This is a duplicate for CVE-2023-46104. With correct CVE version ranges for affected Apache Superset.
Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets.
This vulnerability exists in Apache Superset versions up to and including 2.1.2 and versions 3.0.0, 3.0.1.
Metrics
Affected Vendors & Products
References
History
Thu, 17 Oct 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apache
Apache superset |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:* | |
Vendors & Products |
Apache
Apache superset |
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2024-02-14T11:09:47.113Z
Updated: 2024-08-14T19:21:37.425Z
Reserved: 2024-01-24T14:56:01.763Z
Link: CVE-2024-23952
Vulnrichment
Updated: 2024-08-01T23:13:08.543Z
NVD
Status : Modified
Published: 2024-02-14T12:15:47.293
Modified: 2024-11-21T08:58:45.077
Link: CVE-2024-23952
Redhat
No data.