Lucene search
GoogleOSV:PYSEC-2022-36HistoryFeb 01, 2022 - 2:15 p.m.
PYSEC-2022-36
2022-02-0114:15:00
Google
osv.dev
7
apache superset
database connections
password leak
authenticated users
upgrade
EPSS
0.006
Percentile
78.6%
Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. Users should upgrade to Apache Superset 1.4.0 or higher.
Related
cvelist
cvelist
CVE-2021-44451 API sensitive information leak
2022-02-01 13:16:32
nuclei
nuclei
Apache Superset <=1.3.2 - Default Login
2021-07-21 05:21:27
github
github
Insufficiently Protected Credentials in Apache Superset
2022-02-02 00:01:46
osv
osv
Insufficiently Protected Credentials in Apache Superset
2022-02-02 00:01:46
CVE-2021-44451
2022-02-01 14:15:09
nvd
nvd
CVE-2021-44451
2022-02-01 14:15:09
cve
cve
CVE-2021-44451
2022-02-01 14:15:09
cnvd
cnvd
Apache Superset Information Disclosure Vulnerability (CNVD-2022-14706)
2022-02-10 00:00:00
veracode
veracode
Information Disclosure
2022-02-03 06:51:04
prion
prion
Default credentials
2022-02-01 14:15:00