Date: Wed, 13 Apr 2022 16:31:29 +0000 From: Ville Brofeldt <villebro@...che.org> To: oss-security@...ts.openwall.com Subject: CVE-2022-27479: Apache Superset: SQL injection vulnerability in chart data API Description: Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue. This issue is being tracked as SUPERSET-20 References: https://lists.apache.org/thread/94th50j5d0y2fw7ysx0g7w3t6jk3z7q6 https://lists.apache.org/thread/ztb9b6jd9rngoxwvq8r4fhpp401o613y
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.