CVE-2023-36387
Improper Preservation of Permissions in pypi/apache-superset
Identifiers
CVE-2023-36387
Package Slug
pypi/apache-superset
Vulnerability
Improper Preservation of Permissions
Description
An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.
Affected Versions
All versions up to 2.1.0
Solution
Upgrade to version 2.1.1 or above.
Last Modified
2023-09-12
| source |