Last updated: Apr 24, 2023
Total CVEs
1
Critical
1
With Exploits
4
Last 30 Days
0
Vulnerability Timeline
1 vulnerabilities discovered over time for Superset
Severity Distribution
Critical1
100%
High2
200%
Medium2
200%
Low1
100%
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2023-27524 | 9.8 | An attacker can gain unauthorized access to sensitive resources in Apache Superset if the default SECRET_KEY hasn't been changed, allowing them to manipulate session cookies. This vulnerability only affects installations that haven't followed the setup instructions to configure a unique SECRET_KEY. | apachesuperset | Exploit Available | almost 3 years agoApr 24, 2023 |
About Apache Superset Security
This page provides comprehensive security vulnerability tracking for Apache Superset. Our database includes all CVEs affecting this product, updated in real-time from official sources.
Each vulnerability listing includes detailed CVSS severity analysis, exploit availability status, AI-generated explanations, and direct links to official security patches and vendor advisories.
Security Recommendations
- • Always keep Superset updated to the latest version
- • Subscribe to security advisories from Apache
- • Monitor this page for new vulnerabilities affecting your version
- • Prioritize patching critical and high severity issues immediately