Apache Superset - CVE CyberSecurity Database News (Page 2)

Sep 6, 2023 API Apache Apache Software Foundation Apache Superset

CVE-2023-36387 - How Improper Default REST API Permissions in Apache Superset Expose Sensitive Database Operations

--- Introduction In June 2023, a significant security issue was disclosed in Apache Superset—an open-source data visualization and exploration platform. The vulnerability, identified as

Sep 6, 2023 API Apache Apache Software Foundation Apache Superset

CVE-2023-36388 - How Improper REST API Permission in Apache Superset (≤ 2.1.) Can Lead to SSRF for Authenticated Gamma Users

Apache Superset is a popular open-source data visualization platform, used by businesses and data teams everywhere. But even the best tools sometimes have dangerous flaws.

Apr 24, 2023 Exploit SQL Apache Apache Software Foundation Apache Superset

CVE-2023-27524 - How Default Secrets in Apache Superset Opened the Door to Session Hijacking

In May 2023, the open-source analytics platform Apache Superset made headlines—but for all the wrong reasons. A critical vulnerability tracked as CVE-2023-27524 was disclosed,

Apr 17, 2023 Apache Apache Software Foundation Apache Superset

CVE-2023-25504 - How Authenticated Users Can Exploit Apache Superset’s Dataset Import for SSRF Attacks

1. Background: What is Apache Superset? Apache Superset is a popular open-source data visualization and data exploration platform. It’s used by data scientists and