CVE-2023-36387

Improper Preservation of Permissions in pypi/superset

Identifiers

CVE-2023-36387

Package Slug

pypi/superset

Vulnerability

Improper Preservation of Permissions

Description

An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.

Affected Versions

All versions up to 2.1.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-09-12

source