cvedb.io
CVE-2021-37839
MEDIUM · CVSS 4.3
EPSS exploitation probability: 0%
Published 2022-07-06T13:15:09.170 · Last modified 2026-06-17T04:01:11.043

Summary

Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics.

Affected products

apache — superset

Does this affect you?

Add your gear to cvedb and we'll alert you only when apache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.