CVE-2023-27526
Incorrect Authorization in pypi/apache-superset
Identifiers
CVE-2023-27526, GHSA-9qc3-p9jq-2x27
Package Slug
pypi/apache-superset
Vulnerability
Incorrect Authorization
Description
A non Admin authenticated user could incorrectly create resources using the import charts feature, on Apache Superset up to and including 2.1.0.
Affected Versions
All versions up to 2.1.0
Solution
Upgrade to version 2.1.1 or above.
Last Modified
2023-09-07
| source |