SQL injection in apache-superset
Critical severity
GitHub Reviewed
Published
Apr 14, 2022
to the GitHub Advisory Database
•
Updated Aug 31, 2023
Description
Published by the National Vulnerability Database
Apr 13, 2022
Published to the GitHub Advisory Database
Apr 14, 2022
Reviewed
May 25, 2022
Last updated
Aug 31, 2023
Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue.
References