Vulnerabilities > Apache > Superset > 4.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-12 | CVE-2024-55633 | Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset. | 6.5 |
| 2024-12-09 | CVE-2024-53948 | Unspecified vulnerability in Apache Superset Generation of Error Message Containing analytics metadata Information in Apache Superset. This issue affects Apache Superset: before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue. | 5.3 |
| 2024-12-09 | CVE-2024-53949 | Incorrect Authorization vulnerability in Apache Superset Improper Authorization vulnerability in Apache Superset when FAB_ADD_SECURITY_API is enabled (disabled by default). | 6.5 |
| 2024-07-16 | CVE-2024-39887 | Unspecified vulnerability in Apache Superset An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. | 9.8 |
| 2024-06-20 | CVE-2024-34693 | Unspecified vulnerability in Apache Superset Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile enabled. | 5.3 |