EPSS
Percentile
29.7%
apache-superset is vulnerable to information disclosure. The vulnerability exists due to the insufficiently protected credentials for database connection, allowing an authenticated attacker to access sensitive information.
github.com/apache/superset/commit/72b50b159c024fb03618afef55e91dfbb7e9aeda
github.com/apache/superset/pull/16955/
lists.apache.org/thread/xpdl2r538o695o7r9gd9qrwqb17bdd3v
seclists.org/oss-sec/2021/q4/106