oss-sec mailing list archives
[CVE-2019-12414] Apache Incubator Superset medata data leak vulnerability
From: daniel gaspar <danielvazgaspar () gmail com>
Date: Mon, 16 Dec 2019 14:15:35 +0000
Severity: Low Vendor: The Apache Software Foundation Product: Apache Incubator Superset Versions Affected: Superset < 0.32 Description: A user can view database names that he has no access to on a dropdown list in SQLLab Mitigation: Superset users with version prior to 0.32 should upgrade to 0.32 or higher
Current thread:
- [CVE-2019-12414] Apache Incubator Superset medata data leak vulnerability daniel gaspar (Dec 16)