An authenticated user with privileges to create Alerts on Alerts & Reports has the capability to generate a specially crafted SQL statement that triggers an error on the database. This error is not properly handled by Apache Superset and may inadvertently surface in the error log of the Alert exposing possibly sensitive data. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, which fixes the issue.
Max CVSS
4.3
EPSS Score
0.04%
Published
2024-02-28
Updated
2024-02-28
A low privilege authenticated user could import an existing dashboard or chart that they do not have access to and then modify its metadata, thereby gaining ownership of the object. However, it's important to note that access to the analytical data of these charts and dashboards would still be subject to validation based on data access privileges. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1.Users are recommended to upgrade to version 3.1.1, which fixes the issue.
Max CVSS
4.3
EPSS Score
0.04%
Published
2024-02-28
Updated
2024-02-28
Improper parsing of nested SQL statements on SQLLab would allow authenticated users to surpass their data authorization scope. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1, which fixes the issue.
Max CVSS
4.9
EPSS Score
0.04%
Published
2024-02-28
Updated
2024-02-28
A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, which fixes the issue.
Max CVSS
4.3
EPSS Score
0.04%
Published
2024-02-28
Updated
2024-02-28
Apache Airflow, in versions prior to 2.8.0, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to clear DAGs they shouldn't. This is a missing fix for CVE-2023-42792 in Apache Airflow 2.7.2  Users of Apache Airflow are strongly advised to upgrade to version 2.8.0 or newer to mitigate the risk associated with this vulnerability.
Max CVSS
4.3
EPSS Score
0.10%
Published
2023-12-21
Updated
2023-12-28
We failed to apply CVE-2023-40611 in 2.7.1 and this vulnerability was marked as fixed then.  Apache Airflow, versions before 2.7.3, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have them alter details such as configuration parameters, start date, etc.  Users should upgrade to version 2.7.3 or later which has removed the vulnerability.
Max CVSS
4.3
EPSS Score
0.10%
Published
2023-11-12
Updated
2023-11-20
Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them.  Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution. This issue affects Apache Allura from 1.0.1 through 1.15.0. Users are recommended to upgrade to version 1.16.0, which fixes the issue.  If you are unable to upgrade, set "disable_entry_points.allura.importers = forge-tracker, forge-discussion" in your .ini config file.
Max CVSS
4.9
EPSS Score
0.05%
Published
2023-11-07
Updated
2023-11-15
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.4.0 to 2.7.0. Sensitive configuration information has been exposed to authenticated users with the ability to read configuration via Airflow REST API for configuration even when the expose_config option is set to non-sensitive-only. The expose_config option is False by default. It is recommended to upgrade to a version that is not affected if you set expose_config to non-sensitive-only configuration. This is a different error than CVE-2023-45348 which allows authenticated user to retrieve individual configuration values in 2.7.* by specially crafting their request (solved in 2.7.2). Users are recommended to upgrade to version 2.7.2, which fixes the issue and additionally fixes CVE-2023-45348.
Max CVSS
4.3
EPSS Score
0.04%
Published
2023-10-23
Updated
2023-10-28
Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the "expose_config" option is set to "non-sensitive-only". The `expose_config` option is False by default. It is recommended to upgrade to a version that is not affected.
Max CVSS
4.3
EPSS Score
0.05%
Published
2023-10-14
Updated
2023-11-16
An authenticated user with read permissions on database connections metadata could potentially access sensitive information such as the connection's username. This issue affects Apache Superset before 3.0.0.
Max CVSS
4.3
EPSS Score
0.04%
Published
2023-11-28
Updated
2023-12-04
Unnecessary read permissions within the Gamma role would allow authenticated users to read configured CSS templates and annotations. This issue affects Apache Superset: before 2.1.2. Users should upgrade to version or above 2.1.2 and run `superset init` to reconstruct the Gamma role or remove `can_read` permission from the mentioned resources.
