Vulnerabilities > Apache > Superset > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-24 | CVE-2023-27524 | Insecure Default Initialization of Resource vulnerability in Apache Superset Session Validation attacks in Apache Superset versions up to and including 2.0.1. | 9.8 |
2022-04-13 | CVE-2022-27479 | SQL Injection vulnerability in Apache Superset Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. | 9.8 |
2018-11-07 | CVE-2018-8021 | Deserialization of Untrusted Data vulnerability in Apache Superset Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. | 9.8 |