CVE-2023-36387 - An In-Depth Analysis of an Improper Default REST API Permission for Gamma Users in Apache Superset (Up to and Including 2.1.) That Allows Testing Database Connections
Abstract: Apache Superset is a popular open-source data exploration and visualization platform. Improper default REST API permissions for Gamma users can lead to a significant
CVE-2023-36388 - Exploiting Improper REST API Permission in Apache Superset (Up To and Including v2.1.) for Possible SSRF Attack
A recent vulnerability, CVE-2023-36388, has been discovered in Apache Superset up to and including version 2.1.. This vulnerability occurs due to improper REST API
CVE-2023-27524 - Session Validation Attacks in Apache Superset: How They Work, How to Patch, and Protecting Your Data
The open-source data visualization and business intelligence tool, Apache Superset, is affected by a vulnerability identified as CVE-2023-27524. This vulnerability allows attackers to authenticate and
CVE-2023-25504 - Apache Superset Import Dataset Vulnerability Allowing SSRF Attacks by Authenticated Attackers
A newly discovered vulnerability (CVE-2023-25504) in Apache Superset enables an attacker to conduct Server-Side Request Forgery (SSRF) attacks once they have been authenticated and provided
Episode
00:00:00
00:00:00