[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2022-27479: Apache Superset: SQL injection vulnerability in chart data API
From: Ville Brofeldt <villebro () apache ! org>
Date: 2022-04-13 16:31:29
Message-ID: c2d11523-cf18-652b-a817-de0dccd15910 () apache ! org
[Download RAW message or body]
Description:
Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data =
requests. Users should update to 1.4.2 or higher which addresses this issue=
.
This issue is being tracked as SUPERSET-20
References:
https://lists.apache.org/thread/94th50j5d0y2fw7ysx0g7w3t6jk3z7q6
https://lists.apache.org/thread/ztb9b6jd9rngoxwvq8r4fhpp401o613y
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic