Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2024-14775
HistoryMar 21, 2024 - 12:00 a.m.

Apache Superset Resource Management Error Vulnerability (CNVD-2024-14775)

2024-03-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
apache superset
data visualization
data exploration
resource management
vulnerability
uncontrolled resource consumption
authenticated attacker
malicious zip
apache foundation
cnvd-2024-14775

AI Score

6.8

Confidence

Low

EPSS

0

Percentile

15.5%

JSON

Apache Superset is a data visualization and data exploration platform from the Apache (USA) Foundation. A resource management error vulnerability exists in Apache Superset versions 2.1.2 and earlier, 3.0.0, and 3.0.1, which stems from uncontrolled resource consumption by the application, and can be exploited by an authenticated attacker to upload a malicious ZIP that may trigger uncontrolled resource consumption.

Related

prion 1
cvelist 1
vulnrichment 1
nvd 1
github 1
cve 1
prion
prion
Code injection
2024-02-14 12:15:00
cvelist
cvelist
CVE-2024-23952 Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104)
2024-02-14 11:09:47
vulnrichment
vulnrichment
CVE-2024-23952 Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104)
2024-02-14 11:09:47
nvd
nvd
CVE-2024-23952
2024-02-14 12:15:47
github
github
Duplicate Advisory: Apache Superset uncontrolled resource consumption
2024-05-30 20:53:33
cve
cve
CVE-2024-23952
2024-02-14 12:15:47

AI Score

6.8

Confidence

Low

EPSS

0

Percentile

15.5%

JSON
Related for CNVD-2024-14775
prion1cvelist1vulnrichment1nvd1github1cve1