VYPR
Moderate severityNVD Advisory· Published Sep 6, 2023· Updated Sep 26, 2024

Apache Superset: Improper data permission validation on Jinja templated queries

CVE-2023-27523

Description

Improper data authorization check on Jinja templated queries in Apache Superset up to and including 2.1.0 allows for an authenticated user to issue queries on database tables they may not have access to.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
apache-supersetPyPI
<= 2.1.0

Affected products

3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.