Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi apache-superset Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS0yOTlxLTNwOTYtNTg5OM4AA70V
Apache Superset Incorrect Authorization vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 22 days ago
Moderate
GSA_kwCzR0hTQS0zdjlyLTg4NWotNzYyZ84AA5lb
Apache Superset: Improper authorization validation on dashboards and charts import
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS13cjZnLTl3Y3ItY21xas4AA5le
Apache Superset: Improper data authorization when creating a new dataset
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS01NDc0LWY3ZzUtMjczcc4AA5ld
Apache Superset: Improper validation of SQL statements allows for unauthorized access to data
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 6.6
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1tNmptLTN2MzgtNzZqNM4AA5la
Apache Superset: Improper Neutralization of custom SQL on embedded context
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS1oN3I2LThxbW0taGo1cs4AA5lZ
Apache Superset: Improper error handling on alerts
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 3 months ago
Critical
GSA_kwCzR0hTQS1yd2hoLTZ4ODMtODR2Ns4AA4od
Cross-site Scripting in Apache superset
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS05NW1nLWpnZngtNTR2Oc4AA35k
Apache Superset uncontrolled resource consumption
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 5 months ago
High
GSA_kwCzR0hTQS1nNDlqLWo0ODktM3hwZs4AA35g
Apache Superset incorrect write permissions vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS1qZnhqLXhmNjcteDcyM84AA35f
Apache Superset SQL injection vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 5 months ago
High
GSA_kwCzR0hTQS1mNjc4LWo1NzktNHhmNc4AA3Zv
Apache Superset - Elevation of Privilege
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS0zaHA3LTRxcTQtdjVjNs4AA3Zt
Apache Superset Allocation of Resources Without Limits or Throttling vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1mZ3B3LTR3NjktajI1Ns4AA3Zs
Apache Superset Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1oYzc0LTl2am0tYzl4ds4AA3Zp
Apache Superset Open Redirect vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS12djY1LWZqZmotNDczNs4AA3Xl
Apache Superset has Incorrect Default Permissions
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS13cThxLTk5cDUteGZyd84AA3Xf
Apache Superset Cross-site Scripting vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1mbTRxLWo4ZzQtYzlqNM4AA1vN
Apache Superset Improper Input Validation vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS05NWNoLXAzZ3ctMjNxZ84AA1vM
Apache Superset has incorrect authorization check
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1majR4LW02Mmotd3Z3Z84AA1vL
Apache Superset Deserialization of Untrusted Data vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS05ODMyLW1nZzQtM2dyNs4AA1um
Apache Superset has improper default REST API permission for Gamma users
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS12NTk0LTJjOTctaHgzOM4AA1ut
Apache Superset vulnerable to improper data authorization
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS05cWMzLXA5anEtMngyN84AA1up
Apache Superset users may incorrectly create resources using the import charts feature
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1jcHZ4LTIzNjUtNDY2Y84AA1un
Apache Superset may expose internal traces on REST API endpoints
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS00Zmc5LTV3NDYteG1yas4AA1u4
Apache Superset Server Side Request Forgery vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1jbWpjLTUyZmctOWY3as4AA0WQ
Apache Superset vulnerable to Exposure of Sensitive Information
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 11 months ago
Moderate
GSA_kwCzR0hTQS1meGpnLTI4Zm0tcGZ4aM4AA0WB
Apache Superset Server-Side Request Forgery vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 11 months ago
High
GSA_kwCzR0hTQS01Y3gyLXZxM2gteDUyY84AAy8Z
Apache superset missing check for default SECRET_KEY
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS03amhnLThtNzQtNmY2Z84AAy0X
Apache Superset vulnerable to Improper Authorization
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1jeHZwLTNmcm0tMzg3Ns4AAw_h
Apache Superset's SQL Alchemy connector vulnerable to SQL Injection
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03OXg1LWN2NzktNDlyas4AAw_k
Apache Superset is vulnerable to Cross-Site Scripting (XSS)
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: over 1 year ago
High
GSA_kwCzR0hTQS03MjIyLXIzN3gtOHEzbc4AAw_j
Apache Superset vulnerable to Cross-Site Request Forgery via legacy REST API endpoints
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05Zjg4LXdnNXItOTQ3as4AAw_i
Apache Superset vulnerable to Cross-site Scripting
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1mY2c0LXBtNmgtOXh4Ms4AAw_q
Apache Superset Open Redirect vulnerability
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04ZjVqLW1neDktNWhtNc4AAw_n
Apache Superset has Improper Access Control
