CVE-2023-46104 Information

Description

Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database dashboards or datasets.   This vulnerability exists in Apache Superset versions up to and including 2.1.2 and versions 3.0.0 3.0.1.

Reference

https://lists.apache.org/thread/yxbxg4wryb7cb7wyybk11l5nqy0rsrvl http://www.openwall.com/lists/oss-security/2023/12/19/1