Количество 2
Количество 2
CVE-2023-49736
A where_in JINJA macro allows users to specify a quote, which combined with a carefully crafted statement would allow for SQL injection in Apache Superset.This issue affects Apache Superset: before 2.1.2, from 3.0.0 before 3.0.2. Users are recommended to upgrade to version 3.0.2, which fixes the issue.
GHSA-jfxj-xf67-x723
Apache Superset SQL injection vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-49736 A where_in JINJA macro allows users to specify a quote, which combined with a carefully crafted statement would allow for SQL injection in Apache Superset.This issue affects Apache Superset: before 2.1.2, from 3.0.0 before 3.0.2. Users are recommended to upgrade to version 3.0.2, which fixes the issue. | CVSS3: 6.5 | 1% Низкий | около 2 лет назад |
| GHSA-jfxj-xf67-x723 Apache Superset SQL injection vulnerability | CVSS3: 6.5 | 1% Низкий | около 2 лет назад |
Уязвимостей на страницу