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1mcG1yLXFtZ2gtNDJ4Ms4AAw_p
Apache Superset vulnerable to Injection
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03NDhyLTVyOHEtMjczbc4AAtJB
Apache Superset allows authenticated users to access metadata they have no permission to
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13MzU4LXJqOTMtcjVxds4AArLC
Apache Superset Stored XSS on Dashboard markdown
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: about 2 years ago
High
GSA_kwCzR0hTQS1jajdnLWg3cmYtaDhqOc4AArGT
Apache Superset OS Command Injection
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01ZnA4LWM0NW0tMjU2cM4AAqrR
Improper Encoding or Escaping of Output in Apache Superset
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS00MnE0LTl4ZjktZjY3eM4AAqqA
Apache Superset allowed for database connections password leak for authenticated users
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1mOHZjLWYyOHcteDljOc4AAqUo
Apache Superset Cross-site Scripting (XSS) vulnerability on the Explore page
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: about 2 years ago
High
GSA_kwCzR0hTQS1wZzhtLTRwOGotMnA1Ns4AAqUX
Apache Superset SQL Injection when template processing is enabled
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 11.8
Published: about 2 years ago
Critical
GSA_kwCzR0hTQS13aDczLWhwY2ctdjMyas07XA
SQL injection in apache-superset
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 13.2
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1oaG0zLTQ4aDItNTk3ds0oGA
Insufficiently Protected Credentials in Apache Superset
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: over 2 years ago
Moderate
GSA_kwCzR0hTQS1wZndnLXJ4ZjQtOTdjM80WMg
Open Redirect in Apache Superset
Ecosystems: pypi
Packages: apache-superset, superset
Source: GitHub Advisory Database
Blast Radius: 8.2
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3cHctYzNqMi01ZmM4
Plaintext password leak in Apache Superset
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1dzctcW1xNi1wbWpy
Users able to query database metadata in Apache Superset
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTljMjktOWg0bS13ZzVw
Users can view database names in Apache Superset
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4am0td3ZqOS05YzM5
Information disclosure in Apache Superset
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: over 4 years ago
Statistics
Advisories: 18,946
Packages: 8,441
Repositories: 3
Ecosystems: 12
Filter by Package
tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 django 80 apache-airflow 79 ansible 63 salt 53 Plone 52 apache-superset 49 nova 46 plone 43 rdiffweb 42 Pillow 41 vyper 38 matrix-synapse 35 moin 35 mlflow 33 Django 32 keystone 31 opencv-contrib-python 30 opencv-python 30 glance 19 langchain 18 PaddlePaddle 17 cobbler 17 mercurial 17 neutron 16 pillow 16 paddlepaddle 15 cryptography 15 notebook 15 gradio 15 pyftpdlib 14 pyload-ng 14 modoboa 14 vantage6 13 OctoPrint 13 swift 12 horizon 11 aiohttp 11 calibreweb 11 twisted 11 urllib3 11 onionshare-cli 11 Flask-AppBuilder 10 trytond 10 ethyca-fides 10 wagtail 10 nautobot 10 kiwitcms 9 zope 9 Zope 9 waitress 9 opencv-contrib-python-headless 9 opencv-python-headless 9 ryu 9 roundup 9 label-studio 8 aubio 8 cinder 8 python-keystoneclient 8 numpy 8 trac 8 scrapy 7 jupyter-server 7 matrix-sydent 7 lief 7 pysaml2 7 pip 7 pgadmin4 7 ipython 7 mailman 6 mindsdb 6 requests 6 apache-airflow-providers-apache-hive 6 Zope2 6 inventree 6 lxml 6 sentry 6 graphite-web 6 web2py 6 Moin 6 tuf 6 paramiko 5 saleor 5 lmdb 5 omero-web 5 python-gnupg 5 pyspark 5 feedparser 5 Jinja2 5 whoogle-search 5 ckan 5 Products.CMFPlone 5 bleach 5 pretix 4 PyPDF2 4 Keystone 4 nvflare 4 httpie 4 barbican 4 oauthenticator 4 grpcio 4 grpc 4 tripleo-heat-templates 4 Scrapy 4 Radicale 4 starlette 4 ansible-core 4 datasette 4 tornado 4 qutebrowser 4 Flask-Security-Too 4 buildbot 4 nltk 4 reportlab 4 Pygments 4 markdown2 4 keylime 4 jwcrypto 4 werkzeug 4 Werkzeug 4 bottle 4 GitPython 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 aws-iot-device-sdk-v2 4 jupyterhub 4 awsiotsdk 4 esphome 4 yt-dlp 4 FreeTAKServer-UI 4 transformers 4 pandasai 3 mayan-edms 3 indy-node 3 aim 3 pyyaml 3 localstack 3 ray 3 poetry 3 io.grpc:grpc-protobuf 3 keyring 3 plone.supermodel 3 wger 3 apache-airflow-providers-apache-spark 3 plone.app.dexterity 3 plone.app.theming 3 plone.app.event 3 asyncua 3 flask 3 changedetection.io 3 openvpn-monitor 3 sanic 3 indico 3 dbt-core 3 protobuf 3 zenml 3 pywasm3 3 httplib2 3 Weblate 3 SQLAlchemy 3 pyarrow 3 mistune 3 asyncssh 3 ujson 3 ajenti 3 django-helpdesk 3 llama-index 3 mitmproxy 3 Kallithea 3 pycrypto 3 rsa 3 sickrage 3 keystonemiddleware 3 copyparty 3 octavia 3 slixmpp 3 Nova 3 Mezzanine 3 gerapy 3 clearml 3 docassemble.webapp 3 torchserve 3 fava 3 onnx 3 quokka 3 homeassistant 3 jupyterlab 3 sqlparse 3 ecdsa 3 python-jose 3 bitlyshortener 3 ansible-runner 3 Products.PluggableAuthService 3 streamlit 3 apache-iotdb 3 dulwich 3 sosreport 3 apache-libcloud 3 archivy 2