CNNVD-202508-1644 Information

CNNVD ID

CNNVD-202508-1644

Related CVE

CVE-2025-55675

• CNNVD Published: 2025-08-14

Description (Chinese)

Apache Superset是美国阿帕奇（Apache）基金会的一个数据可视化和数据探索平台。 Apache Superset 5.0.0之前版本存在授权问题漏洞，该漏洞源于/explore端点访问控制不当，可能导致敏感数据源信息泄露。

Description (English)

Apache Superset is a data visualization and data exploration platform for the Apache Foundation in the United States. There was a mandate gap in the pre-Apache Superset 5.0.0 version, which stemmed from/explore endpoint access controls that could lead to the disclosure of information on sensitive data sources.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

阿帕奇

Published

2025-08-14

Last Modified

2026-02-24

References

https://lists.apache.org/thread/op681b4kbd7g84tfjf9omz0sxggbcv33 https://nvd.nist.gov/vuln/detail/CVE-2025-55675

Patch

https://superset.apache.org/