PyPi: Apache-Superset

CVE-2024-24773

Safety vulnerability ID: 68495

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Feb 28, 2024 Updated at Nov 22, 2024

Scan your Python projects for vulnerabilities →

Advisory

Improper parsing of nested SQL statements on SQLLab would allow authenticated users to surpass their data authorization scope. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1, which fixes the issue.

Affected package

apache-superset

Latest version: 4.1.1

A modern, enterprise-ready business intelligence web application

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://lists.apache.org/thread/h66fy6nj41cfx07zh7l552w6dmtjh501
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24773

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application