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-11-27
Updated
2023-12-01
Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have them alter details such as configuration parameters, start date, etc. Users should upgrade to version 2.7.1 or later which has removed the vulnerability.
Max CVSS
4.3
EPSS Score
0.10%
Published
2023-09-12
Updated
2024-01-16
By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users. This vulnerability exists in Apache Superset versions up to and including 2.1.0.
Max CVSS
4.3
EPSS Score
0.06%
Published
2023-09-06
Updated
2023-09-11
Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This vulnerability is considered low since it requires DAG code to use `get_sqlalchemy_connection` and someone with access to connection resources specifically updating the connection to exploit it. This issue affects Apache Airflow ODBC Provider: before 4.0.0; Apache Airflow MSSQL Provider: before 3.4.1. It is recommended to upgrade to a version that is not affected
Max CVSS
4.3
EPSS Score
0.04%
Published
2023-06-27
Updated
2023-07-06
An Incorrect authorisation check in SQLLab in Apache Superset versions up to and including 2.1.0. This vulnerability allows an authenticated user to query tables that they do not have proper access to within Superset. The vulnerability can be exploited by leveraging a SQL parsing vulnerability.
Max CVSS
4.3
EPSS Score
0.08%
Published
2023-09-06
Updated
2023-09-12
In the Streampark platform, when users log in to the system and use certain features, some pages provide a name-based fuzzy search, such as job names, role names, etc. The sql syntax :select * from table where jobName like '%jobName%'. However, the jobName field may receive illegal parameters, leading to SQL injection. This could potentially result in information leakage. Mitigation: Users are recommended to upgrade to version 2.1.2, which fixes the issue.
Max CVSS
4.9
EPSS Score
0.07%
Published
2023-12-15
Updated
2023-12-21
When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71 and 8.5.0 to 8.5.85 did not include the secure attribute. This could result in the user agent transmitting the session cookie over an insecure channel.
Max CVSS
4.3
EPSS Score
0.14%
Published
2023-03-22
Updated
2023-03-27
A non Admin authenticated user could incorrectly create resources using the import charts feature, on Apache Superset up to and including 2.1.0. 
Max CVSS
4.3
EPSS Score
0.06%
Published
2023-09-06
Updated
2023-09-11
An authenticated user with Gamma role authorization could have access to metadata information using non trivial methods in Apache Superset up to and including 2.0.1
Max CVSS
4.3
EPSS Score
0.06%
Published
2023-04-17
Updated
2023-04-27
On version 3.0.0 through 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0.0 to 3.1.1, you can turn off the python-gateway function by changing the value `python-gateway.enabled=false` in configuration file `application.yaml`. If you are using the python gateway, please upgrade to version 3.1.2 or above.
Max CVSS
4.3
EPSS Score
0.19%
Published
2023-04-20
Updated
2023-05-01
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation Apache Fineract. Authorized users may be able to change or add data in certain components. This issue affects Apache Fineract: from 1.4 through 1.8.2.
Max CVSS
4.3
EPSS Score
0.06%
Published
2023-03-28
Updated
2023-03-31
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL.
Max CVSS
4.4
EPSS Score
0.14%
Published
2023-08-22
Updated
2024-01-07
Users with write permissions to a repository can delete arbitrary directories.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-11-15
Updated
2022-11-17
In Apache Airflow prior to 2.3.4, an insecure umask was configured for numerous Airflow components when running with the `--daemon` flag which could result in a race condition giving world-writable files in the Airflow home directory and allowing local users to expose arbitrary file contents via the webserver.
Max CVSS
4.7
EPSS Score
0.04%
Published
2022-09-02
Updated
2022-09-29
In Apache Druid 0.22.1 and earlier, the server did not set appropriate headers to prevent clickjacking. Druid 0.23.0 and later prevent clickjacking using the Content-Security-Policy header.
Max CVSS
4.3
EPSS Score
0.31%
Published
2022-07-07
Updated
2022-07-15
237 vulnerabilities found
1 2 3 4 5 6 7 8 9 10
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!