[CVE-2019-12413] Apache Incubator Superset meta data leak vulnerability

daniel gaspar Mon, 16 Dec 2019 05:49:13 -0800

Severity: Low

Vendor:
The Apache Software Foundation


Product:
Apache Incubator Superset

Versions Affected:
Superset < 0.31

Description:
A user could query database metadata information from a database he has
no access to, by using a specially crafted complex query.

Mitigation:
Superset users with version prior to 0.31 should upgrade to 0.31 or higher

Please reply to: d...@superset.apache.org
<https://lists.apache.org/list.html?d...@superset.apache.org>

[CVE-2019-12413] Apache Incubator Superset meta data leak vulnerability

Reply via email to