all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-25504 (superset)

Add to bookmarks
April 17, 2023, 5:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

A malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature in order to conduct Server-Side Request Forgery
attacks and query internal resources on behalf of the server where Superset
is deployed. This vulnerability exists in Apache Superset versions up to and including 2.0.1.

actor apache apache superset attacks cve forgery import internal malicious may order permissions query request resources server server-side request forgery superset vulnerability

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 5 months, 3 weeks ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Regional Leader, Cyber Crisis Communications

@ Google | United Kingdom
View on infosec-jobs.com

Regional Intelligence Manager, Compliance, Safety and Risk Management

@ Google | London, UK
View on infosec-jobs.com

Senior Analyst, Endpoint Security

@ Scotiabank | Toronto, ON, CA, M1K5L1
View on infosec-jobs.com

Software Engineer, Security/Privacy, Google Cloud

@ Google | Bengaluru, Karnataka, India
View on infosec-jobs.com

Senior Security Engineer

@ Coinbase | Remote - USA
View on infosec-jobs.com
View more jobs