Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi

apache-superset

pypi · A modern, enterprise-ready business intelligence web application · Package

Security Advisories for apache-superset in pypi

Moderate
about 2 months ago

Apache Superset's chart visualization has a stored Cross-Site Scripting (XSS) vulnerability GSA_kwCzR0hTQS1majk3LTJ2OXgtdzVtNM4ABLFv

pypi apache-superset
Moderate
about 2 months ago

Apache Superset allows authenticated users to discover metadata about datasources they don't have permission to access GSA_kwCzR0hTQS1taHBxLW05NjItbWc5Ms4ABLFx

pypi apache-superset
Moderate
about 2 months ago

Apache Superset data query improperly discloses database schema information to low-privileged guest user GSA_kwCzR0hTQS05ZzV4LW1tMzktd2c5cs4ABLFn

pypi apache-superset
Moderate
about 2 months ago

Apache Superset has bypass of `DISALLOWED_SQL_FUNCTIONS` that allows execution of blocked SQL functions GSA_kwCzR0hTQS1meGdmLTN4aDYtbTJwcM4ABLFm

pypi apache-superset
High
4 months ago

Apache Superset: Improper authorization bypass on row level security via SQL Injection GSA_kwCzR0hTQS04dzdmLThwcjkteGd3as4ABIhH

pypi apache-superset
Moderate
5 months ago

Apache Superset Allows Ownership Takeover GSA_kwCzR0hTQS13NmM3LWozMmYtcnE4as4ABHws

pypi apache-superset
High
10 months ago

Apache Superset: SQLLab Improper readonly query validation allows unauthorized write access GSA_kwCzR0hTQS03ODd2LXY5dnEtNHJnds4ABCXT

pypi apache-superset
High
10 months ago

Apache Superset: Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled GSA_kwCzR0hTQS0zNWZjLTlocmotMzU4Nc4ABCMP

pypi apache-superset
Low
10 months ago

Apache Superset: Improper SQL authorisation, parse not checking for specific postgres functions GSA_kwCzR0hTQS05MnFmLThnaDMtZ3djbc4ABCMu

pypi apache-superset
Moderate
10 months ago

Apache Superset: Error verbosity exposes metadata in analytics databases GSA_kwCzR0hTQS0yY3g5LTU0aHAtcjY5OM4ABCLv

pypi apache-superset
Moderate
about 1 year ago

Apache Superset vulnerable to improper SQL authorization GSA_kwCzR0hTQS0ycTZqLXZwdnItNnB2as4AA96P

pypi apache-superset
Moderate
over 1 year ago

Apache Superset server arbitrary file read GSA_kwCzR0hTQS1oY3I3LWNxd2MtcTVncc4AA9OR

pypi apache-superset
Moderate
over 1 year ago

Apache Superset Incorrect Authorization vulnerability GSA_kwCzR0hTQS0yOTlxLTNwOTYtNTg5OM4AA70V

pypi apache-superset
Moderate
over 1 year ago

Apache Superset: Improper authorization validation on dashboards and charts import GSA_kwCzR0hTQS0zdjlyLTg4NWotNzYyZ84AA5lb

pypi apache-superset
Moderate
over 1 year ago

Apache Superset: Improper data authorization when creating a new dataset GSA_kwCzR0hTQS13cjZnLTl3Y3ItY21xas4AA5le

pypi apache-superset
Moderate
over 1 year ago

Apache Superset: Improper validation of SQL statements allows for unauthorized access to data GSA_kwCzR0hTQS01NDc0LWY3ZzUtMjczcc4AA5ld

pypi apache-superset
Moderate
over 1 year ago

Apache Superset: Improper Neutralization of custom SQL on embedded context GSA_kwCzR0hTQS1tNmptLTN2MzgtNzZqNM4AA5la

pypi apache-superset
Moderate
over 1 year ago

Apache Superset: Improper error handling on alerts GSA_kwCzR0hTQS1oN3I2LThxbW0taGo1cs4AA5lZ

pypi apache-superset
Critical
over 1 year ago

Cross-site Scripting in Apache superset GSA_kwCzR0hTQS1yd2hoLTZ4ODMtODR2Ns4AA4od

pypi apache-superset
Moderate
almost 2 years ago

Apache Superset uncontrolled resource consumption GSA_kwCzR0hTQS05NW1nLWpnZngtNTR2Oc4AA35k

