admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 18:52:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-39264.md

18 lines
772 B
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2023-39264](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39264)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20Superset&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%202.1.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-209%20Generation%20of%20Error%20Message%20Containing%20Sensitive%20Information&color=brighgreen)
### Description
By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users. This vulnerability exists in Apache Superset versions up to and including 2.1.0.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/msegoviag/msegoviag
Reference in New Issue Copy Permalink