CVE-2022-27479

Summary

Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Supersetunspecified < 1.4.2affected

Weaknesses

  • CWE-89: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ADP Enrichment

CVE Program Container

Additional References

References