pypi apache-superset
High
almost 2 years ago

Apache Superset incorrect write permissions vulnerability GSA_kwCzR0hTQS1nNDlqLWo0ODktM3hwZs4AA35g

pypi apache-superset
Moderate
almost 2 years ago

Apache Superset SQL injection vulnerability GSA_kwCzR0hTQS1qZnhqLXhmNjcteDcyM84AA35f

pypi apache-superset
High
almost 2 years ago

Apache Superset - Elevation of Privilege GSA_kwCzR0hTQS1mNjc4LWo1NzktNHhmNc4AA3Zv

pypi apache-superset
Moderate
almost 2 years ago

Apache Superset Allocation of Resources Without Limits or Throttling vulnerability GSA_kwCzR0hTQS0zaHA3LTRxcTQtdjVjNs4AA3Zt

pypi apache-superset
Moderate
almost 2 years ago

Apache Superset Open Redirect vulnerability GSA_kwCzR0hTQS1oYzc0LTl2am0tYzl4ds4AA3Zp

pypi apache-superset
Moderate
almost 2 years ago

Apache Superset Exposure of Sensitive Information to an Unauthorized Actor vulnerability GSA_kwCzR0hTQS1mZ3B3LTR3NjktajI1Ns4AA3Zs

pypi apache-superset
Moderate
almost 2 years ago

Apache Superset Cross-site Scripting vulnerability GSA_kwCzR0hTQS13cThxLTk5cDUteGZyd84AA3Xf

pypi apache-superset
Moderate
almost 2 years ago

Apache Superset has Incorrect Default Permissions GSA_kwCzR0hTQS12djY1LWZqZmotNDczNs4AA3Xl

pypi apache-superset
Moderate
about 2 years ago

Apache Superset has incorrect authorization check GSA_kwCzR0hTQS05NWNoLXAzZ3ctMjNxZ84AA1vM

pypi apache-superset
Moderate
about 2 years ago

Apache Superset Deserialization of Untrusted Data vulnerability GSA_kwCzR0hTQS1majR4LW02Mmotd3Z3Z84AA1vL

pypi apache-superset
Moderate
about 2 years ago

Apache Superset Improper Input Validation vulnerability GSA_kwCzR0hTQS1mbTRxLWo4ZzQtYzlqNM4AA1vN

pypi apache-superset
Moderate
about 2 years ago

Apache Superset Server Side Request Forgery vulnerability GSA_kwCzR0hTQS00Zmc5LTV3NDYteG1yas4AA1u4

pypi apache-superset
Moderate
about 2 years ago

Apache Superset may expose internal traces on REST API endpoints GSA_kwCzR0hTQS1jcHZ4LTIzNjUtNDY2Y84AA1un

pypi apache-superset
Moderate
about 2 years ago

Apache Superset users may incorrectly create resources using the import charts feature GSA_kwCzR0hTQS05cWMzLXA5anEtMngyN84AA1up

pypi apache-superset
Moderate
about 2 years ago

Apache Superset vulnerable to improper data authorization GSA_kwCzR0hTQS12NTk0LTJjOTctaHgzOM4AA1ut

pypi apache-superset
Moderate
about 2 years ago

Apache Superset has improper default REST API permission for Gamma users GSA_kwCzR0hTQS05ODMyLW1nZzQtM2dyNs4AA1um

pypi apache-superset
Moderate
about 2 years ago

Apache Superset vulnerable to Exposure of Sensitive Information GSA_kwCzR0hTQS1jbWpjLTUyZmctOWY3as4AA0WQ

pypi apache-superset
Moderate
about 2 years ago

Apache Superset Server-Side Request Forgery vulnerability GSA_kwCzR0hTQS1meGpnLTI4Zm0tcGZ4aM4AA0WB

pypi apache-superset
High
over 2 years ago

Apache superset missing check for default SECRET_KEY GSA_kwCzR0hTQS01Y3gyLXZxM2gteDUyY84AAy8Z

pypi apache-superset
Moderate
over 2 years ago

Apache Superset vulnerable to Improper Authorization GSA_kwCzR0hTQS03amhnLThtNzQtNmY2Z84AAy0X

