Known vulnerabilities in Apache Foundation Apache Superset

Vendor: Apache Foundation
Website: https://www.apache.org
Total Security Bulletins: 30

Security bulletins (30)

Secuity bulletin Severity Status Published
SB2025081945: Multiple vulnerabilities in Apache Superset Low
Patched
19.08.2025
SB2025081944: Information disclosure in Apache Superset Medium
Patched
19.08.2025
SB2025051307: Improper authorization in Apache Superset Medium
Patched
13.05.2025
SB2024120960: Multiple vulnerabilities in Apache Superset Medium
Patched
09.12.2024
SB2024071639: SQL injection in Apache Superset High
Patched
16.07.2024
SB20240620210: Arbitrary file read in Apache Superset Medium
Patched Public exploit
20.06.2024
SB2024050747: Improper access control in Apache Superset Low
Patched
07.05.2024
SB2024022837: Multiple vulnerabilities in Apache Superset Low
Patched
28.02.2024
SB2024013164: Multiple vulnerabilities in Apache Superset Medium
Patched
31.01.2024
SB2024013163: Two vulnerabilities in Apache Superset Low
Patched
31.01.2024
SB2024013162: Denial of service in Apache Superset Medium
Patched
31.01.2024
SB2024013161: Multiple vulnerabilities in Apache Superset Medium
Patched
31.01.2024
SB2024013158: Multiple vulnerabilities in Apache Superset Medium
Patched Public exploit
31.01.2024
SB2024012362: Stored XSS in Apache Superset Low
Patched
23.01.2024
SB2023042444: Multiple vulnerabilities in Apache Superset High
Patched Exploited
24.04.2023
SB2023011711: SQL injection in Apache Superset Low
Patched
17.01.2023
SB2023011710: Multiple vulnerabilities in Apache Superset Low
Patched
17.01.2023
SB2023011708: Information disclosure in Apache Superset Low
Patched
17.01.2023
SB2023011621: Multiple vulnerabilities in Apache Superset Medium
Patched
16.01.2023
SB2022070646: Improper access control in Apache Superset Low
Patched
06.07.2022
SB2022041403: SQL injection in Apache Superset High
Patched
14.04.2022
SB2021101511: Cross-site scripting in Apache Superset Low
Patched
15.10.2021
SB2021042816: Open redirect in Apache Superset Medium
Patched
28.04.2021
SB2021030603: XSS via SVG file in Apache Superset Low
Patched
06.03.2021
SB20200930104: Information disclosure in Apache Superset Low
Patched
30.09.2020
SB2020091703: Remote code execution in Apache Superset Medium
Patched
17.09.2020
SB2020052202: Cross-site scripting in Apache Superset Low
Patched
22.05.2020
SB2020012812: Information disclosure in Apache Superset Medium
Patched
28.01.2020
SB2019121619: Information disclosure in Apache Superset Medium
Patched
16.12.2019
SB2019121618: Information disclosure in Apache Superset Medium
Patched
16.12.2019