{"uuid": "c169fe3b-a5ae-4b3c-be7a-cdbfcfc4da41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "https://t.me/KomunitiSiber/755", "content": "Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks\nhttps://thehackernews.com/2023/09/alert-apache-superset-vulnerabilities.html\n\nPatches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker to gain remote code execution on affected systems.\nThe update (version 2.1.1) plugs\u00a0CVE-2023-39265\u00a0and\u00a0CVE-2023-37941, which make it possible to conduct nefarious actions once a bad actor is able to gain control of Superset\u2019s metadata database.\nOutside of these", "creation_timestamp": "2023-09-07T13:47:33.000000Z"}