CVE-2021-41972
published 2021-11-12CVE-2021-41972: Apache Superset up to and including 1.3.1 allowed for database connections password leak for authenticated users. This information could be accessed in a…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
Apache Superset up to and including 1.3.1 allowed for database connections password leak for authenticated users. This information could be accessed in a non-trivial way.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | superset | <= 1.3.1 | — |
| apache_software_foundation | apache_superset | Apache Superset – 1.3.1 | — |