Filter
Versions
Apache SupersetApache Superset Insecure Default Initialization of Resource Vulnerability
First published (updated )
Apache SupersetPossible SQL Injection when template processing is enabled
8.8
First published (updated )
Apache SupersetApache Superset: Lack of rate limiting allows for possible denial of service
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/supersetVersions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize…
9.8
First published (updated )
Apache SupersetApache Superset: Database connection password leak
6.5
First published (updated )
Apache SupersetApache Superset: Possible SSRF on import datasets
6.5
First published (updated )
pip/apache-supersetApache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104)
6.5
EPSS
0.04%
First published (updated )
Apache SupersetApache Superset: Incorrect default permissions for Gamma role
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SupersetApache Superset: Metadata db write access can lead to remote code execution
6.6
First published (updated )
Apache SupersetApache Superset: Possible Unauthorized Registration of SQLite Database Connections
6.5
First published (updated )
pip/apache-supersetApache Superset: Improper API permission for low privilege users
5.4
First published (updated )
Apache SupersetApache Superset: SQL parser edge case bypasses data access authorization
4.3
First published (updated )
Apache SupersetApache Superset: Improper Authorization check on import charts
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/apache-supersetApache Superset: Improper API permission for low privilege users allows for SSRF
5.4
First published (updated )
Apache SupersetApache Superset: Improper data permission validation on Jinja templated queries
First published (updated )
Apache SupersetApache Superset: Stack traces enabled by default
4.3
First published (updated )
Apache SupersetApache Superset: Allows for uncontrolled resource consumption via a ZIP bomb
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/apache-supersetApache Superset: Unnecessary read permissions within the Gamma role
4.3
First published (updated )
pip/apache-supersetImproper access to dataset metadata information
4.3
First published (updated )
Apache SupersetApache Superset stored XSS on Dashboard markdown
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.