enabling information disclosure. Documented impact is limited to metadata exposure; no exploit vectors or fixes are provided in the supplied s...
CVE-2023-39265
CVE-2023-39265 : Multiple connected documents describe a vulnerability in Apache Superset where SQLite database connections can be registered incorrectly when using alternative driver names (e.g., sqlite+pysqlite) or via database imports. This may allow arbitrary file creation on Superset webserv...
CVE-2025-27696
The CVE-2025-27696 entry concerns Apache Superset up to version 4.1.1, where an Incorrect Authorization vulnerability lets authenticated users with read permissions take ownership of dashboards, charts, or datasets. A fix is available in 4.1.2 and later. The public details consistently describe t...
CVE-2023-42504
CVE-2023-42504 describes a denial-of-service vulnerability in Apache Superset prior to 3.0.0 where an authenticated attacker can initiate multiple concurrent dashboard exports, potentially exhausting resources. Multiple connected sources (OSV, Red Hat, CNVD, GHSA advisories, etc.) corroborate a r...
CVE-2023-40610
CVE-2023-40610 affects Apache Superset prior to version 2.1.2. The issue is an improper authorization check that enables privilege escalation when using the default examples database connection, which can grant access to both the examples schema and Superset metadata DB. A specially crafted CTE S...
CVE-2023-42505
CVE-2023-42505 affects Apache Superset prior to 3.0.0. An authenticated user with read permissions on database connections metadata could access sensitive information such as the connection username. The connected documents confirm the affected product and impact but do not provide exploit detail...
CVE-2023-49734
Apache Superset is affected by an privilege-escalation vulnerability (CVE-2023-49734) where an authenticated Gamma user can create a dashboard, add charts, and automatically become an owner of those charts, gaining write permissions. Affected versions include the prior 2.1.x line (before 2.1.2) a...