Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ApacheSuperset

3 matches found

CVE
CVEadded 2022/04/13 7:15 p.m.99 views

CVE-2022-27479

Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue.

9.8CVSS9.8AI score0.05064EPSS
CVE
CVEadded 2022/02/01 2:15 p.m.79 views

CVE-2021-44451

Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. Users should upgrade to Apache Superset 1.4.0 or higher.

6.5CVSS6.2AI score0.6758EPSS
CVE
CVEadded 2022/07/06 1:15 p.m.70 views

CVE-2021-37839

Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics.

4.3CVSS4.2AI score0.00221EPSS