Apache Superset Vulnerabilities
Apache Apache Superset vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Incorrectly Identified SQL DML Statement Vulnerability Affects Apache Superset Before 4.1.0
CVE-2024-55633ApacheApache SupersetImproper Input Validation Vulnerability in Apache Superset Allows for File Reading and Insertion
CVE-2024-34693ApacheApache SupersetπΎπ‘π°6.8MEDIUMAuthenticated User Can Access Metadata for Unauthorized Datasource via Targeted REST API Request
CVE-2024-28148ApacheApache Superset4.3MEDIUMLow Privilege User Can Modify Ownership of Charts and Dashboards, But Data Access Privileges Still Apply
CVE-2024-26016ApacheApache Superset5.4MEDIUMVirtual Datasets Lead to Unauthorized Data Access in Apache Superset
CVE-2024-24779ApacheApache Superset6.5MEDIUMArbitrary SQL Statements Could Leak Information from Underlying Analytics Database
CVE-2024-24772ApacheApache Superset4.3MEDIUMAuthenticated Users Can Surpass Data Authorization Scope via Improper Nested SQL Parsing
CVE-2024-24773ApacheApache Superset6.5MEDIUMError in Alerts & Reports May Expose Sensitive Data
CVE-2024-27315ApacheApache Superset4.3MEDIUMMalicious ZIP Upload Vulnerability Affects Apache Superset
CVE-2024-23952ApacheApache Superset6.5MEDIUMApache Superset: Stored XSS in Dashboard Title and Chart Title
CVE-2023-49657ApacheApache Superset5.4MEDIUMApache Superset: Allows for uncontrolled resource consumption via a ZIP bomb
CVE-2023-46104ApacheApache Superset6.5MEDIUMApache Superset: Privilege Escalation Vulnerability
CVE-2023-49734ApacheApache Superset7.7HIGHApache Superset: SQL Injection on where_in JINJA macro
CVE-2023-49736ApacheApache Superset6.5MEDIUMApache Superset: Lack of rate limiting allows for possible denial of service
CVE-2023-42504ApacheApache Superset5.8MEDIUMApache Superset: Open Redirect Vulnerability
CVE-2023-42502ApacheApache Superset5.4MEDIUMApache Superset: Sensitive information disclosure on db connection details
CVE-2023-42505ApacheApache Superset4.3MEDIUMApache Superset: Privilege escalation with default examples database
CVE-2023-40610ApacheApache Superset8.8HIGHApache Superset: Stored XSS on API endpoint
CVE-2023-43701ApacheApache Superset5.4MEDIUMApache Superset: Unnecessary read permissions within the Gamma role
CVE-2023-42501ApacheApache Superset4.3MEDIUMApache Superset: Metadata db write access can lead to remote code execution
CVE-2023-37941ApacheApache SupersetπΎπ‘6.6MEDIUMApache Superset: Possible Unauthorized Registration of SQLite Database Connections
CVE-2023-39265ApacheApache Superset3.8LOWApache Superset: SQL parser edge case bypasses data access authorization
CVE-2023-32672ApacheApache Superset4.3MEDIUMApache Superset: Improper Authorization check on import charts
CVE-2023-27526ApacheApache Superset4.3MEDIUMApache Superset: Improper API permission for low privilege users
CVE-2023-36387ApacheApache Superset5.4MEDIUMApache Superset: Stack traces enabled by default
CVE-2023-39264ApacheApache Superset4.3MEDIUM