Описание
Apache Superset allows authenticated users to access metadata they have no permission to
Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics.
Пакеты
Наименование
apache-superset
pip
Затронутые версииВерсия исправления
< 1.5.1
1.5.1
Связанные уязвимости
CVSS3: 4.3
nvd
больше 3 лет назад
Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics.