Moderate severityNVD Advisory· Published Sep 6, 2023· Updated Sep 26, 2024
Apache Superset: Stack traces enabled by default
CVE-2023-39264
Description
By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users. This vulnerability exists in Apache Superset versions up to and including 2.1.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
apache-supersetPyPI | <= 2.1.0 | — |
Affected products
3- osv-coords2 versions
< 2.1.1+ 1 more
- (no CPE)range: < 2.1.1
- (no CPE)range: <= 2.1.0
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-cpvx-2365-466cghsaADVISORY
- lists.apache.org/thread/y65t1of7hb445n86o1vdzjct7rfwlx75ghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-39264ghsaADVISORY
News mentions
0No linked articles in our index yet.