BIT-superset-2023-39264

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/superset/BIT-superset-2023-39264.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-superset-2023-39264

Aliases

Published

2025-02-05T07:27:48.606Z

Modified

2025-05-20T10:02:07.006Z

Summary

Apache Superset: Stack traces enabled by default

Details

By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users. This vulnerability exists in Apache Superset versions up to and including 2.1.0.

Database specific

{
    "severity": "Medium",
    "cpes": [
        "cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*"
    ]
}

References

Affected packages

Bitnami / superset

Package

Name: superset
Purl: pkg:bitnami/superset

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.1

Database specific

source

"https://github.com/bitnami/vulndb/tree/main/data/superset/BIT-superset-2023-39264.json"