CVE-2023-36388

Server-Side Request Forgery (SSRF) in pypi/superset

Identifiers

CVE-2023-36388

Package Slug

pypi/superset

Vulnerability

Server-Side Request Forgery (SSRF)

Description

Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF.

Affected Versions

All versions up to 2.1.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-09-12

source