EPSS
Percentile
78.6%
Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. Users should upgrade to Apache Superset 1.4.0 or higher.
github.com/apache/superset
lists.apache.org/thread/xww1pccs2ckb5506wrf1v4lmxg198vkb
nvd.nist.gov/vuln/detail/CVE-2021-44451