user  

Messages by Thread

• Re: Include Non-metric Columns in Bar Chart Tooltip in Apache Superset Elizabeth Thompson
• graph chart with different node icons u...@moosheimer.com
• New Cartodiagram Map u...@moosheimer.com
• CVE-2025-48912: Apache Superset: Improper authorization bypass on row level security via SQL Injection Daniel Gaspar
• CVE-2025-27696: Apache Superset: Improper authorization leading to resource ownership takeover Daniel Gaspar
• Downlod data with superset Andreas . Moroder
• Building several charts from a single invocation of a query Anton Shepelev
• CVE-2024-39887: Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions Daniel Gaspar
• CVE-2024-34693: Apache Superset: Server arbitrary file read Daniel Gaspar
• CVE-2024-28148: Apache Superset: Incorrect datasource authorization on explore REST API Daniel Gaspar
• Participate in the ASF 25th Anniversary Campaign Brian Proffitt
• Community Over Code NA 2024 Travel Assistance Applications now open! Gavin McDonald
• CVE-2024-25128: Vulnerability in custom, long deprecated OpenID (NOT OIDC) authentication method in Flask AppBuilder Daniel Gaspar
• CVE-2024-26016: Apache Superset: Improper authorization validation on dashboards and charts import Daniel Gaspar
• CVE-2024-24779: Apache Superset: Improper data authorization when creating a new dataset Daniel Gaspar
• CVE-2024-24772: Apache Superset: Improper Neutralisation of custom SQL on embedded context Daniel Gaspar
• CVE-2024-24773: Apache Superset: Improper validation of SQL statements allows for unauthorized access to data Daniel Gaspar
• CVE-2024-27315: Apache Superset: Improper error handling on alerts Daniel Gaspar
• Community Over Code Asia 2024 Travel Assistance Applications now open! Gavin McDonald
• CVE-2024-23952: Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104) Daniel Gaspar
• Community over Code EU 2024 Travel Assistance Applications now open! Gavin McDonald
• [no subject] Gavin McDonald
• Security advisory: session logout expiration Daniel Gaspar
• CVE-2023-49657: Apache Superset: Stored XSS in Dashboard Title and Chart Title Daniel Gaspar
• Security advisory: default SECRET_KEY in Helm Chart dpgas...@apache.org
• CVE-2023-49734: Apache Superset: Privilege Escalation Vulnerability Daniel Gaspar
• CVE-2023-49736: Apache Superset: SQL Injection on where_in JINJA macro Daniel Gaspar
• CVE-2023-46104: Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb Daniel Gaspar
• CVE-2023-42504: Apache Superset: Lack of rate limiting allows for possible denial of service Daniel Gaspar
• CVE-2023-42505: Apache Superset: Sensitive information disclosure on db connection details Daniel Gaspar
• CVE-2023-42502: Apache Superset: Open Redirect Vulnerability Daniel Gaspar
• CVE-2023-43701: Apache Superset: Stored XSS on API endpoint Daniel Gaspar
• CVE-2023-42501: Apache Superset: Unnecessary read permissions within the Gamma role Daniel Gaspar
• CVE-2023-40610: Apache Superset: Privilege escalation with default examples database Daniel Gaspar
• Cross Filter and Area Chart u...@moosheimer.com
• CVE-2023-32672: Apache Superset: SQL parser edge case bypasses data access authorization Daniel Gaspar
• CVE-2023-37941: Apache Superset: Metadata db write access can lead to remote code execution Daniel Gaspar
• CVE-2023-39265: Apache Superset: Possible Unauthorized Registration of SQLite Database Connections Daniel Gaspar
• CVE-2023-39264: Apache Superset: Stack traces enabled by default Daniel Gaspar
• CVE-2023-36388: Apache Superset: Improper API permission for low privilege users allows for SSRF Daniel Gaspar
• CVE-2023-36387: Apache Superset: Improper API permission for low privilege users Daniel Gaspar
• Registration open for Community Over Code North America Rich Bowen
• TAC Applications for Community Over Code North America and Asia now open Gavin McDonald
• Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks Turritopsis Dohrnii Teo En Ming