PYSEC-2019-173

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/apache-superset/PYSEC-2019-173.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2019-173

Aliases

CVE-2019-12414
GHSA-9c29-9h4m-wg5p

Published

2019-12-16T22:15:00Z

Modified

2023-11-01T04:50:19.985176Z

Summary

[none]

Details

In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab

References

Affected packages

PyPI / apache-superset

Package

Name: apache-superset; View open source insights on deps.dev
Purl: pkg:pypi/apache-superset

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.32

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/apache-superset/PYSEC-2019-173.yaml"