cbcvebase.
CVE-2019-12414
published 2019-12-16

CVE-2019-12414: In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab

medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab

Affected

1 ranges
VendorProductVersion rangeFixed in
apachesuperset< 0.320.32