GHSA-9832-mgg4-3gr6
GitHub Security Advisory
Apache Superset has improper default REST API permission for Gamma users
✓ GitHub Reviewed
MODERATE
Has CVE
Advisory Details
An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.
Affected Packages
PyPI
apache-superset
Affected versions:
0
(last affected: 2.1.0)
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: July 27, 2025 6:35 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.