GHSA-2q6j-vpvr-6pvj

Suggest an improvement
Source
https://github.com/advisories/GHSA-2q6j-vpvr-6pvj
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/07/GHSA-2q6j-vpvr-6pvj/GHSA-2q6j-vpvr-6pvj.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-2q6j-vpvr-6pvj
Aliases
  • CVE-2024-39887
Published
2024-07-16T12:30:37Z
Modified
2024-07-16T20:27:01.598747Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
  • 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
Apache Superset vulnerable to improper SQL authorization
Details

An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. To mitigate this, a new configuration key named DISALLOWEDSQLFUNCTIONS has been introduced. This key disallows the use of the following PostgreSQL functions: version, querytoxml, inetserveraddr, and inetclientaddr. Additional functions can be added to this list for increased protection.

This issue affects Apache Superset: before 4.0.2.

Users are recommended to upgrade to version 4.0.2, which fixes the issue.

Database specific
{
    "nvd_published_at": "2024-07-16T10:15:03Z",
    "cwe_ids": [
        "CWE-89"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2024-07-16T20:04:44Z"
}
References

Affected packages

PyPI / apache-superset

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.2

Affected versions

0.*

0.34.0
0.34.1
0.35.1
0.35.2
0.36.0
0.37.0
0.37.1
0.37.2
0.38.0
0.38.1

1.*

1.0.0
1.0.1
1.1.0
1.2.0
1.3.0
1.3.1
1.3.2
1.4.0
1.4.1
1.4.2
1.5.0
1.5.1
1.5.2
1.5.3

2.*

2.0.0
2.0.1
2.1.0
2.1.1rc1
2.1.1rc2
2.1.1rc3
2.1.1
2.1.2
2.1.3

3.*

3.0.0rc1
3.0.0rc2
3.0.0rc3
3.0.0rc4
3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.1.0rc1
3.1.0rc2
3.1.0rc3
3.1.0rc4
3.1.0
3.1.1
3.1.2
3.1.3

4.*

4.0.0rc1
4.0.0rc2
4.0.0
4.0.1