CVE-2023-42505

Summary

An authenticated user with read permissions on database connections metadata could potentially access sensitive information such as the connection's username.

This issue affects Apache Superset before 3.0.0.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Superset0 < 3.0.0affected

Weaknesses

  • CWE-200: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CVE Program Container

Additional References

References