CVE-2021-44451
published 2022-02-01CVE-2021-44451: Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed…
medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EXPLOIT
Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. Users should upgrade to Apache Superset 1.4.0 or higher.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | superset | <= 1.3.2 | — |
| apache_software_foundation | apache_superset | Apache Superset – 1.3.2 | — |