Unnecessary read permissions within the Gamma role would allow authenticated users to read configured CSS templates and annotations.
This issue affects Apache Superset: before 2.1.2.
Users should upgrade to version or above 2.1.2 and run `superset init` to reconstruct the Gamma role or remove `can_read` permission from the mentioned resources.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2023-11-27T10:23:47.721Z
Updated: 2024-08-29T19:05:51.288Z
Reserved: 2023-09-11T09:03:06.448Z
Link: CVE-2023-42501
Vulnrichment
Updated: 2024-08-02T19:23:39.502Z
NVD
Status : Modified
Published: 2023-11-27T11:15:07.743
Modified: 2024-11-21T08:22:40.780
Link: CVE-2023-42501
Redhat
No data.