Security Advisories for apache-superset in pypi
Moderate
about 2 months ago
Apache Superset's chart visualization has a stored Cross-Site Scripting (XSS) vulnerability
pypi
apache-superset
Moderate
about 2 months ago
Apache Superset allows authenticated users to discover metadata about datasources they don't have permission to access
pypi
apache-superset
Moderate
about 2 months ago
Apache Superset data query improperly discloses database schema information to low-privileged guest user
pypi
apache-superset
Moderate
about 2 months ago
Apache Superset has bypass of `DISALLOWED_SQL_FUNCTIONS` that allows execution of blocked SQL functions
pypi
apache-superset
High
4 months ago
Apache Superset: Improper authorization bypass on row level security via SQL Injection
pypi
apache-superset
High
10 months ago
Apache Superset: SQLLab Improper readonly query validation allows unauthorized write access
pypi
apache-superset
High
10 months ago
Apache Superset: Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled
pypi
apache-superset
Low
10 months ago
Apache Superset: Improper SQL authorisation, parse not checking for specific postgres functions
pypi
apache-superset
Moderate
10 months ago
Apache Superset: Error verbosity exposes metadata in analytics databases
pypi
apache-superset
Moderate
about 1 year ago
Apache Superset vulnerable to improper SQL authorization
pypi
apache-superset
Moderate
over 1 year ago
Apache Superset: Improper authorization validation on dashboards and charts import
pypi
apache-superset
Moderate
over 1 year ago
Apache Superset: Improper data authorization when creating a new dataset
pypi
apache-superset
Moderate
over 1 year ago
Apache Superset: Improper validation of SQL statements allows for unauthorized access to data
pypi
apache-superset
Moderate
over 1 year ago
Apache Superset: Improper Neutralization of custom SQL on embedded context
pypi
apache-superset
High
almost 2 years ago
Apache Superset incorrect write permissions vulnerability
pypi
apache-superset
Moderate
almost 2 years ago
Apache Superset Allocation of Resources Without Limits or Throttling vulnerability
pypi
apache-superset
Moderate
almost 2 years ago
Apache Superset Exposure of Sensitive Information to an Unauthorized Actor vulnerability
pypi
apache-superset
Moderate
about 2 years ago
Apache Superset Deserialization of Untrusted Data vulnerability
pypi
apache-superset
Moderate
about 2 years ago
Apache Superset Improper Input Validation vulnerability
pypi
apache-superset
Moderate
about 2 years ago
Apache Superset Server Side Request Forgery vulnerability
pypi
apache-superset
Moderate
about 2 years ago
Apache Superset may expose internal traces on REST API endpoints
pypi
apache-superset
Moderate
about 2 years ago
Apache Superset users may incorrectly create resources using the import charts feature
pypi
apache-superset
Moderate
about 2 years ago
Apache Superset vulnerable to improper data authorization
pypi
apache-superset
Moderate
about 2 years ago
Apache Superset has improper default REST API permission for Gamma users
pypi
apache-superset
Moderate
about 2 years ago
Apache Superset vulnerable to Exposure of Sensitive Information
pypi
apache-superset
Moderate
about 2 years ago
Apache Superset Server-Side Request Forgery vulnerability
pypi
apache-superset
High
over 2 years ago
Apache Superset vulnerable to Cross-Site Request Forgery via legacy REST API endpoints
pypi
apache-superset
Moderate
over 2 years ago
Apache Superset's SQL Alchemy connector vulnerable to SQL Injection
pypi
apache-superset
Moderate
over 2 years ago
Apache Superset is vulnerable to Cross-Site Scripting (XSS)
pypi
apache-superset
Moderate
about 3 years ago
Apache Superset allows authenticated users to access metadata they have no permission to
pypi
apache-superset
High
over 3 years ago
Improper Encoding or Escaping of Output in Apache Superset
pypi
apache-superset
High
over 3 years ago
Apache Superset allowed for database connections password leak for authenticated users
pypi
apache-superset
Moderate
over 3 years ago
Apache Superset Cross-site Scripting (XSS) vulnerability on the Explore page
pypi
apache-superset
High
over 3 years ago
Apache Superset SQL Injection when template processing is enabled
pypi
apache-superset
Moderate
over 5 years ago
Users able to query database metadata in Apache Superset
pypi
apache-superset