oss-sec mailing list archives
CVE-2023-27525: Apache Superset: Incorrect default permissions for Gamma role
From: Daniel Gaspar <dpgaspar () apache org>
Date: Mon, 17 Apr 2023 10:04:21 +0000
Description: An authenticated user with Gamma role authorization could have access to metadata information using non trivial methods in Apache Superset up to and including 2.0.1 Credit: NTT DATA (finder) References: https://superset.apache.org https://www.cve.org/CVERecord?id=CVE-2023-27525
Current thread:
- CVE-2023-27525: Apache Superset: Incorrect default permissions for Gamma role Daniel Gaspar (Apr 17)