Headline
GHSA-fgpw-4w69-j256: Apache Superset Exposure of Sensitive Information to an Unauthorized Actor vulnerability
An authenticated user with read permissions on database connections metadata could potentially access sensitive information such as the connection’s username.
This issue affects Apache Superset before 3.0.0.
Apache Superset Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Moderate severity GitHub Reviewed Published Nov 28, 2023 to the GitHub Advisory Database • Updated Nov 28, 2023
Related news
CVE-2023-42505
An authenticated user with read permissions on database connections metadata could potentially access sensitive information such as the connection's username. This issue affects Apache Superset before 3.0.0.