EPSS
Percentile
99.3%
superset is vulnerable to a remote code execution (RCE) attack. The library does not properly handle the deserialization of .pickle files, allowing a malicious user to inject and execute arbitrary code through it.
github.com/apache/incubator-superset/pull/4243