Product:

Superset

(Apache)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 57
Date Id Summary Products Score Patch Annotated
2019-12-16 CVE-2019-12413 In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query. Superset 5.3
2019-12-16 CVE-2019-12414 In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab Superset 5.3
2018-11-07 CVE-2018-8021 Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior to any Superset release under the Apache Software Foundation. Superset 9.8