CLEANSTART-2026-RF67070

See a problem?
Import Source
https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-RF67070.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLEANSTART-2026-RF67070
Upstream
  • CVE-2026-45409
  • ghsa-5xmw-vc9v-4wf2
  • ghsa-65pc-fj4g-8rjx
  • ghsa-cfh3-3jmp-rvhc
  • ghsa-pwv6-vv43-88gr
  • ghsa-r73j-pqj5-w3x7
  • ghsa-whj4-6x5x-4v2j
  • ghsa-wjx4-4jcj-g98j
Published
2026-07-09T09:36:58.184272Z
Modified
2026-07-11T01:00:04.261236789Z
Summary
Security fixes for CVE-2026-25990, CVE-2026-40192, CVE-2026-42308, CVE-2026-42309, CVE-2026-42310, CVE-2026-42311, CVE-2026-45409, CVE-2026-48522, CVE-2026-48524, CVE-2026-48525, CVE-2026-48526, ghsa-5xmw-vc9v-4wf2, ghsa-65pc-fj4g-8rjx, ghsa-cfh3-3jmp-rvhc, ghsa-pwv6-vv43-88gr, ghsa-r73j-pqj5-w3x7, ghsa-whj4-6x5x-4v2j, ghsa-wjx4-4jcj-g98j applied in versions: 6.0.0-r5
Details

Multiple security vulnerabilities affect the apache-superset package. These issues are resolved in later releases. See references for individual vulnerability details.

References

Affected packages

CleanStart / apache-superset

Package

Name
apache-superset

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.0-r5

Database specific

source
"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-RF67070.json"