pypi apache-superset
High
over 2 years ago

Apache Superset vulnerable to Cross-Site Request Forgery via legacy REST API endpoints GSA_kwCzR0hTQS03MjIyLXIzN3gtOHEzbc4AAw_j

pypi apache-superset
Moderate
over 2 years ago

Apache Superset's SQL Alchemy connector vulnerable to SQL Injection GSA_kwCzR0hTQS1jeHZwLTNmcm0tMzg3Ns4AAw_h

pypi apache-superset
Moderate
over 2 years ago

Apache Superset is vulnerable to Cross-Site Scripting (XSS) GSA_kwCzR0hTQS03OXg1LWN2NzktNDlyas4AAw_k

pypi apache-superset
Moderate
over 2 years ago

Apache Superset vulnerable to Cross-site Scripting GSA_kwCzR0hTQS05Zjg4LXdnNXItOTQ3as4AAw_i

pypi apache-superset
Moderate
over 2 years ago

Apache Superset vulnerable to Injection GSA_kwCzR0hTQS1mcG1yLXFtZ2gtNDJ4Ms4AAw_p

pypi apache-superset
Moderate
over 2 years ago

Apache Superset Open Redirect vulnerability GSA_kwCzR0hTQS1mY2c0LXBtNmgtOXh4Ms4AAw_q

pypi apache-superset
Moderate
over 2 years ago

Apache Superset has Improper Access Control GSA_kwCzR0hTQS04ZjVqLW1neDktNWhtNc4AAw_n

pypi apache-superset
Moderate
about 3 years ago

Apache Superset allows authenticated users to access metadata they have no permission to GSA_kwCzR0hTQS03NDhyLTVyOHEtMjczbc4AAtJB

pypi apache-superset
Moderate
over 3 years ago

Apache Superset Stored XSS on Dashboard markdown GSA_kwCzR0hTQS13MzU4LXJqOTMtcjVxds4AArLC

pypi apache-superset
High
over 3 years ago

Apache Superset OS Command Injection GSA_kwCzR0hTQS1jajdnLWg3cmYtaDhqOc4AArGT

pypi apache-superset
High
over 3 years ago

Improper Encoding or Escaping of Output in Apache Superset GSA_kwCzR0hTQS01ZnA4LWM0NW0tMjU2cM4AAqrR

pypi apache-superset
High
over 3 years ago

Apache Superset allowed for database connections password leak for authenticated users GSA_kwCzR0hTQS00MnE0LTl4ZjktZjY3eM4AAqqA

pypi apache-superset
Moderate
over 3 years ago

Apache Superset Cross-site Scripting (XSS) vulnerability on the Explore page GSA_kwCzR0hTQS1mOHZjLWYyOHcteDljOc4AAqUo

pypi apache-superset
High
over 3 years ago

Apache Superset SQL Injection when template processing is enabled GSA_kwCzR0hTQS1wZzhtLTRwOGotMnA1Ns4AAqUX

pypi apache-superset
Critical
over 3 years ago

SQL injection in apache-superset GSA_kwCzR0hTQS13aDczLWhwY2ctdjMyas07XA

pypi apache-superset
High
over 3 years ago

Insufficiently Protected Credentials in Apache Superset GSA_kwCzR0hTQS1oaG0zLTQ4aDItNTk3ds0oGA

pypi apache-superset
Moderate
almost 4 years ago

Open Redirect in Apache Superset GSA_kwCzR0hTQS1wZndnLXJ4ZjQtOTdjM80WMg

pypi apache-superset, superset
High
over 4 years ago

Plaintext password leak in Apache Superset MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3cHctYzNqMi01ZmM4

pypi apache-superset
Moderate
over 5 years ago

Users able to query database metadata in Apache Superset MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1dzctcW1xNi1wbWpy

pypi apache-superset
Moderate
over 5 years ago

Users can view database names in Apache Superset MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTljMjktOWg0bS13ZzVw

pypi apache-superset
Moderate
over 5 years ago

Information disclosure in Apache Superset MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4am0td3ZqOS05YzM5

pypi apache-superset

Filter by Severity

Moderate 45 High 13 Critical 2 Low 1