CVE-2023-36388 - Exploiting Improper REST API Permission in Apache Superset (Up To and Including v2.1.) for Possible SSRF Attack
A recent vulnerability, CVE-2023-36388, has been discovered in Apache Superset up to and including version 2.1.. This vulnerability occurs due to improper REST API
CVE-2023-39264: Apache Superset Information Disclosure Vulnerability through Enabled Stack Traces
A recently discovered security vulnerability, identified as CVE-2023-39264, has been found to affect Apache Superset, the popular open-source Business Intelligence and Data Visualization web application.
CVE-2023-41947 - Jenkins Frugal Testing Plugin Security Vulnerability Uncovered: Missing Permission Check Risks Unauthorized Access
The open-source automation server, Jenkins, is renowned for making it easier for developers to build, test, and deploy their applications. However, a recent discovery has
CVE-2023-36387 - An In-Depth Analysis of an Improper Default REST API Permission for Gamma Users in Apache Superset (Up to and Including 2.1.) That Allows Testing Database Connections
Abstract: Apache Superset is a popular open-source data exploration and visualization platform. Improper default REST API permissions for Gamma users can lead to a significant
CVE-2023-41946: Jenkins Frugal Testing Plugin CSRF Vulnerability Leads to Unauthorized Authentication and Data Exposure
Cross-Site Request Forgery (CSRF) is a well-known web application vulnerability that enables an attacker to take unwanted actions on behalf of a victim. This can
Episode
00:00:00
00:00:00