← volver
CVE-2021-44451

API sensitive information leak

EPSS 7.9%CWE-522
Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. Users should upgrade to Apache Superset 1.4.0 or higher.
Productos afectados
Apache Software Foundation · Apache Superset

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://lists.apache.org/thread/xww1pccs2ckb5506wrf1v4lmxg198vkb